From 85d1f2d493556f113b3f1f4b1800ace6656627ad Mon Sep 17 00:00:00 2001
From: Ed Maste <emaste@FreeBSD.org>
Date: Wed, 23 Feb 2022 13:16:45 -0500
Subject: Vendor import of OpenSSH 8.9p1

---
 .depend                                            |    11 +-
 .github/configs                                    |    76 +-
 .github/configure.sh                               |    17 +-
 .github/setup_ci.sh                                |    41 +-
 .github/workflows/c-cpp.yml                        |    24 +-
 .github/workflows/selfhosted.yml                   |    14 +-
 .github/workflows/upstream.yml                     |     3 +-
 .skipped-commit-ids                                |     1 +
 ChangeLog                                          | 17378 +++++++++----------
 INSTALL                                            |     5 -
 LICENCE                                            |    21 +-
 Makefile.in                                        |    55 +-
 PROTOCOL                                           |    69 +-
 PROTOCOL.agent                                     |    85 +-
 PROTOCOL.mux                                       |     6 +-
 README                                             |     2 +-
 SECURITY.md                                        |     5 +
 addr.c                                             |    30 +-
 atomicio.c                                         |     1 -
 auth-options.c                                     |     4 +-
 auth-rhosts.c                                      |    38 +-
 auth.c                                             |    16 +-
 auth.h                                             |     5 +-
 auth2-gss.c                                        |     5 +-
 auth2-hostbased.c                                  |    11 +-
 auth2-kbdint.c                                     |     5 +-
 auth2-none.c                                       |     5 +-
 auth2-passwd.c                                     |     5 +-
 auth2-pubkey.c                                     |    49 +-
 auth2.c                                            |    70 +-
 authfd.c                                           |   116 +-
 authfd.h                                           |    35 +-
 authfile.c                                         |     4 +-
 channels.c                                         |   554 +-
 channels.h                                         |    31 +-
 clientloop.c                                       |   236 +-
 config.h.in                                        |    36 +-
 configure                                          |   490 +-
 configure.ac                                       |   126 +-
 contrib/redhat/openssh.spec                        |    10 +-
 contrib/suse/openssh.spec                          |     2 +-
 defines.h                                          |    39 +-
 digest-libc.c                                      |    10 +
 dns.c                                              |     4 +-
 gss-genr.c                                         |     1 +
 hostfile.c                                         |    22 +-
 includes.h                                         |     1 -
 kex.c                                              |    48 +-
 kex.h                                              |    13 +-
 kexgen.c                                           |    35 +-
 kexgexc.c                                          |    24 +-
 kexgexs.c                                          |    14 +-
 kexsntrup761x25519.c                               |     4 +-
 loginrec.c                                         |     3 +-
 md5crypt.c                                         |   165 -
 md5crypt.h                                         |    22 -
 misc.c                                             |    90 +-
 misc.h                                             |     4 +-
 moduli                                             |   831 +-
 moduli.0                                           |     2 +-
 monitor.c                                          |    31 +-
 mux.c                                              |     4 +-
 myproposal.h                                       |     3 +-
 nchan.c                                            |    10 +-
 openbsd-compat/arc4random.c                        |     8 +-
 openbsd-compat/base64.c                            |     1 -
 openbsd-compat/bcrypt_pbkdf.c                      |    41 +-
 openbsd-compat/bindresvport.c                      |     1 +
 openbsd-compat/blf.h                               |     7 +-
 openbsd-compat/blowfish.c                          |     7 +-
 openbsd-compat/bsd-closefrom.c                     |     8 +-
 openbsd-compat/bsd-cygwin_util.c                   |     4 +-
 openbsd-compat/bsd-getline.c                       |     2 +-
 openbsd-compat/bsd-openpty.c                       |    76 +-
 openbsd-compat/bsd-poll.c                          |    68 +-
 openbsd-compat/bsd-poll.h                          |    26 +-
 openbsd-compat/bsd-statvfs.c                       |     1 -
 openbsd-compat/dirname.c                           |     1 -
 openbsd-compat/getcwd.c                            |     1 -
 openbsd-compat/inet_aton.c                         |     1 -
 openbsd-compat/inet_ntop.c                         |     1 -
 openbsd-compat/openbsd-compat.h                    |     4 +-
 openbsd-compat/port-solaris.c                      |     1 -
 openbsd-compat/xcrypt.c                            |    17 +-
 packet.c                                           |   103 +-
 packet.h                                           |     3 +-
 platform-tracing.c                                 |    13 +-
 readconf.c                                         |    27 +-
 readconf.h                                         |     7 +-
 regress/Makefile                                   |    14 +-
 regress/agent-getpeereid.sh                        |     3 +
 regress/agent-restrict.sh                          |   495 +
 regress/cert-hostkey.sh                            |    86 +-
 regress/cert-userkey.sh                            |   326 +-
 regress/cipher-speed.sh                            |    10 +
 regress/hostbased.sh                               |    66 +
 regress/hostkey-agent.sh                           |    84 +-
 regress/hostkey-rotate.sh                          |    17 +-
 regress/keys-command.sh                            |     6 +-
 regress/knownhosts.sh                              |    17 +
 regress/login-timeout.sh                           |     4 +-
 regress/misc/fuzz-harness/Makefile                 |     2 +-
 regress/misc/fuzz-harness/kex_fuzz.cc              |     3 +-
 regress/misc/fuzz-harness/ssh-sk-null.cc           |     3 +-
 regress/misc/sk-dummy/sk-dummy.c                   |    55 +-
 regress/percent.sh                                 |     5 +-
 regress/principals-command.sh                      |   220 +-
 regress/sshd-log-wrapper.sh                        |     3 +-
 regress/sshsig.sh                                  |   256 +-
 regress/test-exec.sh                               |    30 +-
 regress/unittests/authopt/tests.c                  |     3 +-
 regress/unittests/bitmap/tests.c                   |     3 +-
 regress/unittests/conversion/tests.c               |     3 +-
 regress/unittests/hostkeys/test_iterate.c          |     3 +-
 regress/unittests/kex/test_kex.c                   |     3 +-
 regress/unittests/match/tests.c                    |     3 +-
 regress/unittests/misc/test_argv.c                 |     3 +-
 regress/unittests/misc/test_convtime.c             |     4 +-
 regress/unittests/misc/test_expand.c               |     3 +-
 regress/unittests/misc/test_hpdelim.c              |    82 +
 regress/unittests/misc/test_parse.c                |     3 +-
 regress/unittests/misc/test_strdelim.c             |     3 +-
 regress/unittests/misc/tests.c                     |     5 +-
 regress/unittests/sshbuf/test_sshbuf.c             |     7 +-
 regress/unittests/sshbuf/test_sshbuf_fixed.c       |     3 +-
 regress/unittests/sshbuf/test_sshbuf_fuzz.c        |     5 +-
 .../unittests/sshbuf/test_sshbuf_getput_basic.c    |     3 +-
 .../unittests/sshbuf/test_sshbuf_getput_crypto.c   |     3 +-
 regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c |     5 +-
 regress/unittests/sshbuf/test_sshbuf_misc.c        |     3 +-
 regress/unittests/sshkey/common.c                  |     3 +-
 regress/unittests/sshkey/test_file.c               |     5 +-
 regress/unittests/sshkey/test_fuzz.c               |     5 +-
 regress/unittests/sshkey/test_sshkey.c             |     5 +-
 regress/unittests/sshsig/tests.c                   |     7 +-
 regress/unittests/sshsig/webauthn.html             |     6 +-
 regress/unittests/test_helper/test_helper.c        |    11 +-
 rijndael.h                                         |     5 +-
 sandbox-capsicum.c                                 |     1 -
 sandbox-seccomp-filter.c                           |    14 +-
 scp.0                                              |     2 +-
 scp.1                                              |     4 +-
 scp.c                                              |    85 +-
 servconf.c                                         |    21 +-
 serverloop.c                                       |   157 +-
 session.c                                          |     5 +-
 sftp-client.c                                      |   200 +-
 sftp-client.h                                      |     4 +-
 sftp-server.0                                      |     2 +-
 sftp-server.c                                      |    85 +-
 sftp.0                                             |     2 +-
 sftp.c                                             |     1 -
 sk-api.h                                           |     7 +-
 sk-usbhid.c                                        |   225 +-
 ssh-add.0                                          |    67 +-
 ssh-add.1                                          |    88 +-
 ssh-add.c                                          |   218 +-
 ssh-agent.0                                        |     2 +-
 ssh-agent.c                                        |   717 +-
 ssh-keygen.0                                       |    37 +-
 ssh-keygen.1                                       |    37 +-
 ssh-keygen.c                                       |   246 +-
 ssh-keyscan.0                                      |     2 +-
 ssh-keyscan.c                                      |    70 +-
 ssh-keysign.0                                      |     2 +-
 ssh-keysign.c                                      |    42 +-
 ssh-pkcs11-client.c                                |    16 +-
 ssh-pkcs11-helper.0                                |     2 +-
 ssh-pkcs11-helper.c                                |     4 +-
 ssh-pkcs11.c                                       |    35 +-
 ssh-sk-client.c                                    |    98 +-
 ssh-sk-helper.c                                    |    33 +-
 ssh-sk.c                                           |   106 +-
 ssh-sk.h                                           |    14 +-
 ssh.0                                              |    12 +-
 ssh.1                                              |    10 +-
 ssh.c                                              |    20 +-
 ssh_config.0                                       |    13 +-
 ssh_config.5                                       |    20 +-
 sshbuf-misc.c                                      |    39 +-
 sshbuf.h                                           |     8 +-
 sshconnect.c                                       |     4 +-
 sshconnect2.c                                      |    79 +-
 sshd.0                                             |     2 +-
 sshd.c                                             |    76 +-
 sshd_config.0                                      |    33 +-
 sshd_config.5                                      |    17 +-
 sshkey.c                                           |    31 +-
 sshkey.h                                           |     6 +-
 sshsig.c                                           |   284 +-
 sshsig.h                                           |     6 +-
 umac.c                                             |     4 +-
 umac.h                                             |     4 +-
 version.h                                          |     4 +-
 194 files changed, 14336 insertions(+), 12395 deletions(-)
 create mode 100644 SECURITY.md
 delete mode 100644 md5crypt.c
 delete mode 100644 md5crypt.h
 create mode 100644 regress/agent-restrict.sh
 create mode 100644 regress/hostbased.sh
 create mode 100644 regress/knownhosts.sh
 create mode 100644 regress/unittests/misc/test_hpdelim.c

diff --git a/.depend b/.depend
index a94a82d0e6f7..945a01dcc05d 100644
--- a/.depend
+++ b/.depend
@@ -13,7 +13,7 @@ auth-krb5.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-com
 auth-options.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssherr.h log.h sshbuf.h misc.h sshkey.h match.h ssh2.h auth-options.h
 auth-pam.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
 auth-passwd.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h packet.h openbsd-compat/sys-queue.h dispatch.h sshbuf.h ssherr.h log.h misc.h servconf.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h auth-options.h
-auth-rhosts.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h packet.h openbsd-compat/sys-queue.h dispatch.h uidswap.h pathnames.h log.h ssherr.h misc.h sshbuf.h sshkey.h servconf.h canohost.h hostfile.h auth.h auth-pam.h audit.h loginrec.h
+auth-rhosts.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h packet.h openbsd-compat/sys-queue.h dispatch.h uidswap.h pathnames.h log.h ssherr.h misc.h xmalloc.h sshbuf.h sshkey.h servconf.h canohost.h hostfile.h auth.h auth-pam.h audit.h loginrec.h
 auth-shadow.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
 auth-sia.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
 auth.o: authfile.h monitor_wrap.h compat.h channels.h
@@ -74,11 +74,10 @@ kexgexs.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compa
 kexsntrup761x25519.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssherr.h
 krl.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ./openbsd-compat/sys-tree.h openbsd-compat/sys-queue.h sshbuf.h ssherr.h sshkey.h authfile.h misc.h log.h digest.h bitmap.h utf8.h krl.h
 log.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h ssherr.h match.h
-loginrec.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h sshkey.h hostfile.h ssh.h loginrec.h log.h ssherr.h atomicio.h packet.h openbsd-compat/sys-queue.h dispatch.h canohost.h auth.h auth-pam.h audit.h sshbuf.h
+loginrec.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h sshkey.h hostfile.h ssh.h loginrec.h log.h ssherr.h atomicio.h packet.h openbsd-compat/sys-queue.h dispatch.h canohost.h auth.h auth-pam.h audit.h sshbuf.h misc.h
 logintest.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h loginrec.h
 mac.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h digest.h hmac.h umac.h mac.h misc.h ssherr.h sshbuf.h openbsd-compat/openssl-compat.h
 match.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h match.h misc.h
-md5crypt.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
 misc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h misc.h log.h ssherr.h ssh.h sshbuf.h
 moduli.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
 monitor.o: chacha.h poly1305.h cipher-aesctr.h rijndael.h kex.h mac.h crypto_api.h dh.h packet.h dispatch.h auth-options.h sshpty.h channels.h session.h sshlogin.h canohost.h log.h ssherr.h misc.h servconf.h monitor.h monitor_wrap.h monitor_fdpass.h compat.h ssh2.h authfd.h match.h sk-api.h
@@ -110,7 +109,7 @@ sandbox-seccomp-filter.o: includes.h config.h defines.h platform.h openbsd-compa
 sandbox-solaris.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
 sandbox-systrace.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
 sc25519.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sc25519.h crypto_api.h
-scp.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/glob.h xmalloc.h ssh.h atomicio.h pathnames.h log.h ssherr.h misc.h progressmeter.h utf8.h sftp-common.h sftp-client.h
+scp.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/glob.h xmalloc.h ssh.h atomicio.h pathnames.h log.h ssherr.h misc.h progressmeter.h utf8.h sftp.h sftp-common.h sftp-client.h
 servconf.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/glob.h openbsd-compat/sys-queue.h xmalloc.h ssh.h log.h ssherr.h sshbuf.h misc.h servconf.h compat.h pathnames.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h sshkey.h
 servconf.o: kex.h mac.h crypto_api.h match.h channels.h groupaccess.h canohost.h packet.h dispatch.h hostfile.h auth.h auth-pam.h audit.h loginrec.h myproposal.h digest.h
 serverloop.o: cipher-aesctr.h rijndael.h kex.h mac.h crypto_api.h hostfile.h auth.h auth-pam.h audit.h loginrec.h session.h auth-options.h serverloop.h
@@ -127,8 +126,8 @@ sftp.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h
 sk-usbhid.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
 sntrup761.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
 srclimit.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h addr.h canohost.h log.h ssherr.h misc.h srclimit.h xmalloc.h
-ssh-add.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh.h log.h ssherr.h sshkey.h sshbuf.h authfd.h authfile.h pathnames.h misc.h digest.h ssh-sk.h sk-api.h
-ssh-agent.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h sshbuf.h sshkey.h authfd.h compat.h log.h ssherr.h misc.h digest.h match.h msg.h pathnames.h ssh-pkcs11.h sk-api.h
+ssh-add.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh.h log.h ssherr.h sshkey.h sshbuf.h authfd.h authfile.h pathnames.h misc.h digest.h ssh-sk.h sk-api.h hostfile.h
+ssh-agent.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h sshbuf.h sshkey.h authfd.h compat.h log.h ssherr.h misc.h digest.h match.h msg.h pathnames.h ssh-pkcs11.h sk-api.h myproposal.h
 ssh-dss.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
 ssh-ecdsa-sk.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/openssl-compat.h sshbuf.h ssherr.h digest.h sshkey.h
 ssh-ecdsa.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
diff --git a/.github/configs b/.github/configs
index 12578c067348..853da58a51e3 100755
--- a/.github/configs
+++ b/.github/configs
@@ -15,6 +15,8 @@ LTESTS=""
 SKIP_LTESTS=""
 SUDO=sudo	# run with sudo by default
 TEST_SSH_UNSAFE_PERMISSIONS=1
+# Stop on first test failure to minimize logs
+TEST_SSH_FAIL_FATAL=yes
 
 CONFIGFLAGS=""
 LIBCRYPTOFLAGS=""
@@ -25,9 +27,29 @@ case "$config" in
     c89)
 	CC="gcc"
 	CFLAGS="-Wall -std=c89 -pedantic -Werror=vla"
-	CONFIGFLAGS="--without-openssl --without-zlib"
+	CONFIGFLAGS="--without-zlib"
+	LIBCRYPTOFLAGS="--without-openssl"
 	TEST_TARGET=t-exec
 	;;
+    cygwin-release)
+	CONFIGFLAGS="--with-libedit --with-xauth=/usr/bin/xauth --disable-strip --with-security-key-builtin"
+	;;
+   clang-12-Werror)
+	CC="clang-12"
+	# clang's implicit-fallthrough requires that the code be annotated with
+	# __attribute__((fallthrough)) and does not understand /* FALLTHROUGH */
+	CFLAGS="-Wall -Wextra -O2 -Wno-error=implicit-fallthrough"
+	CONFIGFLAGS="--with-pam --with-Werror"
+	;;
+    gcc-11-Werror)
+	CC="gcc"
+	# -Wnoformat-truncation in gcc 7.3.1 20180130 fails on fmt_scaled
+	CFLAGS="-Wall -Wextra -Wno-format-truncation -O2 -Wimplicit-fallthrough=4"
+	CONFIGFLAGS="--with-pam --with-Werror"
+	;;
+    clang*|gcc*)
+	CC="$config"
+	;;
     kitchensink)
 	CONFIGFLAGS="--with-kerberos5 --with-libedit --with-pam"
 	CONFIGFLAGS="${CONFIGFLAGS} --with-security-key-builtin --with-selinux"
@@ -36,12 +58,21 @@ case "$config" in
     hardenedmalloc)
 	CONFIGFLAGS="--with-ldflags=-lhardened_malloc"
 	;;
-    kerberos5)
+    tcmalloc)
+	CONFIGFLAGS="--with-ldflags=-ltcmalloc"
+	;;
+    krb5|heimdal)
 	CONFIGFLAGS="--with-kerberos5"
 	;;
     libedit)
 	CONFIGFLAGS="--with-libedit"
 	;;
+    musl)
+	CC="musl-gcc"
+	CONFIGFLAGS="--without-zlib"
+	LIBCRYPTOFLAGS="--without-openssl"
+	TEST_TARGET="t-exec"
+	;;
     pam-krb5)
 	CONFIGFLAGS="--with-pam --with-kerberos5"
 	SSHD_CONFOPTS="UsePam yes"
@@ -76,9 +107,9 @@ case "$config" in
 	# Valgrind slows things down enough that the agent timeout test
 	# won't reliably pass, and the unit tests run longer than allowed
 	# by github so split into three separate tests.
-	tests2="rekey integrity"
-	tests3="krl forward-control sshsig"
-	tests4="cert-userkey cert-hostkey kextype sftp-perm keygen-comment"
+	tests2="rekey integrity try-ciphers sftp"
+	tests3="krl forward-control sshsig agent-restrict kextype"
+	tests4="cert-userkey cert-hostkey kextype sftp-perm keygen-comment percent"
 	case "$config" in
 	    valgrind-1)
 		# All tests except agent-timeout (which is flaky under valgrind)
@@ -122,22 +153,25 @@ case "${TARGET_HOST}" in
 	SKIP_LTESTS="forwarding multiplex proxy-connect hostkey-agent agent-ptrace"
 	;;
     minix3)
-	CC="clang"
-	LIBCRYPTOFLAGS="--without-openssl"
+	LIBCRYPTOFLAGS="--without-openssl --disable-security-key"
 	# Minix does not have a loopback interface so we have to skip any
-	# test that relies on it.
+	# test that relies on one.
+	# Also, Minix seems to be very limited in the number of select()
+	# calls that can be operating concurrently, so prune additional tests for that.
+	T="addrmatch agent-restrict brokenkeys cfgmatch cfgmatchlisten cfgparse connect
+	    connect-uri exit-status forward-control forwarding hostkey-agent
+	    key-options keyscan knownhosts-command login-timeout multiplex
+	    reconfigure reexec rekey scp scp-uri scp3 sftp sftp-badcmds
+	    sftp-batch sftp-cmds sftp-glob sftp-perm sftp-uri stderr-data
+	    transfer"
+	SKIP_LTESTS="$(echo $T)"
 	TEST_TARGET=t-exec
-	SKIP_LTESTS="addrmatch cfgparse key-options reexec agent connect"
-	SKIP_LTESTS="$SKIP_LTESTS keyscan rekey allow-deny-users connect-uri"
-	SKIP_LTESTS="$SKIP_LTESTS knownhosts-command sftp-uri brokenkeys"
-	SKIP_LTESTS="$SKIP_LTESTS exit-status login-timeout stderr-data"
-	SKIP_LTESTS="$SKIP_LTESTS cfgmatch forward-control multiplex transfer"
-	SKIP_LTESTS="$SKIP_LTESTS cfgmatchlisten forwarding reconfigure"
 	SUDO=""
 	;;
     nbsd4)
 	# System compiler will ICE on some files with fstack-protector
-	CONFIGFLAGS="${CONFIGFLAGS} --without-hardening"
+	# SHA256 functions in sha2.h conflict with OpenSSL's breaking sk-dummy
+	CONFIGFLAGS="${CONFIGFLAGS} --without-hardening --disable-security-key"
 	;;
     sol10|sol11)
 	# sol10 VM is 32bit and the unit tests are slow.
@@ -150,6 +184,15 @@ case "${TARGET_HOST}" in
 	;;
 esac
 
+# Unless specified otherwise, build without OpenSSL on Mac OS since
+# modern versions don't ship with libcrypto.
+case "`./config.guess`" in
+*-darwin*)
+	LIBCRYPTOFLAGS="--without-openssl"
+	TEST_TARGET=t-exec
+	;;
+esac
+
 # If we have a local openssl/libressl, use that.
 if [ -z "${LIBCRYPTOFLAGS}" ]; then
 	# last-match
@@ -167,4 +210,5 @@ if [ -x "$(which plink 2>/dev/null)" ]; then
 	export REGRESS_INTEROP_PUTTY
 fi
 
-export CC CFLAGS LTESTS SUDO TEST_TARGET TEST_SSH_UNSAFE_PERMISSIONS
+export CC CFLAGS LTESTS SUDO
+export TEST_TARGET TEST_SSH_UNSAFE_PERMISSIONS TEST_SSH_FAIL_FATAL
diff --git a/.github/configure.sh b/.github/configure.sh
index e098730f02d6..502bf5f0d407 100755
--- a/.github/configure.sh
+++ b/.github/configure.sh
@@ -2,5 +2,20 @@
 
 . .github/configs $1
 
-set -x
+printf "$ "
+
+if [ "x$CC" != "x" ]; then
+	printf "CC='$CC' "
+fi
+if [ "x$CFLAGS" != "x" ]; then
+	printf "CFLAGS='$CFLAGS' "
+fi
+if [ "x$CPPFLAGS" != "x" ]; then
+	printf "CPPFLAGS='$CPPFLAGS' "
+fi
+if [ "x$LDFLAGS" != "x" ]; then
+	printf "LDFLAGS='$LDFLAGS' "
+fi
+
+echo ./configure ${CONFIGFLAGS}
 ./configure ${CONFIGFLAGS}
diff --git a/.github/setup_ci.sh b/.github/setup_ci.sh
index 107c049c4175..ca37f8c5512f 100755
--- a/.github/setup_ci.sh
+++ b/.github/setup_ci.sh
@@ -1,6 +1,8 @@
 #!/bin/sh
 
-case $(./config.guess) in
+ . .github/configs $@
+
+case "`./config.guess`" in
 *-darwin*)
 	brew install automake
 	exit 0
@@ -20,23 +22,30 @@ set -ex
 lsb_release -a
 
 if [ "${TARGETS}" = "kitchensink" ]; then
-	TARGETS="kerberos5 libedit pam sk selinux"
+	TARGETS="krb5 libedit pam sk selinux"
 fi
 
+for flag in $CONFIGFLAGS; do
+    case "$flag" in
+    --with-pam)		PACKAGES="${PACKAGES} libpam0g-dev" ;;
+    --with-libedit)	PACKAGES="${PACKAGES} libedit-dev" ;;
+    esac
+done
+
 for TARGET in $TARGETS; do
     case $TARGET in
-    default|without-openssl|without-zlib|c89)
+    default|without-openssl|without-zlib|c89|libedit|*pam)
         # nothing to do
         ;;
-    kerberos5)
-        PACKAGES="$PACKAGES heimdal-dev"
-        #PACKAGES="$PACKAGES libkrb5-dev"
-        ;;
-    libedit)
-        PACKAGES="$PACKAGES libedit-dev"
+    clang-*|gcc-*)
+        compiler=$(echo $TARGET | sed 's/-Werror//')
+        PACKAGES="$PACKAGES $compiler"
         ;;
-    *pam)
-        PACKAGES="$PACKAGES libpam0g-dev"
+    krb5)
+        PACKAGES="$PACKAGES libkrb5-dev"
+	;;
+    heimdal)
+        PACKAGES="$PACKAGES heimdal-dev"
         ;;
     sk)
         INSTALL_FIDO_PPA="yes"
@@ -47,7 +56,13 @@ for TARGET in $TARGETS; do
         ;;
     hardenedmalloc)
         INSTALL_HARDENED_MALLOC=yes
-       ;;
+        ;;
+    musl)
+	PACKAGES="$PACKAGES musl-tools"
+	;;
+    tcmalloc)
+        PACKAGES="$PACKAGES libgoogle-perftools-dev"
+        ;;
     openssl-noec)
 	INSTALL_OPENSSL=OpenSSL_1_1_1k
 	SSLCONFOPTS="no-ec"
@@ -93,7 +108,7 @@ if [ "${INSTALL_HARDENED_MALLOC}" = "yes" ]; then
     (cd ${HOME} &&
      git clone https://github.com/GrapheneOS/hardened_malloc.git &&
      cd ${HOME}/hardened_malloc &&
-     make -j2 && sudo cp libhardened_malloc.so /usr/lib/)
+     make -j2 && sudo cp out/libhardened_malloc.so /usr/lib/)
 fi
 
 if [ ! -z "${INSTALL_OPENSSL}" ]; then
diff --git a/.github/workflows/c-cpp.yml b/.github/workflows/c-cpp.yml
index 152ddaa4fba6..5ee896308478 100644
--- a/.github/workflows/c-cpp.yml
+++ b/.github/workflows/c-cpp.yml
@@ -24,16 +24,28 @@ jobs:
           - { os: ubuntu-20.04, configs: valgrind-4 }
           - { os: ubuntu-20.04, configs: valgrind-unit }
           - { os: ubuntu-20.04, configs: c89 }
+          - { os: ubuntu-20.04, configs: clang-6.0 }
+          - { os: ubuntu-20.04, configs: clang-8 }
+          - { os: ubuntu-20.04, configs: clang-9 }
+          - { os: ubuntu-20.04, configs: clang-10 }
+          - { os: ubuntu-20.04, configs: clang-11 }
+          - { os: ubuntu-20.04, configs: clang-12-Werror }
+          - { os: ubuntu-20.04, configs: gcc-7 }
+          - { os: ubuntu-20.04, configs: gcc-8 }
+          - { os: ubuntu-20.04, configs: gcc-10 }
+          - { os: ubuntu-20.04, configs: gcc-11-Werror }
           - { os: ubuntu-20.04, configs: pam }
           - { os: ubuntu-20.04, configs: kitchensink }
           - { os: ubuntu-20.04, configs: hardenedmalloc }
+          - { os: ubuntu-20.04, configs: tcmalloc }
+          - { os: ubuntu-20.04, configs: musl }
           - { os: ubuntu-latest, configs: libressl-master }
           - { os: ubuntu-latest, configs: libressl-2.2.9 }
           - { os: ubuntu-latest, configs: libressl-2.8.3 }
           - { os: ubuntu-latest, configs: libressl-3.0.2 }
           - { os: ubuntu-latest, configs: libressl-3.2.6 }
           - { os: ubuntu-latest, configs: libressl-3.3.4 }
-          - { os: ubuntu-latest, configs: libressl-3.4.0 }
+          - { os: ubuntu-latest, configs: libressl-3.4.1 }
           - { os: ubuntu-latest, configs: openssl-master }
           - { os: ubuntu-latest, configs: openssl-noec }
           - { os: ubuntu-latest, configs: openssl-1.0.1 }
@@ -46,7 +58,8 @@ jobs:
           - { os: ubuntu-latest, configs: openssl-1.1.1_stable } # stable branch
           - { os: ubuntu-latest, configs: openssl-3.0 }          # stable branch
           - { os: ubuntu-18.04, configs: pam }
-          - { os: ubuntu-18.04, configs: kerberos5 }
+          - { os: ubuntu-18.04, configs: krb5 }
+          - { os: ubuntu-18.04, configs: heimdal }
           - { os: ubuntu-18.04, configs: libedit }
           - { os: ubuntu-18.04, configs: sk }
           - { os: ubuntu-18.04, configs: selinux }
@@ -63,6 +76,13 @@ jobs:
       run: autoreconf
     - name: configure
       run: ./.github/configure.sh ${{ matrix.configs }}
+    - name: save config
+      uses: actions/upload-artifact@v2
+      with:
+        name: ${{ matrix.os }}-${{ matrix.configs }}-config
+        path: config.h
+    - name: make clean
+      run: make clean
     - name: make
       run: make -j2
     - name: make tests
diff --git a/.github/workflows/selfhosted.yml b/.github/workflows/selfhosted.yml
index df6eca714fb5..09f7af939912 100644
--- a/.github/workflows/selfhosted.yml
+++ b/.github/workflows/selfhosted.yml
@@ -17,6 +17,7 @@ jobs:
       matrix:
         os:
           - ARM64
+          - alpine
           - bbone
           - dfly30
           - dfly48
@@ -26,7 +27,7 @@ jobs:
           - fbsd10
           - fbsd12
           - fbsd13
-          - hurd
+          # - hurd
           - minix3
           # - nbsd2
           - nbsd3
@@ -35,8 +36,8 @@ jobs:
           - nbsd9
           - obsd51
           - obsd67
-          - obsd68
           - obsd69
+          - obsd70
           - obsdsnap
           - openindiana
           # - rocky84
@@ -64,6 +65,7 @@ jobs:
           - { os: sol11,  configs: pam-krb5 }
           - { os: sol11,  configs: sol64 }
           # - { os: sol11,  configs: sol64-pam }
+          - { os: win10,  configs: cygwin-release }
     steps:
     - uses: actions/checkout@v2
     - name: autoreconf
@@ -74,10 +76,18 @@ jobs:
       run: vmstartup
     - name: configure
       run: vmrun ./.github/configure.sh ${{ matrix.configs }}
+    - name: save config
+      uses: actions/upload-artifact@v2
+      with:
+        name: ${{ matrix.os }}-${{ matrix.configs }}-config
+        path: config.h
+    - name: make clean
+      run: vmrun make clean
     - name: make
       run: vmrun make
     - name: make tests
       run: vmrun ./.github/run_test.sh ${{ matrix.configs }}
+      timeout-minutes: 300
     - name: save logs
       if: failure()
       uses: actions/upload-artifact@v2
diff --git a/.github/workflows/upstream.yml b/.github/workflows/upstream.yml
index f0493c12d7d5..b91083c65184 100644
--- a/.github/workflows/upstream.yml
+++ b/.github/workflows/upstream.yml
@@ -13,7 +13,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        os: [ obsdsnap, obsdsnap-i386, obsd69, obsd68 ]
+        os: [ obsdsnap, obsdsnap-i386 ]
         configs: [ default, without-openssl ]
     steps:
     - uses: actions/checkout@v2
@@ -31,6 +31,7 @@ jobs:
       run: vmrun "cd /usr/src/usr.bin/ssh && sudo make install"
     - name: make tests
       run: vmrun "cd /usr/src/regress/usr.bin/ssh && make obj && make clean && if test '${{ matrix.configs }}' = 'without-openssl'; then make SUDO=sudo OPENSSL=no; else make SUDO=sudo; fi"
+      timeout-minutes: 300
     - name: save logs
       if: failure()
       uses: actions/upload-artifact@v2
diff --git a/.skipped-commit-ids b/.skipped-commit-ids
index 1de78172232a..c606eaee6c51 100644
--- a/.skipped-commit-ids
+++ b/.skipped-commit-ids
@@ -23,6 +23,7 @@ d9b910e412d139141b072a905e66714870c38ac0	Makefile.inc
 07b5031e9f49f2b69ac5e85b8da4fc9e393992a0	Makefile.inc
 cc12a9029833d222043aecd252d654965c351a69	moduli-gen Makefile
 7ac6c252d2a5be8fbad4c66d9d35db507c9dac5b	moduli update
+6b52cd2b637f3d29ef543f0ce532a2bce6d86af5	makefile change
 
 Old upstream tree:
 
diff --git a/ChangeLog b/ChangeLog
index 9e660ec37ef3..c225b94dfd3e 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,13611 +1,11979 @@
-commit bf944e3794eff5413f2df1ef37cddf96918c6bde
+commit 166456cedad3962b83b848b1e9caf80794831f0f
 Author: Damien Miller <djm@mindrot.org>
-Date:   Mon Sep 27 00:03:19 2021 +1000
+Date:   Wed Feb 23 22:31:11 2022 +1100
 
-    initgroups needs grp.h
+    makedepend
 
-commit 8c5b5655149bd76ea21026d7fe73ab387dbc3bc7
+commit 32ebaa0dbca5d0bb86e384e72bebc153f48413e4
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sun Sep 26 14:01:11 2021 +0000
+Date:   Wed Feb 23 11:18:13 2022 +0000
 
-    upstream: openssh-8.8
+    upstream: avoid integer overflow of auth attempts (harmless, caught
     
-    OpenBSD-Commit-ID: 12357794602ac979eb7312a1fb190c453f492ec4
+    by monitor)
+    
+    OpenBSD-Commit-ID: 488ad570b003b21e0cd9e7a00349cfc1003b4d86
 
-commit f3cbe43e28fe71427d41cfe3a17125b972710455
+commit 6e0258c64c901753df695e06498b26f9f4812ea6
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sun Sep 26 14:01:03 2021 +0000
+Date:   Wed Feb 23 11:17:10 2022 +0000
 
-    upstream: need initgroups() before setresgid(); reported by anton@,
+    upstream: randomise the password used in fakepw
     
-    ok deraadt@
+    OpenBSD-Commit-ID: 34e159f73b1fbf0a924a9c042d8d61edde293947
+
+commit bf114d6f0a9df0b8369823d9a0daa6c72b0c4cc9
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Feb 23 11:15:57 2022 +0000
+
+    upstream: use asprintf to construct .rhosts paths
     
-    OpenBSD-Commit-ID: 6aa003ee658b316960d94078f2a16edbc25087ce
+    OpenBSD-Commit-ID: 8286e8d3d2c6ff916ff13d041d1713073f738a8b
 
-commit 8acaff41f7518be40774c626334157b1b1c5583c
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sun Sep 26 22:16:36 2021 +1000
+commit c07e154fbdc7285e9ec54e78d8a31f7325d43537
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Feb 23 11:07:09 2022 +0000
 
-    update version numbers for release
+    upstream: openssh-8.9
+    
+    OpenBSD-Commit-ID: 5c5f791c87c483cdab6d9266b43acdd9ca7bde0e
 
-commit d39039ddc0010baa91c70a0fa0753a2699bbf435
-Author: kn@openbsd.org <kn@openbsd.org>
-Date:   Sat Sep 25 09:40:33 2021 +0000
+commit bc16667b4a1c3cad7029304853c143a32ae04bd4
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Tue Feb 22 15:29:22 2022 +1100
 
-    upstream: RSA/SHA-1 is not used by default anymore
+    Extend select+rlimit sanbox test to include poll.
     
-    OK dtucker deraadt djm
+    POSIX specifies that poll() shall fail if "nfds argument is greater
+    than {OPEN_MAX}".  The setrlimit sandbox sets this to effectively zero
+    so this causes poll() to fail in the preauth privsep process.
     
-    OpenBSD-Commit-ID: 055c51a221c3f099dd75c95362f902da1b8678c6
+    This is likely the underlying cause for the previously observed similar
+    behaviour of select() on plaforms where it is implement in userspace on
+    top of poll().
 
-commit 9b2ee74e3aa8c461eb5552a6ebf260449bb06f7e
+commit 6520c488de95366be031d49287ed243620399e23
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Sep 24 11:08:03 2021 +1000
+Date:   Tue Feb 22 13:08:59 2022 +1100
 
-    Move the fgrep replacement to hostkey-rotate.sh.
-    
-    The fgrep replacement for buggy greps doesn't work in the sftp-glob test
-    so move it to just where we know it's needed.
+    Add Alpine Linux test VM.
 
-commit f7039541570d4b66d76e6f574544db176d8d5c02
+commit a4b325a3fc82d11e0f5d61f62e7fde29415f7afb
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Sep 24 08:04:14 2021 +1000
+Date:   Tue Feb 22 12:27:07 2022 +1100
 
-    Replacement function for buggy fgrep.
+    Include sys/param.h if present.
     
-    GNU (f)grep <=2.18, as shipped by FreeBSD<=12 and NetBSD<=9 will
-    occasionally fail to find ssh host keys in the hostkey-rotate test.
-    If we have those versions, use awk instead.
+    Needed for howmany() on MUSL systems such as Alpine.
 
-commit f6a660e5bf28a01962af87568e118a2d2e79eaa0
-Author: David Manouchehri <david.manouchehri@riseup.net>
-Date:   Thu Sep 23 17:03:18 2021 -0400
+commit 5a102e9cb287a43bd7dfe594b775a89a8e94697c
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Tue Feb 22 12:25:52 2022 +1100
 
-    Don't prompt for yes/no questions.
+    Only include sys/poll.h if we don't have poll.h.
+    
+    Prevents warnings on MUSL based systems such as Alpine.
 
-commit 7ed1a3117c09f8c3f1add35aad77d3ebe1b85b4d
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Sep 20 06:53:56 2021 +0000
+commit 7c0d4ce911d5c58b6166b2db754a4e91f352adf5
+Author: Damien Miller <djm@mindrot.org>
+Date:   Tue Feb 22 11:14:51 2022 +1100
 
-    upstream: fix missing -s in SYNOPSYS and usage() as well as a
+    disable agent-restrict test on minix3
     
-    capitalisation mistake; spotted by jmc@
+    Minix seems to have a platform-wide limit on the number of
+    select(2) syscalls that can be concurrently issued. This test
+    seems to exceed this limit.
     
-    OpenBSD-Commit-ID: 0ed8ee085c7503c60578941d8b45f3a61d4c9710
+    Refer to:
+    
+    https://github.com/Stichting-MINIX-Research-Foundation/minix/blob/R3.3.0/minix/servers/vfs/select.c#L114
+    https://github.com/Stichting-MINIX-Research-Foundation/minix/blob/R3.3.0/minix/servers/vfs/select.c#L30-L31
 
-commit 8c07170135dde82a26886b600a8bf6fb290b633d
+commit 81d33d8e3cf7ea5ce3a5653c6102b623e019428a
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Mon Feb 21 21:27:20 2022 +1100
+
+    Skip agent-getpeereid when running as root.
+
+commit fbd772570a25436a33924d91c164d2b24021f010
 Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Mon Sep 20 04:02:13 2021 +0000
+Date:   Sun Feb 20 03:47:26 2022 +0000
 
-    upstream: Fix "Allocated port" debug message
+    upstream: Aproximate realpath on the expected output by deduping
     
-    for unix domain sockets. From peder.stray at gmail.com via github PR#272,
-    ok deraadt@
+    leading slashes. Fixes test failure when user's home dir is / which is
+    possible in some portable configurations.
     
-    OpenBSD-Commit-ID: 8d5ef3fbdcdd29ebb0792b5022a4942db03f017e
+    OpenBSD-Regress-ID: 53b8c53734f8893806961475c7106397f98d9f63
 
-commit 277d3c6adfb128b4129db08e3d65195d94b55fe7
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Sep 20 01:55:42 2021 +0000
+commit 336685d223a59f893faeedf0a562e053fd84058e
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Sun Feb 20 13:30:52 2022 +1100
 
-    upstream: Switch scp back to use the old protocol by default, ahead of
-    
-    release. We'll wait a little longer for people to pick up sftp-server(8) that
-    supports the extension that scp needs for ~user paths to continue working in
-    SFTP protocol mode. Discussed with deraadt@
+    Really move DSA to end of list.
     
-    OpenBSD-Commit-ID: f281f603a705fba317ff076e7b11bcf2df941871
+    In commit ad16a84e syncing from OpenBSD, RSA was accidentally moved to
+    the end of the list instead of DSA.  Spotted by andrew at fyfe.gb.net.
 
-commit ace19b34cc15bea3482be90450c1ed0cd0dd0669
+commit 63bf4f49ed2fdf2da6f97136c9df0c8168546eb3
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Feb 18 12:12:21 2022 +1100
+
+    Add test configs for MUSL C library.
+
+commit f7fc6a43f1173e8b2c38770bf6cee485a562d03b
+Author: Damien Miller <djm@mindrot.org>
+Date:   Thu Feb 17 22:54:19 2022 +1100
+
+    minix needs BROKEN_POLL too; chokes on /dev/null
+
+commit 667fec5d4fe4406745750a32f69b5d2e1a75e94b
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sat Sep 18 02:03:25 2021 +0000
+Date:   Thu Feb 17 10:58:27 2022 +0000
 
-    upstream: better error message for ~user failures when the
+    upstream: check for EINTR/EAGAIN failures in the rfd fast-path; caught
     
-    sftp-server lacks the expand-path extension; ok deraadt@
+    by dtucker's minix3 vm :) ok dtucker@
     
-    OpenBSD-Commit-ID: 9c1d965d389411f7e86f0a445158bf09b8f9e4bc
+    OpenBSD-Commit-ID: 2e2c895a3e82ef347aa6694394a76a438be91361
 
-commit 6b1238ba971ee722a310d95037b498ede5539c03
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Thu Sep 16 15:22:22 2021 +0000
+commit 41417dbda9fb55a0af49a8236e3ef9d50d862644
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Thu Feb 17 22:05:29 2022 +1100
 
-    upstream: make some more scp-in-SFTP mode better match Unix idioms
-    
-    suggested by deraadt@
+    Comment hurd test, the VM is currently broken.
+
+commit b2aee35a1f0dc798339b3fcf96136da71b7e3f6d
+Author: Damien Miller <djm@mindrot.org>
+Date:   Thu Feb 17 21:15:16 2022 +1100
+
+    find sk-dummy.so when build_dir != src_dir
     
-    OpenBSD-Commit-ID: 0f2439404ed4cf0b0be8bf49a1ee734836e1ac87
+    spotted by Corinna Vinschen; feedback & ok dtucker@
 
-commit e694f8ac4409931e67d08ac44ed251b20b10a957
+commit 62a2d4e50b2e89f2ef04576931895d5139a5d037
+Author: Damien Miller <djm@mindrot.org>
+Date:   Wed Feb 16 16:26:17 2022 +1100
+
+    update versions in preparation for 8.9 release
+
+commit dd6d3dded721ac653ea73c017325e5bfeeec837f
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Thu Sep 16 15:11:19 2021 +0000
+Date:   Tue Feb 15 05:13:36 2022 +0000
 
-    upstream: allow log_stderr==2 to prefix log messages with argv[0]
+    upstream: document the unbound/host-bound options to
     
-    use this to make scp's SFTP mode error messages more scp-like
+    PubkeyAuthentication; spotted by HARUYAMA Seigo
     
-    prompted by and ok deraadt@
+    OpenBSD-Commit-ID: 298f681b66a9ecd498f0700082c7a6c46e948981
+
+commit df93529dd727fdf2fb290700cd4f1adb0c3c084b
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Mon Feb 14 14:19:40 2022 +1100
+
+    Test if sshd accidentally acquires controlling tty
     
-    OpenBSD-Commit-ID: 0e821dbde423fc2280e47414bdc22aaa5b4e0733
+    When SSHD_ACQUIRES_CTTY is defined, test for the problematic behaviour
+    in the STREAMS code before activating the workaround.  ok djm@
 
-commit 8a7a06ee505cb833e613f74a07392e9296286c30
+commit 766176cfdbfd7ec38bb6118dde6e4daa0df34888
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Sep 17 13:03:31 2021 +1000
+Date:   Sat Feb 12 10:24:56 2022 +1100
 
-    Test against LibreSSL 3.2.6, 3.3.4, 3.4.0.
+    Add cygwin-release test config.
+    
+    This tests the flags used to build the cygwin release binaries.
 
-commit c25c84074a47f700dd6534995b4af4b456927150
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Thu Sep 16 05:36:03 2021 +0000
+commit b30698662b862f5397116d23688aac0764e0886e
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Feb 11 21:00:35 2022 +1100
 
-    upstream: missing space character in ssh -G output broke the
+    Move SSHD_ACQUIRES_CTTY workaround into compat.
     
-    t-sshcfgparse regression test; spotted by anton@
+    On some (most? all?) SysV based systems with STREAMS based ptys,
+    sshd could acquire a controlling terminal during pty setup when
+    it pushed the "ptem" module, due to what is probably a bug in
+    the STREAMS driver that's old enough to vote.  Because it was the
+    privileged sshd's controlling terminal, it was not available for
+    the user's session, which ended up without one.  This is known to
+    affect at least Solaris <=10, derivatives such as OpenIndiana and
+    several other SysV systems.  See bz#245 for the backstory.
     
-    OpenBSD-Commit-ID: bcc36fae2f233caac4baa8e58482da4aa350eed0
+    In the we past worked around that by not calling setsid in the
+    privileged sshd child, which meant it was not a session or process
+    group leader.  This solved controlling terminal problem because sshd
+    was not eligble to acquire one, but had other side effects such as
+    not cleaning up helper subprocesses in the SIGALRM handler since it
+    was not PG leader.  Recent cleanups in the signal handler uncovered
+    this, resulting in the LoginGraceTime timer not cleaning up privsep
+    unprivileged processes.
+    
+    This change moves the workaround into the STREAMS pty allocation code,
+    by allocating a sacrificial pty to act as sshd's controlling terminal
+    before allocating user ptys, so those are still available for users'
+    sessions.
+    
+    On the down side:
+     - this will waste a pty per ssh connection on affected platforms.
+    
+    On the up side:
+     - it makes the process group behaviour consistent between platforms.
+    
+     - it puts the workaround nearest the code that actually causes the
+       problem and competely out of the mainline code.
+    
+     - the workaround is only activated if you use the STREAMS code.  If,
+       say, Solaris 11 has the bug but also a working openpty() it doesn't
+       matter that we defined SSHD_ACQUIRES_CTTY.
+    
+     - the workaround is only activated when the fist pty is allocated,
+       ie in the post-auth privsep monitor.  This means there's no risk
+       of fd leaks to the unprivileged processes, and there's no effect on
+       sessions that do not allocate a pty.
+    
+    Based on analysis and work by djm@, ok djm@
 
-commit a4bee1934bf5e5575fea486628f4123d6a29dff8
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Sep 15 06:56:01 2021 +0000
+commit cd00b48cf10f3565936a418c1e6d7e48b5c36140
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Feb 11 20:09:32 2022 +1100
 
-    upstream: allow CanonicalizePermittedCNAMEs=none in ssh_config; ok
+    Simplify handling of --with-ssl-dir.
     
-    markus@
+    ok djm@
+
+commit ea13fc830fc0e0dce2459f1fab2ec5099f73bdf0
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Feb 11 13:39:29 2022 +1100
+
+    Stop testing OpenBSD HEAD on 6.9 and 7.0.
     
-    OpenBSD-Commit-ID: 668a82ba8e56d731b26ffc5703213bfe071df623
+    HEAD is not guaranteed to work on previous stable branches, and at the
+    moment is broken due to libfido API changes.
 
-commit d0fffc88c8fe90c1815c6f4097bc8cbcabc0f3dd
-Author: mbuhl@openbsd.org <mbuhl@openbsd.org>
-Date:   Tue Sep 14 11:04:21 2021 +0000
+commit 50b9e4a4514697ffb9592200e722de6b427cb9ff
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Feb 11 00:43:56 2022 +0000
 
-    upstream: put back the mux_ctx memleak fix for SSH_CHANNEL_MUX_CLIENT
+    upstream: Always initialize delim before passing to hpdelim2 which
     
-    OK mfriedl@
+    might not set it. Found by the Valgrind tests on github, ok deraadt@
     
-    OpenBSD-Commit-ID: 1aba1da828956cacaadb81a637338734697d9798
+    OpenBSD-Commit-ID: c830c0db185ca43beff3f41c19943c724b4f636d
 
-commit 19b3d846f06697c85957ab79a63454f57f8e22d6
-Author: schwarze@openbsd.org <schwarze@openbsd.org>
-Date:   Sat Sep 11 09:05:50 2021 +0000
+commit 6ee53064f476cf163acd5521da45b11b7c57321b
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Feb 11 10:03:06 2022 +1100
 
-    upstream: Do not ignore SIGINT while waiting for input if editline(3)
+    Fix helper include path and remove excess code.
     
-    is not used. Instead, in non-interactive mode, exit sftp(1), like for other
-    serious errors. As pointed out by dtucker@, when compiled without editline(3)
-    support in portable OpenSSH, the el == NULL branch is also used for
-    interactive mode. In that case, discard the input line and provide a fresh
-    prompt to the user just like in the case where editline(3) is used. OK djm@
+    Looks like test_hpdelim.c was imported twice into the same file.
+    Spotted by kevin.brott at gmail com and chris at cataclysmal org.
+
+commit 9fa63a19f68bc87452d3cf5c577cafad2921b7a4
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Thu Feb 10 23:27:02 2022 +1100
+
+    Put poll.h inside ifdef.
+
+commit 3ac00dfeb54b252c15dcbf1971582e9e3b946de6
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Thu Feb 10 22:17:31 2022 +1100
+
+    We now support POLLPRI so actually define it.
+
+commit 25bd659cc72268f2858c5415740c442ee950049f
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Sun Feb 6 22:58:33 2022 +0000
+
+    upstream: Add test for empty hostname with port.
     
-    OpenBSD-Commit-ID: 7d06f4d3ebba62115527fafacf38370d09dfb393
+    OpenBSD-Regress-ID: e19e89d3c432b68997667efea44cf015bbe2a7e3
 
-commit ba61123eef9c6356d438c90c1199a57a0d7bcb0a
+commit a29af853cff41c0635f0378c00fe91bf9c91dea4
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Feb 4 07:53:44 2022 +0000
+
+    upstream: Add unit tests for hpdelim.
+    
+    OpenBSD-Regress-ID: be97b85c19895e6a1ce13c639765a3b48fd95018
+
+commit 9699151b039ecc5fad9ac6c6c02e9afdbd26f15f
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sat Sep 11 00:40:24 2021 +0000
+Date:   Thu Feb 10 04:12:38 2022 +0000
 
-    upstream: when using SFTP protocol, continue transferring files after a
+    upstream: revert for imminent OpenSSH release, which wil ship with
     
-    transfer error occurs. This matches original scp/rcp behaviour. ok dtucker@
+    scp in RCP mode.
     
-    OpenBSD-Commit-ID: dfe4558d71dd09707e9b5d6e7d2e53b793da69fa
+    > revision 1.106
+    > date: 2021/10/15 14:46:46;  author: deraadt;  state: Exp;  lines: +13 -9;  commitid: w5n9B2RE38tFfggl;
+    > openbsd 7.0 release shipped with the (hopefully last) scp that uses RCP
+    > protocol for copying.  Let's get back to testing the SFTP protocol.
+    
+    This will be put back once the OpenSSH release is done.
+    
+    OpenBSD-Commit-ID: 0c725481a78210aceecff1537322c0b2df03e768
 
-commit b0ec59a708b493c6f3940336b1a537bcb64dd2a7
+commit 45279abceb37c3cbfac8ba36dde8b2c8cdd63d32
 Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Sep 10 11:38:38 2021 +0000
+Date:   Tue Feb 8 08:59:12 2022 +0000
 
-    upstream: Document that non-interactive commands are run via the user's
+    upstream: Switch hpdelim interface to accept only ":" as delimiter.
     
-    shell using the -c flag.  ok jmc@
+    Historicallly, hpdelim accepted ":" or "/" as a port delimiter between
+    hosts (or addresses) and ports.  These days most of the uses for "/"
+    are no longer accepted, so there are several places where it checks the
+    delimiter to disallow it.  Make hpdelim accept only ":" and use hpdelim2
+    in the other cases.  ok djm@
     
-    OpenBSD-Commit-ID: 4f0d912077732eead10423afd1acf4fc0ceec477
+    OpenBSD-Commit-ID: 7e6420bd1be87590b6840973f5ad5305804e3102
 
-commit 66a658b5d9e009ea11f8a0ca6e69c7feb2d851ea
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Sep 10 10:26:02 2021 +0000
+commit a1bcbf04a7c2d81944141db7ecd0ba292d175a66
+Author: pedro martelletto <pedro@yubico.com>
+Date:   Mon Feb 7 09:09:59 2022 +0100
 
-    upstream: Document behaviour of arguments following non-interactive
+    fix typos in previous
+
+commit 56192518e329b39f063487bc2dc4d796f791eca0
+Author: Damien Miller <djm@mindrot.org>
+Date:   Mon Feb 7 12:53:47 2022 +1100
+
+    compat code for fido_assert_set_clientdata()
+
+commit d6b5aa08fdcf9b527f8b8f932432941d5b76b7ab
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Feb 7 01:25:12 2022 +0000
+
+    upstream: use libfido2 1.8.0+ fido_assert_set_clientdata() instead
     
-    commands. Prompted by github PR#139 from EvanTheB, feedback & ok djm@ jmc@
+    of manually hashing data outselves. Saves a fair bit of code and makes life
+    easier for some -portable platforms.
     
-    OpenBSD-Commit-ID: fc758d1fe0471dfab4304fcad6cd4ecc3d79162a
+    OpenBSD-Commit-ID: 351dfaaa5ab1ee928c0e623041fca28078cff0e0
 
-commit 1d47e28e407d1f95fdf8f799be23f48dcfa5206b
+commit 86cc93fd3c26b2e0c7663c6394995fb04ebfbf3b
+Author: jsg@openbsd.org <jsg@openbsd.org>
+Date:   Sun Feb 6 00:29:03 2022 +0000
+
+    upstream: remove please from manual pages ok jmc@ sthen@ millert@
+    
+    OpenBSD-Commit-ID: 6543acb00f4f38a23472538e1685c013ca1a99aa
+
+commit ad16a84e64a8cf1c69c63de3fb9008320a37009c
 Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Sep 10 07:11:11 2021 +0000
+Date:   Fri Feb 4 02:49:17 2022 +0000
 
-    upstream: Clarify which file's attributes -p preserves, and that
+    upstream: Since they are deprecated, move DSA to the end of the
     
-    it's specifically the file mode bits. bz#3340 from calestyo at scientia.net,
-    ok djm@ jmc@
+    default list of public keys so that they will be tried last.  From github
+    PR#295 from "ProBackup-nl", ok djm@
     
-    OpenBSD-Commit-ID: f09e6098ed1c4be00c730873049825f8ee7cb884
+    OpenBSD-Commit-ID: 7e5d575cf4971d4e2de92e0b6d6efaba53598bf0
 
-commit b344db7a413478e4c21e4cadba4a970ad3e6128a
+commit 253de42753de85dde266e061b6fec12ca6589f7d
+Author: Damien Miller <djm@mindrot.org>
+Date:   Wed Feb 2 16:52:07 2022 +1100
+
+    portable-specific string array constification
+    
+    from Mike Frysinger
+
+commit dfdcc2220cf359c492d5d34eb723370e8bd8a19e
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Sep 10 05:46:09 2021 +0000
+Date:   Tue Feb 1 23:37:15 2022 +0000
 
-    upstream: openssh-7.4 was incorrectly listed twice; spotted by
+    upstream: test 'ssh-keygen -Y find-principals' with wildcard
     
-    Dmitry Belyavskiy, ok dtucker@
+    principals; from Fabian Stelzer
     
-    OpenBSD-Commit-ID: 4b823ae448f6e899927ce7b04225ac9e489f58ef
+    OpenBSD-Regress-ID: fbe4da5f0032e7ab496527a5bf0010fd700f8f40
 
-commit 9136d6239ad7a4a293e0418a49b69e70c76d58b8
-Author: jmc@openbsd.org <jmc@openbsd.org>
-Date:   Thu Sep 9 06:17:39 2021 +0000
+commit 968e508967ef42480cebad8cf3172465883baa77
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Jan 21 02:54:41 2022 +0000
 
-    upstream: - move CAVEATS to its correct order - use the term
+    upstream: Enable all supported ciphers and macs in the server
     
-    "legacy" protocol rather than "original", as the latter made the text
-    misleading - uppercase SCP
+    before trying to benchmark them.  Increase the data file size to get more
+    signal.
     
-    ok djm
+    OpenBSD-Regress-ID: dc3697d9f7defdfc51c608782c8e750128e46eb6
+
+commit 15b7199a1fd37eff4c695e09d573f3db9f4274b7
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Feb 1 23:34:47 2022 +0000
+
+    upstream: allow 'ssh-keygen -Y find-principals' to match wildcard
     
-    OpenBSD-Commit-ID: 8479255746d5fa76a358ee59e7340fecf4245ff0
+    principals in allowed_signers files; from Fabian Stelzer
+    
+    OpenBSD-Commit-ID: 1e970b9c025b80717dddff5018fe5e6f470c5098
 
-commit 2d678c5e3bdc2f5c99f7af5122e9d054925d560d
-Author: David Carlier <devnexen@gmail.com>
-Date:   Wed Sep 8 19:49:54 2021 +0100
+commit 541667fe6dc26d7881e55f0bb3a4baa6f3171645
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Feb 1 23:32:51 2022 +0000
 
-    Disable tracing on FreeBSD using procctl.
+    upstream: mark const string array contents const too, i.e. static
     
-    Placed at the start of platform_disable_tracing() to prevent declaration
-    after code errors from strict C89 compilers (in the unlikely event that
-    more than one method is enabled).
+    const char *array => static const char * const array from Mike Frysinger
+    
+    OpenBSD-Commit-ID: a664e31ea6a795d7c81153274a5f47b22bdc9bc1
 
-commit 73050fa38fb36ae3326d768b574806352b97002d
+commit 8cfa73f8a2bde4c98773f33f974c650bdb40dd3c
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Sep 8 23:31:39 2021 +0000
+Date:   Tue Feb 1 23:11:11 2022 +0000
 
-    upstream: Use the SFTP protocol by default. The original scp/rcp
+    upstream: better match legacy scp behaviour: show un-expanded paths
     
-    protocol remains available via the -O flag.
+    in error messages. Spotted by and ok tb@
     
-    Note that ~user/ prefixed paths in SFTP mode require a protocol extension
-    that was first shipped in OpenSSH 8.7.
+    OpenBSD-Commit-ID: 866c8ffac5bd7d38ecbfc3357c8adfa58af637b7
+
+commit 4e62c13ab419b4b224c8bc6a761e91fcf048012d
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Tue Feb 1 07:57:32 2022 +0000
+
+    upstream: Remove explicit kill of privsep preauth child's PID in
     
-    ok deraadt, after baking in snaps for a while without incident
+    SIGALRM handler. It's no longer needed since the child will get terminated by
+    the SIGTERM to the process group that cleans up any auth helpers, it
+    simplifies the signal handler and removes the risk of a race when updating
+    the PID. Based on analysis by HerrSpace in github PR#289, ok djm@
     
-    OpenBSD-Commit-ID: 23588976e28c281ff5988da0848cb821fec9213c
+    OpenBSD-Commit-ID: 2be1ffa28b4051ad9e33bb4371e2ec8a31d6d663
 
-commit c4565e69ffa2485cff715aa842ea7a350296bfb6
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Wed Sep 8 21:09:49 2021 +1000
+commit 2a7ccd2ec4022917b745af7186f514f365b7ebe9
+Author: guenther@openbsd.org <guenther@openbsd.org>
+Date:   Fri Jan 28 06:18:42 2022 +0000
 
-    Really fix test on OpenSSL 1.1.1 stable.
+    upstream: When it's the possessive of 'it', it's spelled "its",
+    
+    without the apostrophe.
+    
+    OpenBSD-Commit-ID: fb6ab9c65bd31de831da1eb4631ddac018c5fae7
 
-commit 79f1bb5f56cef3ae9276207316345b8309248478
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Wed Sep 8 18:51:39 2021 +1000
+commit 8a0848cdd3b25c049332cd56034186b7853ae754
+Author: Alex James <theracermaster@gmail.com>
+Date:   Sun Jan 30 16:13:36 2022 -0600
 
-    Correct OpenSSL 1.1.1 stable identifier.
+    sandbox-seccomp-filter: allow gettid
+    
+    Some allocators (such as Scudo) use gettid while tracing allocations [1].
+    Allow gettid in preauth to prevent sshd from crashing with Scudo.
+    
+    [1]: https://github.com/llvm/llvm-project/blob/llvmorg-13.0.0/compiler-rt/lib/gwp_asan/common.cpp#L46
 
-commit b6255593ed5ccbe5e7d3d4b26b2ad31ad4afc232
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Wed Sep 8 18:39:44 2021 +1000
+commit b30d32159dc3c7052f4bfdf36357996c905af739
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Jan 22 00:49:34 2022 +0000
 
-    Increment nfds when coming from startup_pipe.
+    upstream: add a ssh_packet_process_read() function that reads from
     
-    If we have to increase nfds because startup_pipe[0] is above any of the
-    descriptors passed in the fd_sets, we also need to add 1 to nfds since
-    select takes highest FD number plus one.  bz#3345 from yaroslav.kuzmin
-    at vmssoftware.com.
+    a fd directly into the transport input buffer.
+    
+    Use this in the client and server mainloops to avoid unnecessary
+    copying. It also lets us use a more greedy read size without penalty.
+    
+    Yields a 2-3% performance gain on cipher-speed.sh (in a fairly
+    unscientific test tbf)
+    
+    feedback dtucker@ ok markus@
+    
+    OpenBSD-Commit-ID: df4112125bf79d8e38e79a77113e1b373078e632
 
-commit a3e92a6794817df6012ac8546aea19652cc91b61
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Wed Sep 8 13:45:10 2021 +1000
+commit a1a8efeaaa9cccb15cdc0a2bd7c347a149a3a7e3
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Jan 22 00:45:31 2022 +0000
 
-    Tests for OpenSSL 3.0.0 release & 1.1.1 branch.
+    upstream: Use sshbuf_read() to read directly into the channel input
+    
+    buffer rather than into a stack buffer that needs to be copied again;
+    Improves performance by about 1% on cipher-speed.sh feedback dtucker@ ok
+    markus@
+    
+    OpenBSD-Commit-ID: bf5e6e3c821ac3546dc8241d8a94e70d47716572
 
-commit 4afe431da98ec1cf6a2933fe5658f4fd68dee9e2
+commit 29a76994e21623a1f84d68ebb9dc5a3c909fa3a7
+Author: Damien Miller <djm@mindrot.org>
+Date:   Tue Jan 25 11:52:34 2022 +1100
+
+    depend
+
+commit 754e0d5c7712296a7a3a83ace863812604c7bc4f
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Sep 8 03:23:44 2021 +0000
+Date:   Sat Jan 22 00:43:43 2022 +0000
 
-    upstream: correct my mistake in previous fix; spotted by halex
+    upstream: Add a sshbuf_read() that attempts to read(2) directly in
     
-    OpenBSD-Commit-ID: 3cc62d92e3f70006bf02468fc146bfc36fffa183
+    to a sshbuf; ok markus@
+    
+    OpenBSD-Commit-ID: 2d8f249040a4279f3bc23c018947384de8d4a45b
 
-commit ca0e455b9331213ff9505a21b94c38e34faa2bba
+commit c7964fb9829d9ae2ece8b51a76e4a02e8449338d
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Sep 7 06:03:51 2021 +0000
+Date:   Fri Jan 21 07:04:19 2022 +0000
 
-    upstream: avoid NULL deref in -Y find-principals. Report and fix
+    upstream: add a helper for writing an error message to the
     
-    from Carlo Marcelo Arenas Belón
-    MIME-Version: 1.0
-    Content-Type: text/plain; charset=UTF-8
-    Content-Transfer-Encoding: 8bit
+    stderr_buf and setting quit_pending; no functional change but saves a bunch
+    of boilerplate
     
-    OpenBSD-Commit-ID: 6238486f8ecc888d6ccafcd9ad99e621bb41f1e0
+    OpenBSD-Commit-ID: 0747657cad6b9eabd514a6732adad537568e232d
 
-commit 37616807f150fb46610bbd5031c31af4857ad1e9
-Author: millert@openbsd.org <millert@openbsd.org>
-Date:   Mon Sep 6 00:36:01 2021 +0000
+commit d23b4f7fdb1bd87e2cd7a9ae7c198ae99d347916
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Jan 21 06:58:06 2022 +0000
 
-    upstream: revision 1.381 neglected to remove
+    upstream: correct comment and use local variable instead of long
     
-    sChallengeResponseAuthentication from the enum.  Noticed by
-    christos@zoulas.com.  OK dtucker@
+    indirection; spotted by dtucker@
     
-    OpenBSD-Commit-ID: b533283a4dd6d04a867da411a4c7a8fbc90e34ff
+    OpenBSD-Commit-ID: 5f65f5f69db2b7d80a0a81b08f390a63f8845965
 
-commit 7acb3578cdfec0b3d34501408071f7a96c1684ea
+commit d069b020a02b6e3935080204ee44d233e8158ebb
+Author: deraadt@openbsd.org <deraadt@openbsd.org>
+Date:   Fri Jan 21 00:53:40 2022 +0000
+
+    upstream: When poll(2) returns -1, for some error conditions
+    
+    pfd[].revents is not cleared.  There are subtle errors in various programs.
+    In this particular case, the program should error out. ok djm millert
+    
+    OpenBSD-Commit-ID: 00f839b16861f7fb2adcf122e95e8a82fa6a375c
+
+commit e204b34337a965feb439826157c191919fd9ecf8
+Author: Damien Miller <djm@mindrot.org>
+Date:   Sat Jan 22 11:38:21 2022 +1100
+
+    restore tty force-read hack
+    
+    This portable-specific hack fixes a hang on exit for ttyful sessions
+    on Linux and some SysVish Unix variants. It was accidentally disabled
+    in commit 5c79952dfe1a (a precursor to the mainloop poll(2) conversion).
+    
+    Spotted by John in bz3383
+
+commit 68085066b6bad43643b43f5957fcc5fd34782ccd
+Author: Corinna Vinschen <vinschen@redhat.com>
+Date:   Fri Jan 21 03:22:56 2022 +1100
+
+    Fix signedness bug in Cygwin code
+    
+    The Cygwin-specific pattern match code has a bug.  It checks
+    the size_t value returned by mbstowcs for being < 0.  The right
+    thing to do is to check against (size_t) -1.  Fix that.
+    
+    Signed-off-by: Corinna Vinschen <vinschen@redhat.com>
+
+commit 2e5cfed513e84444483baf1d8b31c40072b05103
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Sun Sep 5 20:45:42 2021 +1000
+Date:   Thu Jan 20 13:26:27 2022 +1100
 
-    Correct version_num for OpenSSL dev branch.
+    Improve compatibility of early exit trap handling.
+    
+    Dash (as used by the github runners) has some differences in its trap
+    builtin:
+     - it doesn't have -p (which is fine, that's not in posix).
+     - it doesn't work in a subshell (which turns out to be in compliance
+       with posix, which means bash isn't).
+     - it doesn't work in a pipeline, ie "trap|cat" produces no output.
 
-commit 65bb01111320dfd0d25e21e1fd4d3f2b77532669
+commit 3fe6800b6027add478e648934cbb29d684e51943
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Sun Sep 5 19:37:39 2021 +1000
+Date:   Thu Jan 20 00:49:57 2022 +1100
 
-    Test against OpenSSL 3 branch as well as dev.
+    Move more tests out of valgrind-1 runner.
+
+commit 20da6ed136dd76e6a0b229ca3036ef9c7c7ef798
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Wed Jan 19 15:37:39 2022 +1100
+
+    Invoke EXIT handler early when using Valgrind.
     
-    Now that OpenSSL development has moved to 3.1, test against the most
-    recent version of the openssl-3.0 branch too.
+    When using Valgrind, we need to wait for all invoked programs to
+    complete before checking their valgrind logs.  Some tests, notably
+    agent-restrict, set an EXIT trap handler to clean up things like
+    ssh-agent, but those do not get invoked until test-exec.sh exits.
+    This causes the Valgrind wait to deadlock, so if present invoke
+    the EXIT handler before checking the Valgrind logs.
 
-commit 864ed0d5e04a503b97202c776b7cf3f163f3eeaa
+commit ad2e0580c87b0714cf166bca9d926a95ddeee1c8
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Sun Sep 5 19:33:22 2021 +1000
+Date:   Tue Jan 18 12:55:21 2022 +1100
 
-    OpenSSL development is now 3.1.*
+    Remove line leftover from upstream sync.
 
-commit a60209a586a928f92ab323bf23bd07f57093342e
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Sep 3 07:43:23 2021 +0000
+commit d1051c0f11a6b749027e26bbeb61b07df4b67e15
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Jan 17 22:56:04 2022 +0000
 
-    upstream: Use .Cm instead of .Dq in StrictHostKeyChecking list for
+    upstream: when decompressing zlib compressed packets, use
     
-    consistency. Patch from scop via github PR#257, ok jmc@
+    Z_SYNC_FLUSH instead of Z_PARTIAL_FLUSH as the latter is not actually
+    specified as a valid mode for inflate(). There should be no practical change
+    in behaviour as the compression side ensures a flush that should make all
+    data available to the receiver in all cases.
     
-    OpenBSD-Commit-ID: 3652a91564570779431802c31224fb4a9cf39872
+    repoted by lamm AT ibm.com via bz3372; ok markus
+    
+    OpenBSD-Commit-ID: 67cfc1fa8261feae6d2cc0c554711c97867cc81b
 
-commit 8d1d9eb6de37331e872700e9e399a3190cca1242
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Sep 3 07:27:03 2021 +0000
+commit d5981b1883746b1ae178a46229c26b53af99e37a
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Jan 17 21:41:04 2022 +0000
 
-    upstream: Mention using ssh -i for specifying the public key file
+    upstream: make most of the sftp errors more idiomatic, following
     
-    in the case where the private key is loaded into ssh-agent but is not present
-    locally.  Based on patch from rafork via github PR#215, ok jmc@
+    the general form of "[local/remote] operation path: error message"; ok markus
     
-    OpenBSD-Commit-ID: 2282e83b0ff78d2efbe705883b67240745fa5bb2
+    OpenBSD-Commit-ID: 61364cd5f3a9fecaf8d63b4c38a42c0c91f8b571
 
-commit eb4362e5e3aa7ac26138b11e44d8c191910aff64
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Sep 3 05:25:50 2021 +0000
+commit ac7c9ec894ed0825d04ef69c55babb49bab1d32e
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Jan 17 21:39:51 2022 +0000
 
-    upstream: Refer to KEX "algorithms" instead of "methods" to match
+    upstream: when transferring multiple files in SFTP mode, create the
     
-    other references and improve consistency.  Patch from scop via github PR#241,
-    ok djm@
+    destination directory if it doesn't already exist to match olde-scp(1)
+    behaviour. noticed by deraadt@ ok markus@
     
-    OpenBSD-Commit-ID: 840bc94ff6861b28d8603c8e8c16499bfb65e32c
+    OpenBSD-Commit-ID: cf44dfa231d4112f697c24ff39d7ecf2e6311407
 
-commit b3318946ce5725da43c4bf7eeea1b73129c47d2a
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Sep 3 05:12:25 2021 +0000
+commit 39d17e189f8e72c34c722579d8d4e701fa5132da
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Jan 14 03:43:48 2022 +0000
 
-    upstream: Remove redundant attrib_clear in upload_dir_internal.
+    upstream: allow pin-required FIDO keys to be added to ssh-agent(1).
     
-    The subsequent call to stat_to_attrib clears the struct as its first step
-    anyway. From pmeinhardt via github PR#220, ok djm@
+    ssh-askpass will be used to request the PIN at authentication time.
     
-    OpenBSD-Commit-ID: f5234fc6d7425b607e179acb3383f21716f3029e
+    From Pedro Martelletto, ok djm
+    
+    OpenBSD-Commit-ID: de8189fcd35b45f632484864523c1655550e2950
 
-commit 7cc3fe28896e653956a6a2eed0a25d551b83a029
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Sep 3 04:11:13 2021 +0000
+commit 52423f64e13db2bdc31a51b32e999cb1bfcf1263
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Jan 14 03:35:10 2022 +0000
 
-    upstream: Add test for client termination status on signal.
+    upstream: ssh-sk: free a resident key's user id
     
-    Based on patch from Alexxz via github PR#235 with some tweaks, to
-    match patch in bz#3281.
+    From Pedro Martelletto; ok dtucker & me
     
-    OpenBSD-Regress-ID: d87c7446fb8b5f8b45894fbbd6875df326e729e2
+    OpenBSD-Commit-ID: 47be40d602b7a6458c4c71114df9b53d149fc2e9
 
-commit 5428b0d239f6b516c81d1dd15aa9fe9e60af75d4
-Author: deraadt@openbsd.org <deraadt@openbsd.org>
-Date:   Thu Sep 2 21:03:54 2021 +0000
+commit 014e2f147a2788bfb3cc58d1b170dcf2bf2ee493
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Jan 14 03:34:00 2022 +0000
 
-    upstream: sys/param.h is not needed for any visible reason
+    upstream: sshsk_load_resident: don't preallocate resp
     
-    OpenBSD-Commit-ID: 8bdea2d0c75692e4c5777670ac039d4b01c1f368
+    resp is allocated by client_converse(), at which point we lose
+    the original pointer.
+    
+    From Pedro Martelletto; ok dtucker & me
+    
+    OpenBSD-Commit-ID: 1f1b5ea3282017d6584dfed4f8370dc1db1f44b1
 
-commit 1ff38f34b4c4545eb28106629cafa1e0496bc726
-Author: Shchelkunov Artem <a.shchelkunov@ideco.ru>
-Date:   Wed Aug 11 18:07:58 2021 +0500
+commit c88265f207dfe0e8bdbaf9f0eda63ed6b33781cf
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Jan 14 03:32:52 2022 +0000
 
-    Fix memory leak in error path.
+    upstream: sshsk_sign: trim call to sshkey_fingerprint()
     
-    *info is allocated via xstrdup but was leaked in the PAM_AUTH_ERR path.
-    From github PR#266.
+    the resulting fingerprint doesn't appear to be used for anything,
+    and we end up leaking it.
+    
+    from Pedro Martelletto; ok dtucker & me
+    
+    OpenBSD-Commit-ID: 5625cf6c68f082bc2cbbd348e69a3ed731d2f9b7
 
-commit cb37e2f0c0ca4fef844ed7edc5d0e3b7d0e83f6a
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Wed Sep 1 03:16:06 2021 +0000
+commit 1cd1b2eac39661b849d5a4b4b56363e22bb5f61e
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Jan 14 03:31:52 2022 +0000
 
-    upstream: Fix ssh-rsa fallback for old PuTTY interop tests.
+    upstream: use status error message to communicate ~user expansion
     
-    OpenBSD-Regress-ID: a19ac929da604843a5b5f0f48d2c0eb6e0773d37
+    failures; provides better experience for scp in sftp mode, where ~user paths
+    are more likely to be used; spotted jsg, feedback jsg & deraadt ok jsg &
+    markus
+    
+    (forgot to include this file in previous commit)
+    
+    OpenBSD-Commit-ID: d37cc4c8c861ce48cd6ea9899e96aaac3476847b
 
-commit 8b02ef0f28dc24cda8cbcd8b7eb02bda8f8bbe59
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Wed Sep 1 00:50:27 2021 +0000
+commit a1d42a6ce0398da3833bedf374ef2571af7fea50
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Jan 14 13:49:32 2022 +1100
 
-    upstream: Add a function to skip remaining tests.
+    fix edge case in poll(2) wrapper
     
-    Many tests skip tests for various reasons but not in a consistent way and
-    don't always clean up, so add that and switch the tests that do that over.
+    Correct handling of select(2) exceptfds. These should only be consulted
+    for POLLPRI flagged pfds and not unconditionally converted to POLLERR.
     
-    OpenBSD-Regress-ID: 72d2ec90a3ee8849486956a808811734281af735
+    with and ok dtucker@
 
-commit d486845c07324c04240f1674ac513985bd356f66
+commit 976b9588b4b5babcaceec4767a241c11a67a5ccb
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Jan 14 13:46:35 2022 +1100
+
+    Wrap OpenSSL includes in unit tests in ifdef.
+    
+    Fixes unit test on systems that do not have OpenSSL headers installed.
+
+commit c171879374b2e8b07157503f5639ed0bce59ce89
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Thu Jan 13 15:53:33 2022 +1100
+
+    Remove sort wrapper.
+    
+    agent-restrict now takes care of this itself.
+
+commit 9cc2654403f1a686bb26c07a6ac790edf334cef5
 Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Tue Aug 31 07:13:59 2021 +0000
+Date:   Thu Jan 13 04:53:16 2022 +0000
 
-    upstream: Specify path to PuTTY keys.
+    upstream: Set LC_ALL in both local and remote shells so that sorted
     
-    Portable needs this and it makes no difference on OpenBSD, so resync
-    them.  (Id sync only, Portable already had this.)
+    output matches regardless of what the user's shell sets it to.  ok djm@
     
-    OpenBSD-Regress-ID: 33f6f66744455886d148527af8368811e4264162
+    OpenBSD-Regress-ID: 4e97dd69a68b05872033175a4c2315345d01837f
 
-commit d22b299115e27606e846b23490746f69fdd4fb38
+commit 7a75f748cb2dd2f771bf70ea72698aa027996ab1
 Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Tue Aug 31 06:13:23 2021 +0000
+Date:   Thu Jan 13 04:22:10 2022 +0000
 
-    upstream: Better compat tests with old PuTTY.
+    upstream: Avoid %'s in commands (not used in OpenBSD, but used in
     
-    When running PuTTY interop tests and using a PuTTY version older than
-    0.76, re-enable the ssh-rsa host key algorithm (the 256 and 512 variants
-    of RSA were added some time between 0.73 and 0.76).
+    -portable's Valgrind test) being interpretted as printf format strings.
     
-    OpenBSD-Regress-ID: e6138d6987aa705fa1e4f216db0bb386e1ff38e1
+    OpenBSD-Regress-ID: dc8655db27ac4acd2c386c4681bf42a10d80b043
 
-commit 87ad70d605c3e39c9b8aa275db27120d7cc09b77
+commit 6c435bd4994d71442192001483a1cdb846e5ffcd
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Tue Aug 31 17:04:50 2021 +1000
+Date:   Wed Jan 12 16:58:13 2022 +1100
 
-    Resync PuTTY interop tests.
-    
-    Resync behaviour when REGRESS_INTEROP_PUTTY is not set with OpenBSD.
+    Stop on first test failure to minimize logs.
 
-commit e47b82a7bf51021afac218bf59a3be121827653d
+commit 4bc2ba6095620a4484b708ece12842afd8c7685b
 Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Tue Aug 31 01:25:27 2021 +0000
+Date:   Wed Jan 12 07:18:37 2022 +0000
 
-    upstream: Specify hostkeyalgorithms in SSHFP test.
-    
-    Specify host key algorithms in sshd's default set for the SSHFP test,
-    from djm@.  Make the reason for when the test is skipped a bit clearer.
+    upstream: Use egrep when searching for an anchored string.
     
-    OpenBSD-Regress-ID: 4f923dfc761480d5411de17ea6f0b30de3e32cea
+    OpenBSD-Regress-ID: dd114a2ac27ac4b06f9e4a586d3f6320c54aeeb4
 
-commit 7db3e0a9e8477c018757b59ee955f7372c0b55fb
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Aug 30 01:15:45 2021 +0000
+commit 6bf2efa2679da1e8e60731f41677b2081dedae2c
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Wed Jan 12 18:25:06 2022 +1100
 
-    upstream: adapt to RSA/SHA1 deprectation
+    Add "rev" command replacement if needed.
+
+commit 72bcd7993dadaf967bb3d8564ee31cbf38132b5d
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Wed Jan 12 03:30:32 2022 +0000
+
+    upstream: Don't log NULL hostname in restricted agent code,
     
-    OpenBSD-Regress-ID: 952397c39a22722880e4de9d1c50bb1a14f907bb
+    printf("%s", NULL) is not safe on all platforms.  with & ok djm
+    
+    OpenBSD-Commit-ID: faf10cdae4adde00cdd668cd1f6e05d0a0e32a02
 
-commit 2344750250247111a6c3c6a4fe84ed583a61cc11
+commit acabefe3f8fb58c867c99fed9bbf84dfa1771727
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sun Aug 29 23:53:10 2021 +0000
+Date:   Tue Jan 11 22:33:16 2022 +0000
 
-    upstream: After years of forewarning, disable the RSA/SHA-1
-    
-    signature algorithm by default. It is feasible to create colliding SHA1
-    hashes, so we need to deprecate its use.
+    upstream: remove hardcoded domain and use window.location.host, so this
     
-    RSA/SHA-256/512 remains available and will be transparently selected
-    instead of RSA/SHA1 for most SSH servers released in the last five+
-    years. There is no need to regenerate RSA keys.
+    can be run anywhere
     
-    The use of RSA/SHA1 can be re-enabled by adding "ssh-rsa" to the
-    PubkeyAcceptedAlgorithms directives on the client and server.
+    OpenBSD-Regress-ID: 2ac2ade3b6227d9c547351d3ccdfe671e62b7f92
+
+commit 96da0946e44f34adc0397eb7caa6ec35a3e79891
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Tue Jan 11 02:56:19 2022 +0000
+
+    upstream: "void" functions should not return anything. From Tim Rice
     
-    ok dtucker deraadt
+    via -portable.
     
-    OpenBSD-Commit-ID: 189bcc4789c7254e09e23734bdd5def8354ff1d5
+    OpenBSD-Commit-ID: ce6616304f4c9881b46413e616b226c306830e2a
 
-commit 56c4455d3b54b7d481c77c82115c830b9c8ce328
+commit a882a09722c9f086c9edb65d0c4022fd965ec1ed
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sun Aug 29 23:44:07 2021 +0000
+Date:   Tue Jan 11 01:26:47 2022 +0000
 
-    upstream: wrap at 80 columns
+    upstream: suppress "Connection to xxx closed" messages at LogLevel >=
     
-    OpenBSD-Commit-ID: 47ca2286d6b52a9747f34da16d742879e1a37bf0
+    error bz3378; ok dtucker@
+    
+    OpenBSD-Commit-ID: d5bf457d5d2eb927b81d0663f45248a31028265c
 
-commit 95401eea8503943449f712e5f3de52fc0bc612c5
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Aug 20 18:14:13 2021 +1000
+commit 61a1a6af22e17fc94999a5d1294f27346e6c4668
+Author: Damien Miller <djm@mindrot.org>
+Date:   Wed Jan 12 08:57:49 2022 +1100
 
-    Replace shell function with ssh-keygen -A.
+    OS X poll(2) is broken; use compat replacement
     
-    Prevents the init script in the SysV package from trying (and failing)
-    to generate unsupported key types.  Remove now-unused COMMENT_OUT_ECC.
-    ok tim@
+    Darwin's poll(2) implementation is broken. For character-special
+    devices like /dev/null, it returns POLLNVAL when polled with
+    POLLIN.
+    
+    Apparently this is Apple bug 3710161, which is AFAIK not public,
+    but a websearch will find other OSS projects rediscovering it
+    periodically since it was first identified in 2005 (!!)
 
-commit d83ec9ed995a76ed1d5c65cf10b447222ec86131
+commit 613a6545fc5a9542753b503cbe5906538a640b60
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Aug 20 15:39:05 2021 +1000
+Date:   Tue Jan 11 20:56:01 2022 +1100
 
-    Remove obsolete Redhat PAM config and init script.
+    libhardended_malloc.so moved into out dir.
 
-commit e1a596186c81e65a34ce13076449712d3bf97eb4
-Author: Damien Miller <djm@mindrot.org>
-Date:   Fri Aug 20 14:03:49 2021 +1000
+commit 61761340be5e11046556623f8f5412b236cefa95
+Author: Tim Rice <tim@multitalents.net>
+Date:   Mon Jan 10 11:07:04 2022 -0800
 
-    depend
+    Make USL compilers happy
+    UX:acomp: ERROR: "sftp-server.c", line 567: void function cannot return value
 
-commit 5450606c8f7f7a0d70211cea78bc2dab74ab35d1
-Author: Damien Miller <djm@mindrot.org>
-Date:   Fri Aug 20 13:59:43 2021 +1000
+commit 3ef403f351e80a59b6f7e9d43cb82c181855483c
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Mon Jan 10 21:07:38 2022 +1100
 
-    update version numbers
+    Add wrapper for "sort" to set LC_ALL=C.
+    
+    Found by djm, this should make sorts stable and reduce test flakiness.
 
-commit feee2384ab8d694c770b7750cfa76a512bdf8246
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Aug 20 03:22:55 2021 +0000
+commit bd69e29f5716090181dbe0b8272eb7eab1a383bb
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Sat Jan 8 07:55:26 2022 +0000
 
-    upstream: openssh-8.7
+    upstream: Remove errant "set -x" left over from debugging.
     
-    OpenBSD-Commit-ID: 8769dff0fd76ae3193d77bf83b439adee0f300cd
+    OpenBSD-Regress-ID: cd989268e034264cec5df97be7581549032c87dc
 
-commit 9a2ed62173cc551b2b5f479460bb015b19499de8
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Aug 20 10:48:13 2021 +1000
+commit 1a7c88e26fd673813dc5f61c4ac278564845e004
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Sat Jan 8 07:01:13 2022 +0000
 
-    Also check pid in pselect_notify_setup.
+    upstream: Enable all supported hostkey algorithms (but no others).
     
-    Spotted by djm@.
+    Allows hostbased test to pass when built without OpenSSL.
+    
+    OpenBSD-Regress-ID: 5ddd677a68b672517e1e78460dc6ca2ccc0a9562
 
-commit deaadcb93ca15d4f38aa38fb340156077792ce87
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Aug 20 08:39:33 2021 +1000
+commit 12b457c2a42ff271e7967d9bedd068cebb048db9
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Jan 8 07:37:32 2022 +0000
 
-    Prefix pselect functions to clarify debug messages
+    upstream: use status error message to communicate ~user expansion
+    
+    failures; provides better experience for scp in sftp mode, where ~user paths
+    are more likely to be used; spotted jsg, feedback jsg & deraadt ok jsg &
+    markus
+    
+    OpenBSD-Commit-ID: fc610ce00ca0cdc2ecdabbd49ce7cb82033f905f
 
-commit 10e45654cff221ca60fd35ee069df67208fcf415
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Aug 20 08:30:42 2021 +1000
+commit 63670d4e9030bcee490d5a9cce561373ac5b3b23
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Jan 8 07:36:11 2022 +0000
 
-    Fix race in pselect replacement code.
+    upstream: fix some corner-case bugs in scp sftp-mode handling of
     
-    On the second and subsequent calls to pselect the notify_pipe was not
-    added to the select readset, opening up a race that om G. Christensen
-    discovered on multiprocessor Solaris <=9 systems.
+    ~-prefixed paths; spotted by jsg; feedback jsg & deraadt, ok jsg & markus
     
-    Also reinitialize notify_pipe if the pid changes.  This will prevent a
-    parent and child from using the same FD, although this is not an issue
-    in the current structure it might be in future.
+    OpenBSD-Commit-ID: d1697dbaaa9f0f5649d69be897eab25c7d37c222
 
-commit 464ba22f1e38d25402e5ec79a9b8d34a32df5a3f
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Wed Aug 18 12:51:30 2021 +1000
+commit e14940bbec57fc7d3ce0644dbefa35f5a8ec97d0
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Jan 8 07:34:57 2022 +0000
 
-    Check compiler for c99 declarations after code.
+    upstream: more idiomatic error messages; spotted by jsg & deraadt
     
-    The sntrup761 reference code contains c99-style declarations after code
-    so don't try to build that if the compiler doesn't support it.
-
-commit 7d878679a4b155a359d32104ff473f789501748d
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Tue Aug 17 15:12:04 2021 +1000
-
-    Remove trailing backslash on regress-unit-binaries
+    ok jsg & markus
+    
+    OpenBSD-Commit-ID: 43618c692f3951747b4151c477c7df22afe2bcc8
 
-commit b71b2508f17c68c5d9dbbe537686d81cedb9a781
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Tue Aug 17 07:59:27 2021 +1000
+commit 9acddcd5918c623f7ebf454520ffe946a8f15e90
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Jan 8 07:33:54 2022 +0000
 
-    Put stdint.h inside HAVE_STDINT_H.
+    upstream: add a variant of send_status() that allows overriding the
     
-    From Tom G. Christensen.
+    default, generic error message. feedback/ok markus & jsg
+    
+    OpenBSD-Commit-ID: 81f251e975d759994131b717ee7c0b439659c40f
 
-commit 6a24567a29bd7b4ab64e1afad859ea845cbc6b8c
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Mon Aug 16 14:13:02 2021 +1000
+commit 961411337719d4cd78f1ab33e4ac549f3fa22f50
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Jan 8 07:32:45 2022 +0000
 
-    Improve github test driver script.
+    upstream: refactor tilde_expand_filename() and make it handle ~user
     
-     - use a trap to always output any failed regress logs (since the script
-       sets -e, the existing log output is never invoked).
-     - pass LTESTS and SKIP_LTESTS when re-running with sshd options (eg.
-       UsePAM).
+    paths with no trailing slash; feedback/ok markus and jsg
+    
+    OpenBSD-Commit-ID: a2ab365598a902f0f14ba6a4f8fb2d07a9b5d51d
 
-commit b467cf13705f59ed348b620722ac098fe31879b7
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Mon Aug 16 11:32:23 2021 +1000
+commit dc38236ab6827dec575064cac65c8e7035768773
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Thu Jan 6 22:14:25 2022 +0000
 
-    Remove deprecated ubuntu-16.04 test targets.
+    upstream: Don't explicitly set HostbasedAuthentication in
     
-    Github has deprecated ubuntu-16.04 and it will be removed on 20
-    September.
+    sshd_config. It defaults to "no", and not explicitly setting it allows us to
+    enable it for the (optional) hostbased test.
+    
+    OpenBSD-Regress-ID: aa8e3548eb5793721641d26e56c29f363b767c0c
 
-commit 20e6eefcdf78394f05e453d456c1212ffaa6b6a4
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Sun Aug 15 23:25:26 2021 +1000
+commit e12d912ddf1c873cb72e5de9a197afbe0b6622d2
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Thu Jan 6 21:46:56 2022 +0000
 
-    Skip agent ptrace test on hurd.
+    upstream: Add test for hostbased auth. It requires some external
+    
+    setup (see comments at the top) and thus is disabled unless
+    TEST_SSH_HOSTBASED_AUTH and SUDO are set.
+    
+    OpenBSD-Regress-ID: 3ec8ba3750c5b595fc63e7845d13483065a4827a
 
-commit 7c9115bbbf958fbf85259a061c1122e2d046aabf
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Sun Aug 15 19:37:22 2021 +1000
+commit a48533a8da6a0f4f05ecd055dc8048047e53569e
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Jan 7 09:24:26 2022 +1100
 
-    Add hurd test target.
+    depend
 
-commit 7909a566f6c6a78fcd30708dc49f4e4f9bb80ce3
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Sun Aug 15 12:45:10 2021 +1000
+commit d9dbb5d9a0326e252d3c7bc13beb9c2434f59409
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Jan 6 22:06:51 2022 +0000
 
-    Skip scp3 tests on all dfly58 and 60 configs.
+    upstream: allow hostbased auth to select RSA keys when only
+    
+    RSA/SHA2 are configured (this is the default case); ok markus@
+    
+    OpenBSD-Commit-ID: 411c18c7bde40c60cc6dfb7017968577b4d4a827
 
-commit e65198e52cb03534e8c846d1bca74c310b1526de
-Author: Tim Rice <tim@multitalents.net>
-Date:   Sat Aug 14 13:08:07 2021 -0700
+commit fdb1d58d0d3888b042e5a500f6ce524486aaf782
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Jan 6 22:05:42 2022 +0000
 
-    openbsd-compat/openbsd-compat.h: put bsd-signal.h before bsd-misc.h
-    to get sigset_t from signal.h needed for the pselect replacement.
+    upstream: add a helper function to match a key type to a list of
+    
+    signature algorithms. RSA keys can make signatures with multiple algorithms,
+    so some special handling is required. ok markus@
+    
+    OpenBSD-Commit-ID: 03b41b2bda06fa4cd9c84cef6095033b9e49b6ff
 
-commit e50635640f79920d9375e0155cb3f4adb870eee5
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Aug 13 13:21:00 2021 +1000
+commit 11e8c4309a5086a45fbbbc87d0af5323c6152914
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Jan 6 22:04:20 2022 +0000
 
-    Test OpenSSH from OpenBSD head on 6.8 and 6.9.
+    upstream: log some details on hostkeys that ssh loads for
+    
+    hostbased authn ok markus@
+    
+    OpenBSD-Commit-ID: da17061fa1f0e58cb31b88478a40643e18233e38
 
-commit e0ba38861c490c680117b7fe0a1d61a181cd00e7
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Aug 13 13:00:14 2021 +1000
+commit c6706f661739514a34125aa3136532a958929510
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Jan 6 22:03:59 2022 +0000
 
-    Skip scp3 test on dragonfly 58 and 60.
+    upstream: log signature algorithm during verification by monitor;
     
-    The tests hang, so skip until we figure them out.
+    ok markus
+    
+    OpenBSD-Commit-ID: 02b92bb42c4d4bf05a051702a56eb915151d9ecc
 
-commit dcce2a2bcf007bf817a2fb0dce3db83fa9201e92
+commit 8832402bd500d1661ccc80a476fd563335ef6cdc
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Thu Aug 12 23:59:25 2021 +0000
+Date:   Thu Jan 6 22:02:52 2022 +0000
 
-    upstream: mention that CASignatureAlgorithms accepts +/- similarly to
+    upstream: piece of UpdateHostkeys client strictification: when
     
-    the other algorithm list directives; ok jmc bz#3335
+    updating known_hosts with new keys, ignore NULL keys (forgot to include in
+    prior commit)
     
-    OpenBSD-Commit-ID: 0d46b53995817052c78e2dce9dbd133963b073d9
+    OpenBSD-Commit-ID: 49d2eda6379490e1ceec40c3b670b973f63dea08
 
-commit 090a82486e5d7a8f7f16613d67e66a673a40367f
-Author: schwarze@openbsd.org <schwarze@openbsd.org>
-Date:   Thu Aug 12 09:59:00 2021 +0000
+commit c2d9ced1da0276961d86690b3bd7ebdaca7fdbf7
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Jan 6 22:01:14 2022 +0000
 
-    upstream: In the editline(3) branch of the sftp(1) event loop,
+    upstream: include rejected signature algorithm in error message
     
-    handle SIGINT rather than ignoring it, such that the user can use Ctrl-C to
-    discard the currently edited command line and get a fresh prompt, just like
-    in ftp(1), bc(1), and in shells.
+    and not the (useless) key type; ok markus
     
-    It is critical to not use ssl_signal() for this particular case
-    because that function unconditionally sets SA_RESTART, but here we
-    need the signal to interrupt the read(2) in the el_gets(3) event loop.
+    OpenBSD-Commit-ID: 4180b5ec7ab347b43f84e00b1972515296dab023
+
+commit 7aa7b096cf2bafe2777085abdeed5ce00581f641
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Jan 6 22:00:18 2022 +0000
+
+    upstream: make ssh-keysign use the requested signature algorithm
     
-    OK dtucker@ deraadt@
+    and not the default for the keytype. Part of unbreaking hostbased auth for
+    RSA/SHA2 keys. ok markus@
     
-    OpenBSD-Commit-ID: 8025115a773f52e9bb562eaab37ea2e021cc7299
+    OpenBSD-Commit-ID: b5639a14462948970da3a8020dc06f9a80ecccdc
 
-commit e1371e4f58404d6411d9f95eb774b444cea06a26
-Author: naddy@openbsd.org <naddy@openbsd.org>
-Date:   Wed Aug 11 14:07:54 2021 +0000
+commit 291721bc7c840d113a49518f3fca70e86248b8e8
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Jan 6 21:57:28 2022 +0000
 
-    upstream: scp: tweak man page and error message for -3 by default
+    upstream: stricter UpdateHostkey signature verification logic on
     
-    Now that the -3 option is enabled by default, flip the documentation
-    and error message logic from "requires -3" to "blocked by -R".
+    the client- side. Require RSA/SHA2 signatures for RSA hostkeys except when
+    RSA/SHA1 was explicitly negotiated during initial KEX; bz3375
     
-    ok djm@
+    ok markus@
     
-    OpenBSD-Commit-ID: a872592118444fb3acda5267b2a8c3d4c4252020
+    OpenBSD-Commit-ID: 46e75e8dfa2c813781805b842580dcfbd888cf29
 
-commit 49f46f6d77328a3d10a758522b670a3e8c2235e7
-Author: naddy@openbsd.org <naddy@openbsd.org>
-Date:   Wed Aug 11 14:05:19 2021 +0000
+commit 0fa33683223c76289470a954404047bc762be84c
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Jan 6 21:55:23 2022 +0000
 
-    upstream: scp: do not spawn ssh with two -s flags for
+    upstream: Fix signature algorithm selection logic for
     
-    remote-to-remote copies
+    UpdateHostkeys on the server side. The previous code tried to prefer RSA/SHA2
+    for hostkey proofs of RSA keys, but missed some cases. This will use RSA/SHA2
+    signatures for RSA keys if the client proposed these algorithms in initial
+    KEX. bz3375
     
-    Do not add another "-s" to the argument vector every time an SFTP
-    connection is initiated.  Instead, introduce a subsystem flag to
-    do_cmd() and add "-s" when the flag is set.
+    Mostly by Dmitry Belyavskiy with some tweaks by me.
     
-    ok djm@
+    ok markus@
     
-    OpenBSD-Commit-ID: 25df69759f323661d31b2e1e790faa22e27966c1
+    OpenBSD-Commit-ID: c17ba0c3236340d2c6a248158ebed042ac6a8029
 
-commit 2a2cd00783e1da45ee730b7f453408af1358ef5b
+commit 17877bc81db3846e6e7d4cfb124d966bb9c9296b
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Aug 11 08:55:04 2021 +0000
+Date:   Thu Jan 6 21:48:38 2022 +0000
 
-    upstream: test -Oprint-pubkey
+    upstream: convert ssh, sshd mainloops from select() to poll();
     
-    OpenBSD-Regress-ID: 3d51afb6d1f287975fb6fddd7a2c00a3bc5094e0
+    feedback & ok deraadt@ and markus@ has been in snaps for a few months
+    
+    OpenBSD-Commit-ID: a77e16a667d5b194dcdb3b76308b8bba7fa7239c
 
-commit b9f4635ea5bc33ed5ebbacf332d79bae463b0f54
+commit 5c79952dfe1aa36105c93b3f383ce9be04dee384
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Aug 11 08:54:17 2021 +0000
+Date:   Thu Jan 6 21:46:23 2022 +0000
 
-    upstream: when verifying sshsig signatures, support an option
+    upstream: prepare for conversion of ssh, sshd mainloop from
     
-    (-Oprint-pubkey) to dump the full public key to stdout; based on patch from
-    Fabian Stelzer; ok markus@
+    select() to poll() by moving FD_SET construction out of channel handlers into
+    separate functions. ok markus
     
-    OpenBSD-Commit-ID: 0598000e5b9adfb45d42afa76ff80daaa12fc3e2
+    OpenBSD-Commit-ID: 937fbf2a4de12b19fb9d5168424e206124807027
 
-commit 750c1a45ba4e8ad63793d49418a0780e77947b9b
+commit 24c5187edfef4651a625b7d5d692c8c7e794f71f
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Aug 11 05:21:32 2021 +0000
+Date:   Wed Jan 5 21:54:37 2022 +0000
 
-    upstream: oops, missed one more %p
+    upstream: add a comment so I don't make this mistake again
     
-    OpenBSD-Commit-ID: e7e62818d1564cc5cd9086eaf7a51cbd1a9701eb
+    OpenBSD-Commit-ID: 69c7f2362f9de913bb29b6318580c5a1b52c921e
 
-commit b5aa27b69ab2e1c13ac2b5ad3f8f7d389bad7489
+commit 7369900441929058263a17f56aa67e05ff7ec628
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Aug 11 05:20:17 2021 +0000
+Date:   Wed Jan 5 21:50:00 2022 +0000
 
-    upstream: remove a bunch of %p in format strings; leftovers of
-    
-    debuggings past. prompted by Michael Forney, ok dtucker@
+    upstream: fix cut-and-pasto in error message
     
-    OpenBSD-Commit-ID: 4853a0d6c9cecaba9ecfcc19066e52d3a8dcb2ac
+    OpenBSD-Commit-ID: 4cc5c619e4b456cd2e9bb760d17e3a9c84659198
 
-commit 419aa01123db5ff5dbc68b2376ef23b222862338
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Wed Aug 11 09:21:09 2021 +1000
+commit 294c11b1c7d56d3fb61e329603a782315ed70c62
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Jan 5 08:25:05 2022 +0000
 
-    Add includes.h to compat tests.
+    upstream: select all RSA hostkey algorithms for UpdateHostkeys tests,
     
-    On platforms where closefrom returns void (eg glibc>=2.34) the prototype
-    for closefrom in its compat tests would cause compile errors.  Remove
-    this and have the tests pull in the compat headers in the same way as
-    the main code.  bz#3336.
+    not just RSA-SHA1
+    
+    OpenBSD-Regress-ID: b40e62b65863f2702a0c10aca583b2fe76772bd8
 
-commit 931f592f26239154eea3eb35a086585897b1a185
+commit 2ea1108c30e3edb6f872dfc1e6da10b041ddf2c0
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Aug 10 03:35:45 2021 +0000
+Date:   Wed Jan 5 04:56:15 2022 +0000
 
-    upstream: adapt to scp -M flag change; make scp3.sh test SFTP mode too
+    upstream: regress test both sshsig message hash algorithms, possible
     
-    OpenBSD-Regress-ID: 43fea26704a0f0b962b53c1fabcb68179638f9c0
+    now because the algorithm is controllable via the CLI
+    
+    OpenBSD-Regress-ID: 0196fa87acc3544b2b4fd98de844a571cb09a39f
 
-commit 391ca67fb978252c48d20c910553f803f988bd37
+commit 2327c306b5d4a2b7e71178e5a4d139af9902c2b0
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Aug 10 03:33:34 2021 +0000
+Date:   Wed Jan 5 04:50:11 2022 +0000
 
-    upstream: Prepare for a future where scp(1) uses the SFTP protocol by
-    
-    default. Replace recently added -M option to select the protocol with -O
-    (olde) and -s (SFTP) flags, and label the -s flag with a clear warning that
-    it will be removed in the near future (so no, don't use it in scripts!).
+    upstream: allow selection of hash at sshsig signing time; code
     
-    prompted by/feedback from deraadt@
+    already supported either sha512 (default) or sha256, but plumbing wasn't
+    there mostly by Linus Nordberg
     
-    OpenBSD-Commit-ID: 92ad72cc6f0023c9be9e316d8b30eb6d8d749cfc
+    OpenBSD-Commit-ID: 1b536404b9da74a84b3a1c8d0b05fd564cdc96cd
 
-commit bfdd4b722f124a4fa9173d20dd64dd0fc69856be
+commit 56e941d0a00d6d8bae88317717d5e1b7395c9529
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Aug 9 23:56:36 2021 +0000
+Date:   Wed Jan 5 04:27:54 2022 +0000
 
-    upstream: make scp -3 the default for remote-to-remote copies. It
+    upstream: add missing -O option to usage() for ssh-keygen -Y sign;
     
-    provides a much better and more intuitive user experience and doesn't require
-    exposing credentials to the source host.
-    
-    thanks naddy@ for catching the missing argument in usage()
-    
-    "Yes please!" - markus@
-    "makes a lot of sense" - deraadt@
-    "the right thing to do" - dtucker@
+    from Linus Nordberg
     
-    OpenBSD-Commit-ID: d0d2af5f0965c5192ba5b2fa461c9f9b130e5dd9
+    OpenBSD-Commit-ID: 4e78feb4aa830727ab76bb2e3d940440ae1d7af0
 
-commit 2f7a3b51cef689ad9e93d0c6c17db5a194eb5555
+commit 141a14ec9b0924709c98df2dd8013bde5d8d12c7
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Aug 9 23:49:31 2021 +0000
+Date:   Wed Jan 5 04:27:01 2022 +0000
 
-    upstream: make scp in SFTP mode try to use relative paths as much
+    upstream: move sig_process_opts() to before sig_sign(); no
     
-    as possible. Previosuly, it would try to make relative and ~/-rooted paths
-    absolute before requesting transfers.
-    
-    prompted by and much discussion deraadt@
-    ok markus@
+    functional code change
     
-    OpenBSD-Commit-ID: 46639d382ea99546a4914b545fa7b00fa1be5566
+    OpenBSD-Commit-ID: da02d61f5464f72b4e8b299f83e93c3b657932f9
 
-commit 2ab864010e0a93c5dd95116fb5ceaf430e2fc23c
+commit 37a14249ec993599a9051731e4fb0ac5e976aec1
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Aug 9 23:47:44 2021 +0000
+Date:   Wed Jan 5 04:10:39 2022 +0000
 
-    upstream: SFTP protocol extension to allow the server to expand
-    
-    ~-prefixed paths, in particular ~user ones. Allows scp in sftp mode to accept
-    these paths, like scp in rcp mode does.
+    upstream: regression test for find-principals NULL deref; from Fabian
     
-    prompted by and much discussion deraadt@
-    ok markus@
+    Stelzer
     
-    OpenBSD-Commit-ID: 7d794def9e4de348e1e777f6030fc9bafdfff392
+    OpenBSD-Regress-ID: f845a8632a5a7d5ae26978004c93e796270fd3e5
 
-commit 41b019ac067f1d1f7d99914d0ffee4d2a547c3d8
+commit eb1f042142fdaba93f6c9560cf6c91ae25f6884a
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Aug 9 23:44:32 2021 +0000
+Date:   Wed Jan 5 04:02:42 2022 +0000
 
-    upstream: when scp is in SFTP mode, try to deal better with ~
-    
-    prefixed paths. ~user paths aren't supported, but ~/ paths will be accepted
-    and prefixed with the SFTP server starting directory (more to come)
+    upstream: NULL deref when using find-principals when matching an
     
-    prompted by and discussed with deraadt@
-    ok markus@
+    allowed_signers line that contains a namespace restriction, but no
+    restriction specified on the command-line; report and fix from Fabian Stelzer
     
-    OpenBSD-Commit-ID: 263a071f14555c045fd03132a8fb6cbd983df00d
+    OpenBSD-Commit-ID: 4a201b86afb668c908d1a559c6af456a61f4b145
 
-commit b4b3f3da6cdceb3fd168b5fab69d11fba73bd0ae
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Aug 9 07:21:01 2021 +0000
+commit 8f3b18030579f395eca2181da31a5f945af12a59
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Tue Jan 4 08:38:53 2022 +0000
 
-    upstream: on fatal errors, make scp wait for ssh connection before
+    upstream: Log command invocation while debugging.
     
-    exiting avoids LogLevel=verbose (or greater) messages from ssh appearing
-    after scp has returned exited and control has returned to the shell; ok
-    markus@
+    This will aid in manually reproducing failing commands.
     
-    (this was originally committed as r1.223 along with unrelated stuff that
-    I rolled back in r1.224)
+    OpenBSD-Regress-ID: b4aba8d5ac5675ceebeeeefa3261ce344e67333a
+
+commit bbf285164df535f0d38c36237f007551bbdae27f
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Sun Dec 26 10:31:15 2021 +1100
+
+    Always save config.h as build artifact.
     
-    OpenBSD-Commit-ID: 1261fd667ad918484889ed3d7aec074f3956a74b
+    Should allow better comparison between failing and succeeding test
+    platforms.
 
-commit 2ae7771749e0b4cecb107f9d4860bec16c3f4245
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Aug 9 07:19:12 2021 +0000
+commit 03bd4ed0db699687c5cd83405d26f81d2dc28d22
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Sat Dec 25 16:42:51 2021 +1100
 
-    upstream: rever r1.223 - I accidentally committed unrelated changes
+    Add OpenBSD 7.0 target.  Retire 6.8.
+
+commit c45a752f0de611afd87755c2887c8a24816d08ee
+Author: jsg@openbsd.org <jsg@openbsd.org>
+Date:   Sat Jan 1 05:55:06 2022 +0000
+
+    upstream: spelling
     
-    OpenBSD-Commit-ID: fb73f3865b2647a27dd94db73d6589506a9625f9
+    OpenBSD-Commit-ID: c63e43087a64d0727af13409c708938e05147b62
 
-commit 986abe94d481a1e82a01747360bd767b96b41eda
+commit c672f83a89a756564db0d3af9934ba0e1cf8fa3e
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Aug 9 07:16:09 2021 +0000
+Date:   Tue Jan 4 07:20:33 2022 +0000
 
-    upstream: show only the final path component in the progress meter;
+    upstream: unbreak test: was picking up system ssh-add instead of the
     
-    more useful with long paths (that may truncate) and better matches
-    traditional scp behaviour; spotted by naddy@ ok deraadt@
+    one supposedly being tested. Spotted by dtucker and using his VM zoo (which
+    includes some systems old enough to lack ed25519 key support)
     
-    OpenBSD-Commit-ID: 26b544d0074f03ebb8a3ebce42317d8d7ee291a3
+    OpenBSD-Regress-ID: 7976eb3df11cc2ca3af91030a6a8c0cef1590bb5
 
-commit 2b67932bb3176dee4fd447af4368789e04a82b93
+commit a23698c3082ffe661abed14b020eac9b0c25eb9f
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Aug 9 07:13:54 2021 +0000
+Date:   Sat Jan 1 04:18:06 2022 +0000
 
-    upstream: on fatal errors, make scp wait for ssh connection before
+    upstream: fix memleak in process_extension(); oss-fuzz issue #42719
     
-    exiting avoids LogLevel=verbose (or greater) messages from ssh appearing
-    after scp has returned exited and control has returned to the shell; ok
-    markus@
+    OpenBSD-Commit-ID: d8d49f840162fb7b8949e3a5adb8107444b6de1e
+
+commit cb885178f36b83d0f14cfe9f345d2068103feed0
+Author: jsg@openbsd.org <jsg@openbsd.org>
+Date:   Sat Jan 1 01:55:30 2022 +0000
+
+    upstream: spelling ok dtucker@
     
-    OpenBSD-Commit-ID: ef9dab5ef5ae54a6a4c3b15d380568e94263456c
+    OpenBSD-Commit-ID: bfc7ba74c22c928de2e257328b3f1274a3dfdf19
 
-commit 724eb900ace30661d45db2ba01d0f924d95ecccb
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Sun Aug 8 08:49:09 2021 +0000
+commit 6b977f8080a32c5b3cbb9edb634b9d5789fb79be
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Dec 26 23:34:41 2021 +0000
 
-    upstream: xstrdup environment variable used by ForwardAgent. bz#3328
+    upstream: split method list search functionality from
     
-    from goetze at dovetail.com, ok djm@ deraadt@
+    authmethod_lookup() into a separate authmethod_byname(), for cases where we
+    don't need to check whether a method is enabled, etc.
     
-    OpenBSD-Commit-ID: 760320dac1c3b26904284ba417a7d63fccc5e742
+    use this to fix the "none" authentication method regression reported
+    by Nam Nguyen via bugs@
+    
+    ok deraadt@
+    
+    OpenBSD-Commit-ID: 8cd188dc3a83aa8abe5b7693e762975cd8ea8a17
 
-commit 86b4cb3a884846b358305aad17a6ef53045fa41f
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Sun Aug 8 08:27:28 2021 +0000
+commit 0074aa2c8d605ee7587279a22cdad4270b4ddd07
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Wed Dec 22 06:56:41 2021 +0000
 
-    upstream: Although it's POSIX, not all shells used in Portable support
+    upstream: sort -H and -h in SYNOPSIS/usage(); tweak the -H text;
     
-    the implicit 'in "$@"' after 'for i'.
+    ok djm
     
-    OpenBSD-Regress-ID: 3c9aec6bca4868f85d2742b6ba5223fce110bdbc
+    OpenBSD-Commit-ID: 90721643e41e9e09deb5b776aaa0443456ab0965
 
-commit f2ccf6c9f395923695f22345e626dfd691227aaf
+commit 1c9853a68b2319f2e5f929179735e8fbb9988a67
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Sun Aug 8 17:39:56 2021 +1000
+Date:   Wed Dec 22 19:33:10 2021 +1100
 
-    Move portable specific settings down.
+    Use SHA.*_HMAC_BLOCK_SIZE if needed.
     
-    This brings the top hunk of the file back in sync with OpenBSD
-    so patches to the CVS Id should apply instead of always being
-    rejected.
+    If the platform has a native SHA2, does not define SHA.*_BLOCK_LENGTH
+    but does define SHA.*_HMAC_BLOCK_SIZE (eg Solaris) then use the latter.
+    Should fix --without-openssl build on Solaris.
 
-commit 71b0eb997e220b0fc9331635af409ad84979f2af
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Sun Aug 8 07:27:52 2021 +0000
+commit 715c892f0a5295b391ae92c26ef4d6a86ea96e8e
+Author: Damien Miller <djm@mindrot.org>
+Date:   Wed Dec 22 09:02:50 2021 +1100
 
-    upstream: Move setting of USER further down the startup In portable
-    
-    we have to change this and having it in the same hunk as the CVS Id string
-    means applying changes fails every. single. time.
-    
-    OpenBSD-Regress-ID: 87cd603eb6db58c9b430bf90adacb7f90864429b
+    remove sys/param.h in -portable, after upstream
 
-commit f0aca2706c710a0da1a4be705f825a807cd15400
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Sun Aug 8 06:38:33 2021 +0000
+commit 7a7c69d8b4022b1e5c0afb169c416af8ce70f3e8
+Author: Damien Miller <djm@mindrot.org>
+Date:   Mon Dec 20 13:05:20 2021 +1100
 
-    upstream: Drop -q in ssh-log-wrapper.sh to preserve logs.
+    add agent-restrict.sh file, missed in last commit
+
+commit f539136ca51a4976644db5d0be8158cc1914c72a
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Dec 19 22:20:12 2021 +0000
+
+    upstream: regression test for destination restrictions in ssh-agent
     
-    scp and sftp like to add -q to the command line passed to ssh which
-    overrides the LogLevel we set in the config files and suppresses output
-    to the debug logs so drop any "-q" from the invoked ssh.  In the one
-    case where we actually want to use -q in the banner test, call the ssh
-    binary directly bypassing the logging wrapper.
+    OpenBSD-Regress-ID: 3c799d91e736b1753b4a42d80c42fc40de5ad33d
+
+commit 6e4980eb8ef94c04874a79dd380c3f568e8416d6
+Author: anton@openbsd.org <anton@openbsd.org>
+Date:   Sat Dec 18 06:53:59 2021 +0000
+
+    upstream: Make use of ntests variable, pointed out by clang 13.
     
-    OpenBSD-Regress-ID: e2c97d3c964bda33a751374c56f65cdb29755b75
+    OpenBSD-Regress-ID: 4241a3d21bdfa1630ed429b6d4fee51038d1be72
 
-commit cf27810a649c5cfae60f8ce66eeb25caa53b13bc
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Sat Aug 7 01:57:08 2021 +0000
+commit 3eead8158393b697f663ec4301e3c7b6f24580b1
+Author: deraadt@openbsd.org <deraadt@openbsd.org>
+Date:   Tue Dec 14 21:25:27 2021 +0000
 
-    upstream: Fix prototype mismatch for do_cmd. ok djm@
+    upstream: sys/param.h cleanup, mostly using MINIMUM() and
     
-    OpenBSD-Commit-ID: 1c1598bb5237a7ae0be99152f185e0071163714d
+    <limits.h> ok dtucker
+    
+    OpenBSD-Regress-ID: 172a4c45d3bcf92fa6cdf6c4b9db3f1b3abe4db0
 
-commit 85de69f64665245786e28c81ab01fe18b0e2a149
+commit 266678e19eb0e86fdf865b431b6e172e7a95bf48
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sat Aug 7 01:55:01 2021 +0000
+Date:   Sun Dec 19 22:15:42 2021 +0000
 
-    upstream: sftp-client.c needs poll.h
-    
-    remove unused variable
+    upstream: document host-bound publickey authentication
     
-    OpenBSD-Commit-ID: 233ac6c012cd23af62f237167a661db391055a16
+    OpenBSD-Commit-ID: ea6ed91779a81f06d961e30ecc49316b3d71961b
 
-commit 397c4d72e50023af5fe3aee5cc2ad407a6eb1073
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Sat Aug 7 11:30:57 2021 +1000
+commit 3d00024b3b156aa9bbd05d105f1deb9cb088f6f7
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Dec 19 22:15:21 2021 +0000
 
-    Include poll.h and friends for struct pollfd.
+    upstream: document agent protocol extensions
+    
+    OpenBSD-Commit-ID: 09e8bb391bbaf24c409b75a4af44e0cac65405a7
 
-commit a9e2c533195f28627f205682482d9da384c4c52e
+commit c385abf76511451bcba78568167b1cd9e90587d5
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sat Aug 7 00:14:17 2021 +0000
+Date:   Sun Dec 19 22:14:47 2021 +0000
 
-    upstream: do_upload() used a near-identical structure for
+    upstream: PubkeyAuthentication=yes|no|unbound|host-bound
     
-    tracking expected status replies from the server to what do_download() was
-    using.
+    Allow control over which pubkey methods are used. Added out of
+    concern that some hardware devices may have difficulty signing
+    the longer pubkey authentication challenges. This provides a
+    way for them to disable the extension. It's also handy for
+    testing.
     
-    Refactor it to use the same structure and factor out some common
-    code into helper functions.
+    feedback / ok markus@
     
-    OpenBSD-Commit-ID: 0c167df8ab6df4a5292c32421922b0cf379e9054
+    OpenBSD-Commit-ID: ee52580db95c355cf6d563ba89974c210e603b1a
 
-commit 7b1cbcb7599d9f6a3bbad79d412604aa1203b5ee
+commit 34b1e9cc7654f41cd4c5b1cc290b999dcf6579bb
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sat Aug 7 00:12:09 2021 +0000
+Date:   Sun Dec 19 22:14:12 2021 +0000
 
-    upstream: make scp(1) in SFTP mode follow symlinks like
+    upstream: document destination-constrained keys
     
-    traditional scp(1) ok markus@
+    feedback / ok markus@
     
-    OpenBSD-Commit-ID: 97255e55be37e8e26605e4ba1e69f9781765d231
+    OpenBSD-Commit-ID: cd8c526c77268f6d91c06adbee66b014d22d672e
 
-commit 133b44e500422df68c9c25c3b6de35c0263132f1
+commit a6d7677c4abcfba268053e5867f2acabe3aa371b
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sat Aug 7 00:10:49 2021 +0000
+Date:   Sun Dec 19 22:13:55 2021 +0000
 
-    upstream: fix incorrect directory permissions on scp -3
+    upstream: Use hostkey parsed from hostbound userauth request
     
-    transfers; ok markus@
+    Require host-bound userauth requests for forwarded SSH connections.
     
-    OpenBSD-Commit-ID: 64b2abaa5635a2be65ee2e77688ad9bcebf576c2
+    The hostkey parsed from the host-bound userauth request is now checked
+    against the most recently bound session ID / hostkey on the agent socket
+    and the signature refused if they do not match.
+    
+    ok markus@
+    
+    OpenBSD-Commit-ID: d69877c9a3bd8d1189a5dbdeceefa432044dae02
 
-commit 98b59244ca10e62ff67a420856770cb700164f59
+commit baaff0ff4357cc5a079621ba6e2d7e247b765061
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sat Aug 7 00:09:57 2021 +0000
+Date:   Sun Dec 19 22:13:33 2021 +0000
 
-    upstream: a bit more debugging of file attributes being
+    upstream: agent support for parsing hostkey-bound signatures
     
-    sent/received over the wire
+    Allow parse_userauth_request() to work with blobs from
+    publickey-hostbound-v00@openssh.com userauth attempts.
     
-    OpenBSD-Commit-ID: f68c4e207b08ef95200a8b2de499d422808e089b
+    Extract hostkey from these blobs.
+    
+    ok markus@
+    
+    OpenBSD-Commit-ID: 81c064255634c1109477dc65c3e983581d336df8
 
-commit c677e65365d6f460c084e41e0c4807bb8a9cf601
+commit 3e16365a79cdeb2d758cf1da6051b1c5266ceed7
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sat Aug 7 00:08:52 2021 +0000
+Date:   Sun Dec 19 22:13:12 2021 +0000
 
-    upstream: make scp(1) in SFTP mode output better match original
+    upstream: EXT_INFO negotiation of hostbound pubkey auth
     
-    scp(1) by suppressing "Retrieving [path]" lines that were emitted to support
-    the interactive sftp(1) client. ok markus@
+    the EXT_INFO packet gets a new publickey-hostbound@openssh.com to
+    advertise the hostbound public key method.
     
-    OpenBSD-Commit-ID: 06be293df5f156a18f366079be2f33fa68001acc
+    Client side support to parse this feature flag and set the kex->flags
+    indicator if the expected version is offered (currently "0").
+    
+    ok markus@
+    
+    OpenBSD-Commit-ID: 4cdb2ca5017ec1ed7a9d33bda95c1d6a97b583b0
 
-commit 48cd39b7a4e5e7c25101c6d1179f98fe544835cd
+commit 94ae0c6f0e35903b695e033bf4beacea1d376bb1
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sat Aug 7 00:07:18 2021 +0000
+Date:   Sun Dec 19 22:12:54 2021 +0000
 
-    upstream: factor out a structure duplicated between downloading
+    upstream: client side of host-bound pubkey authentication
     
-    and crossloading; ok markus@
+    Add kex->flags member to enable the publickey-hostbound-v00@openssh.com
+    authentication method.
     
-    OpenBSD-Commit-ID: 96eede24d520569232086a129febe342e4765d39
+    Use the new hostbound method in client if the kex->flags flag was set,
+    and include the inital KEX hostkey in the userauth request.
+    
+    Note: nothing in kex.c actually sets the new flag yet
+    
+    ok markus@
+    
+    OpenBSD-Commit-ID: 5a6fce8c6c8a77a80ee1526dc467d91036a5910d
 
-commit 318c06bb04ee21a0cfa6b6022a201eacaa53f388
+commit 288fd0218dbfdcb05d9fbd1885904bed9b6d42e6
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sat Aug 7 00:06:30 2021 +0000
+Date:   Sun Dec 19 22:12:30 2021 +0000
 
-    upstream: use sftp_client crossloading to implement scp -3
+    upstream: sshd side of hostbound public key auth
     
-    feedback/ok markus@
+    This is identical to the standard "publickey" method, but it also includes
+    the initial server hostkey in the message signed by the client.
     
-    OpenBSD-Commit-ID: 7db4c0086cfc12afc9cfb71d4c2fd3c7e9416ee9
+    feedback / ok markus@
+    
+    OpenBSD-Commit-ID: 7ea01bb7238a560c1bfb426fda0c10a8aac07862
 
-commit de7115b373ba0be3861c65de9b606a3e0e9d29a3
+commit dbb339f015c33d63484261d140c84ad875a9e548
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sat Aug 7 00:02:41 2021 +0000
+Date:   Sun Dec 19 22:12:07 2021 +0000
 
-    upstream: support for "cross"-loading files/directories, i.e.
+    upstream: prepare for multiple names for authmethods
     
-    downloading from one SFTP server while simultaneously uploading to another.
+    allow authentication methods to have one additional name beyond their
+    primary name.
     
-    feedback & ok markus@
+    allow lookup by this synonym
     
-    OpenBSD-Commit-ID: 3982878e29d8df0fa4ddc502f5ff6126ac714235
+    Use primary name for authentication decisions, e.g. for
+    PermitRootLogin=publickey
+    
+    Pass actual invoked name to the authmethods, so they can tell whether they
+    were requested via the their primary name or synonym.
+    
+    ok markus@
+    
+    OpenBSD-Commit-ID: 9e613fcb44b8168823195602ed3d09ffd7994559
 
-commit a50bd0367ff2063bbc70a387740a2aa6914de094
+commit 39f00dcf44915f20684160f0a88d3ef8a3278351
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sat Aug 7 00:01:29 2021 +0000
+Date:   Sun Dec 19 22:11:39 2021 +0000
 
-    upstream: factor our SSH2_FXP_OPEN calls into their own function;
+    upstream: ssh-agent side of destination constraints
     
-    "looks fine" markus@
+    Gives ssh-agent the ability to parse restrict-destination-v00@openssh.com
+    constraints and to apply them to keys.
     
-    OpenBSD-Commit-ID: d3dea2153f08855c6d9dacc01973248944adeffb
+    Check constraints against the hostkeys recorded for a SocketEntry when
+    attempting a signature, adding, listing or deleting keys. Note that
+    the "delete all keys" request will remove constrained keys regardless of
+    location.
+    
+    feedback Jann Horn & markus@
+    ok markus@
+    
+    OpenBSD-Commit-ID: 84a7fb81106c2d609a6ac17469436df16d196319
 
-commit e3c0ba05873cf3d3f7d19d595667a251026b2d84
+commit ce943912df812c573a33d00bf9e5435b7fcca3f7
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sat Aug 7 00:00:33 2021 +0000
+Date:   Sun Dec 19 22:11:06 2021 +0000
 
-    upstream: prepare for scp -3 implemented via sftp
+    upstream: ssh-add side of destination constraints
     
-    OpenBSD-Commit-ID: 194aac0dd87cb175334b71c2a30623a5ad55bb44
+    Have ssh-add accept a list of "destination constraints" that allow
+    restricting where keys may be used in conjunction with a ssh-agent/ssh
+    that supports session ID/hostkey binding.
+    
+    Constraints are specified as either "[user@]host-pattern" or
+    "host-pattern>[user@]host-pattern".
+    
+    The first form permits a key to be used to authenticate as the
+    specified user to the specified host.
+    
+    The second form permits a key that has previously been permitted
+    for use at a host to be available via a forwarded agent to an
+    additional host.
+    
+    For example, constraining a key with "user1@host_a" and
+    "host_a>host_b". Would permit authentication as "user1" at
+    "host_a", and allow the key to be available on an agent forwarded
+    to "host_a" only for authentication to "host_b". The key would not
+    be visible on agent forwarded to other hosts or usable for
+    authentication there.
+    
+    Internally, destination constraints use host keys to identify hosts.
+    The host patterns are used to obtain lists of host keys for that
+    destination that are communicated to the agent. The user/hostkeys are
+    encoded using a new restrict-destination-v00@openssh.com key
+    constraint.
+    
+    host keys are looked up in the default client user/system known_hosts
+    files. It is possible to override this set on the command-line.
+    
+    feedback Jann Horn & markus@
+    ok markus@
+    
+    OpenBSD-Commit-ID: 6b52cd2b637f3d29ef543f0ce532a2bce6d86af5
 
-commit 395d8fbdb094497211e1461cf0e2f80af5617e0a
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Aug 6 09:00:18 2021 +0000
+commit 5e950d765727ee0b20fc3d2cbb0c790b21ac2425
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Dec 19 22:10:24 2021 +0000
 
-    upstream: Make diff invocation more portable.
+    upstream: ssh-add side of destination constraints
     
-    POSIX does not require diff to have -N, so compare in both directions
-    with just -r, which should catch missing files in either directory.
+    Have ssh-add accept a list of "destination constraints" that allow
+    restricting where keys may be used in conjunction with a ssh-agent/ssh
+    that supports session ID/hostkey binding.
     
-    OpenBSD-Regress-ID: 0e2ec8594556a6f369ed5a0a90c6806419b845f7
+    Constraints are specified as either "[user@]host-pattern" or
+    "host-pattern>[user@]host-pattern".
+    
+    The first form permits a key to be used to authenticate as the
+    specified user to the specified host.
+    
+    The second form permits a key that has previously been permitted
+    for use at a host to be available via a forwarded agent to an
+    additional host.
+    
+    For example, constraining a key with "user1@host_a" and
+    "host_a>host_b". Would permit authentication as "user1" at
+    "host_a", and allow the key to be available on an agent forwarded
+    to "host_a" only for authentication to "host_b". The key would not
+    be visible on agent forwarded to other hosts or usable for
+    authentication there.
+    
+    Internally, destination constraints use host keys to identify hosts.
+    The host patterns are used to obtain lists of host keys for that
+    destination that are communicated to the agent. The user/hostkeys are
+    encoded using a new restrict-destination-v00@openssh.com key
+    constraint.
+    
+    host keys are looked up in the default client user/system known_hosts
+    files. It is possible to override this set on the command-line.
+    
+    feedback Jann Horn & markus@
+    ok markus@
+    
+    OpenBSD-Commit-ID: ef47fa9ec0e3c2a82e30d37ef616e245df73163e
 
-commit d247a73ce27b460138599648d9c637c6f2b77605
+commit 4c1e3ce85e183a9d0c955c88589fed18e4d6a058
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Aug 4 21:28:00 2021 +0000
+Date:   Sun Dec 19 22:09:23 2021 +0000
 
-    upstream: regression test for scp -3
+    upstream: ssh-agent side of binding
     
-    OpenBSD-Regress-ID: b44375d125c827754a1f722ec6b6b75b634de05d
+    record session ID/hostkey/forwarding status for each active socket.
+    
+    Attempt to parse data-to-be-signed at signature request time and extract
+    session ID from the blob if it is a pubkey userauth request.
+    
+    ok markus@
+    
+    OpenBSD-Commit-ID: a80fd41e292b18b67508362129e9fed549abd318
 
-commit 35c8e41a6f6d8ad76f8d1cd81ac2ea23d0d993b2
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Aug 6 05:04:42 2021 +0000
+commit e9497ecf73f3c16667288bce48d4e3d7e746fea1
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Dec 19 22:08:48 2021 +0000
 
-    upstream: Document "ProxyJump none". bz#3334.
+    upstream: ssh client side of binding
     
-    OpenBSD-Commit-ID: f78cc6f55731f2cd35c3a41d5352ac1ee419eba7
+    send session ID, hostkey, signature and a flag indicating whether the
+    agent connection is being forwarded to ssh agent each time a connection
+    is opened via a new "session-bind@openssh.com" agent extension.
+    
+    ok markus@
+    
+    OpenBSD-Commit-ID: 2f154844fe13167d3ab063f830d7455fcaa99135
 
-commit 911ec6411821bda535d09778df7503b92f0eafab
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Wed Aug 4 01:34:55 2021 +0000
+commit b42c61d6840d16ef392ed0f365e8c000734669aa
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Dec 19 22:08:06 2021 +0000
 
-    upstream: Allow for different (but POSIX compliant) behaviour of
+    upstream: Record session ID, host key and sig at intital KEX
     
-    basename(3) and prevent a use-after-free in that case in the new sftp-compat
-    code.
-    
-    POSIX allows basename(3) to either return a pointer to static storage
-    or modify the passed string and return a pointer to that.  OpenBSD does
-    the former and works as is, but on other platforms "filename" points
-    into "tmp" which was just freed.  This makes the freeing of tmp
-    consistent with the other variable in the loop.
+    These will be used later for agent session ID / hostkey binding
     
-    Pinpointed by the -portable Valgrind regress test.  ok djm@ deraadt@
+    ok markus@
     
-    OpenBSD-Commit-ID: 750f3c19bd4440e4210e30dd5d7367386e833374
+    OpenBSD-Commit-ID: a9af29e33772b18e3e867c6fa8ab35e1694a81fe
 
-commit 6df1fecb5d3e51f3a8027a74885c3a44f6cbfcbd
-Author: Damien Miller <djm@mindrot.org>
-Date:   Wed Aug 4 11:05:11 2021 +1000
+commit 26ca33d186473d58a32d812e19273ce078b6ffff
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Dec 7 22:06:45 2021 +0000
 
-    use openbsd-compat glob.h is required
+    upstream: better error message for FIDO keys when we can't match
+    
+    them to a token
+    
+    OpenBSD-Commit-ID: 58255c2a1980088f4ed144db67d879ada2607650
 
-commit 9ebd1828881dfc9014a344587934a5ce7db6fa1b
+commit adb0ea006d7668190f0c42aafe3a2864d352e34a
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Tue Aug 3 21:03:23 2021 +1000
+Date:   Wed Dec 15 10:50:33 2021 +1100
 
-    Missing space between macro arg and punctuation.
+    Correct value for IPTOS_DSCP_LE.
     
-    From jmc@
+    It needs to allow for the preceeding two ECN bits.  From daisuke.higashi
+    at gmail.com via OpenSSH bz#3373, ok claudio@, job@, djm@.
 
-commit 0fd3f62eddc7cf54dcc9053be6f58998f3eb926a
+commit 3dafd3fe220bd9046f11fcf5191a79ec8800819f
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Tue Aug 3 21:02:33 2021 +1000
+Date:   Fri Dec 10 11:57:30 2021 +1100
 
-    Avoid lines >80 chars.  From jmc@
+    Increase timeout for test step.
 
-commit af5d8094d8b755e1daaf2e20ff1dc252800b4c9b
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Aug 3 01:05:24 2021 +0000
+commit 5aefb05cd5b843e975b191d6ebb7ddf8de35c112
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Dec 10 10:27:27 2021 +1100
 
-    upstream: regression tests for scp SFTP protocol support; mostly by
+    Update the list of tests that don't work on Minix.
     
-    Jakub Jelen in GHPR#194 ok markus
+    While there, remove CC (configure will now find clang) and make the test
+    list easier to update via cut and paste.
+
+commit 1c09bb1b2e207d091cec299c49416c23d24a1b31
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Dec 10 10:12:57 2021 +1100
+
+    Add minix host tuple.
     
-    OpenBSD-Regress-ID: 36f1458525bcb111741ec8547eaf58b13cddc715
+    Define SETEUID_BREAKS_SETUID for it which should make privsep work.
 
-commit e4673b7f67ae7740131a4ecea29a846593049a91
-Author: anton@openbsd.org <anton@openbsd.org>
-Date:   Thu Jul 29 15:34:09 2021 +0000
+commit a2188579032cf080213a78255373263466cb90cc
+Author: jsg@openbsd.org <jsg@openbsd.org>
+Date:   Sun Dec 5 12:28:27 2021 +0000
 
-    upstream: Treat doas with arguments as a valid SUDO variable.
+    upstream: fix unintended sizeof pointer in debug path ok markus@
     
-    Allows one to specify SUDO="doas -n" which I do while running make regress.
+    OpenBSD-Commit-ID: b9c0481ffc0cd801e0840e342e6a282a85aac93c
+
+commit da40355234068c82f1a36196f2d18dd2d81aaafd
+Author: naddy@openbsd.org <naddy@openbsd.org>
+Date:   Sat Dec 4 00:05:39 2021 +0000
+
+    upstream: RSA/SHA-1 is not used by default anymore on the server
     
-    ok dtucker@
+    OpenBSD-Commit-ID: 64abef6cfc3e53088225f6b8a1dcd86d52dc8353
+
+commit e9c71498a083a8b502aa831ea931ce294228eda0
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Dec 2 23:45:36 2021 +0000
+
+    upstream: hash full host:port when asked to hash output, fixes hashes
     
-    OpenBSD-Regress-ID: 4fe5814b5010dbf0885500d703bea06048d11005
+    for non- default ports. bz3367 ok dtucker@
+    
+    OpenBSD-Commit-ID: 096021cc847da7318ac408742f2d0813ebe9aa73
 
-commit 197e29f1cca190d767c4b2b63a662f9a9e5da0b3
+commit b5601202145a03106012c22cb8980bcac2949f0b
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Aug 2 23:38:27 2021 +0000
+Date:   Thu Dec 2 23:23:13 2021 +0000
 
-    upstream: support for using the SFTP protocol for file transfers in
+    upstream: improve the testing of credentials against inserted FIDO
     
-    scp, via a new "-M sftp" option. Marked as experimental for now.
+    keys a little more: ask the token whether a particular key belongs to it in
+    cases where the token support on-token user- verification (e.g. biometrics)
+    rather than just assuming that it will accept it.
     
-    Some corner-cases exist, in particular there is no attempt to
-    provide bug-compatibility with scp's weird "double shell" quoting
-    rules.
+    Will reduce spurious "Confirm user presence" notifications for key
+    handles that relate to FIDO keys that are not currently inserted in at
+    least some cases.
     
-    Mostly by Jakub Jelen in GHPR#194 with some tweaks by me. ok markus@
-    Thanks jmc@ for improving the scp.1 bits.
+    Motivated by bz3366; by Pedro Martelletto
     
-    OpenBSD-Commit-ID: 6ce4c9157ff17b650ace571c9f7793d92874051c
+    OpenBSD-Commit-ID: ffac7f3215842397800e1ae2e20229671a55a63d
 
-commit dd533c7ab79d61a7796b77b64bd81b098e0d7f9f
-Author: jmc@openbsd.org <jmc@openbsd.org>
-Date:   Fri Jul 30 14:28:13 2021 +0000
+commit ca709e27c41c90f4565b17282c48dca7756e083c
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Dec 2 22:40:05 2021 +0000
 
-    upstream: fix a formatting error and add some Xr; from debian at
-    
-    helgefjell de
+    upstream: move check_sk_options() up so we can use it earlier
     
-    removed references to rlogin etc. as no longer relevant;
-    suggested by djm
+    OpenBSD-Commit-ID: 67fe98ba1c846d22035279782c4664c1865763b4
+
+commit b711bc01a7ec76bb6a285730990cbce9b8ca5773
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Thu Dec 2 22:35:05 2021 +0000
+
+    upstream: ssh-rsa is no longer in the default for
     
-    ok djm dtucker
+    PubkeyAcceptedAlgorithms.
     
-    OpenBSD-Commit-ID: 3c431c303068d3aec5bb18573a0bd5e0cd77c5ae
+    OpenBSD-Commit-ID: 34a9e1bc30966fdcc922934ae00f09f2596cd73c
 
-commit c7cd347a8823819411222c1e10a0d26747d0fd5c
-Author: jmc@openbsd.org <jmc@openbsd.org>
-Date:   Fri Jul 30 14:25:01 2021 +0000
+commit dc91ceea33cd4a9f05be953e8d8062f732db5c8a
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Dec 2 02:44:44 2021 +0000
 
-    upstream: fix a formatting error and mark up known_hosts
-    
-    consistently; issues reported by debian at helgefjell de
+    upstream: don't put the tty into raw mode when SessionType=none, avoids
     
-    ok djm dtucker
+    ^c being unable to kill such a session. bz3360; ok dtucker@
     
-    OpenBSD-Commit-ID: a1fd8d21dc77f507685443832df0c9700481b0ce
+    OpenBSD-Commit-ID: 83960c433052303b643b4c380ae2f799ac896f65
 
-commit 4455aec2e4fc90f64ae4fc47e78ebc9c18721738
-Author: jmc@openbsd.org <jmc@openbsd.org>
-Date:   Wed Jul 28 05:57:42 2021 +0000
+commit e6e7d2654a13ba10141da7b42ea683ea4eeb1f38
+Author: Damien Miller <djm@mindrot.org>
+Date:   Mon Nov 29 14:11:03 2021 +1100
 
-    upstream: no need to talk about version 2 with the -Q option, so
+    previous commit broke bcrypt_pbkdf()
     
-    rewrite the text to read better;
+    Accidentally reverted part of the conversion to use SHA512 from SUPERCOP
+    instead of OpenBSD-style libc SHA512.
+
+commit c0459588b8d00b73e506c6095958ecfe62a4a7ba
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Mon Nov 29 14:03:19 2021 +1100
+
+    Fix typo in Neils' name.
+
+commit 158bf854e2a22cf09064305f4a4e442670562685
+Author: Damien Miller <djm@mindrot.org>
+Date:   Mon Nov 29 12:30:22 2021 +1100
+
+    sync bcrypt-related files with OpenBSD
     
-    issue reported by debian at helgefjell de
-    ok djm dtucker
+    The main change is that Niels Provos kindly agreed to rescind the
+    BSD license advertising clause, shifting them to the 3-term BSD
+    license.
     
-    OpenBSD-Commit-ID: 59fe2e8219c37906740ad062e0fdaea487dbe9cf
+    This was the last thing in OpenSSH that used the advertising clause.
 
-commit bec429338e9b30d2c7668060e82608286a8a4777
-Author: jmc@openbsd.org <jmc@openbsd.org>
-Date:   Tue Jul 27 14:28:46 2021 +0000
+commit e8976d92a42883ff6b8991438f07df60c2c0d82d
+Author: Damien Miller <djm@mindrot.org>
+Date:   Mon Nov 29 12:29:29 2021 +1100
 
-    upstream: word fix; reported by debian at helgefjell de
-    
-    OpenBSD-Commit-ID: 0c6fd22142422a25343c5bd1a618f31618f41ece
+    depend
 
-commit efad4deb5a1f1cf79ebefd63c6625059060bfbe1
-Author: jmc@openbsd.org <jmc@openbsd.org>
-Date:   Tue Jul 27 14:14:25 2021 +0000
+commit 8249afeec013e557fe7491a72ca3285de03e25b1
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Nov 28 07:21:26 2021 +0000
 
-    upstream: standardise the grammar in the options list; issue
-    
-    reported by debian at helgefjell de
+    upstream: sshsig: return "key not found" when searching empty files
     
-    ok dtucker djm
+    rather than "internal error"
     
-    OpenBSD-Commit-ID: 7ac15575045d82f4b205a42cc7d5207fe4c3f8e6
+    OpenBSD-Commit-ID: e2ccae554c78d7a7cd33fc5d217f35be7e2507ed
 
-commit 1e11fb24066f3fc259ee30db3dbb2a3127e05956
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Mon Aug 2 18:56:29 2021 +1000
+commit 9e3227d4dbb5ad9c9091b4c14982cab4bba87b4d
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Nov 28 07:15:10 2021 +0000
 
-    Check for RLIMIT_NOFILE before trying to use it.
+    upstream: ssh-keygen -Y match-principals doesn't accept any -O
+    
+    options at present, so don't say otherwise in SYNOPSIS; spotted jmc@
+    
+    OpenBSD-Commit-ID: 9cc43a18f4091010741930b48b3db2f2e4f1d35c
 
-commit 0f494236b49fb48c1ef33669f14822ca4f3ce2f4
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Tue Jul 27 17:45:34 2021 +1000
+commit 56db1f4a4cf5039fc3b42e84c4b16291fdff32b1
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Nov 28 07:14:29 2021 +0000
 
-    lastenv is only used in setenv.
+    upstream: fix indenting in last commit
     
-    Prevents an unused variable warning on platforms that have setenv but
-    not unsetenv.
+    OpenBSD-Commit-ID: 8b9ba989815d0dec1fdf5427a4a4b58eb9cac4d2
 
-commit a1f78e08bdb3eaa88603ba3c6e01de7c8671e28a
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Mon Jul 26 12:45:30 2021 +1000
+commit 50bea24a9a9bdebad327c76e700def3261f5694e
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Nov 28 07:10:18 2021 +0000
 
-    Move SUDO to "make test" command line.
+    upstream: missing initialisation for oerrno
     
-    Environment variables don't get passed by vmrun, so move to command
-    line.
+    OpenBSD-Commit-ID: 05d646bba238080259bec821c831a6f0b48d2a95
 
-commit 02e624273b9c78a49a01239159b8c09b8409b1a0
+commit 5a0f4619041d09cd29f3a08da41db5040372bdd1
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Sun Jul 25 23:26:36 2021 +1000
+Date:   Sun Nov 28 15:31:37 2021 +1100
 
-    Set SUDO for tests and cleanup.
+    Correct ifdef to activate poll() only if needed.
 
-commit 460ae5d93051bab70239ad823dd784822d58baad
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Sun Jul 25 22:37:55 2021 +1000
+commit d4035c81a71237f690edd7eda32bef7d63fd9528
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Nov 27 07:23:35 2021 +0000
 
-    Pass OPENSSL=no to make tests too.
+    upstream: whitespac e
+    
+    OpenBSD-Regress-ID: b9511d41568056bda489e13524390167889908f8
 
-commit b398f499c68d74ebe3298b73757cf3f36e14e0cb
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Sun Jul 25 12:27:37 2021 +0000
+commit a443491e6782ef0f5a8bb87a5536c8ee4ff233a1
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Nov 27 07:20:58 2021 +0000
 
-    upstream: Skip unit and makefile-based key conversion tests when
+    upstream: regression test for match-principals. Mostly by Fabian
     
-    we're building with OPENSSL=no.
+    Stelzer
     
-    OpenBSD-Regress-ID: 20455ed9a977c93f846059d1fcb48e29e2c8d732
+    OpenBSD-Regress-ID: ced0bec89af90935103438986bbbc4ad1df9cfa7
 
-commit 727ce36c8c5941bde99216d27109405907caae4f
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Sun Jul 25 12:13:03 2021 +0000
+commit 78230b3ec8cbabc1e7de68732dc5cbd4837c6675
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Nov 27 07:14:46 2021 +0000
 
-    upstream: Replace OPENSSL as the variable that points to the
+    upstream: Add ssh-keygen -Y match-principals operation to perform
     
-    openssl binary with OPENSSL_BIN.  This will allow us to use the OPENSSL
-    variable from mk.conf or the make(1) command line indicating if we're
-    building with our without OpenSSL, and ultimately get the regress tests
-    working in the OPENSSL=no configuration.
+    matching of principals names against an allowed signers file.
     
-    OpenBSD-Regress-ID: 2d788fade3264d7803e5b54cae8875963f688c4e
-
-commit 55e17101a9075f6a63af724261c5744809dcb95c
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Sat Jul 24 02:57:28 2021 +0000
-
-    upstream: Skip RFC4716 format import and export tests when built
+    Requested by and mostly written by Fabian Stelzer, towards a TOFU
+    model for SSH signatures in git. Some tweaks by me.
     
-    without OpenSSL.
+    "doesn't bother me" deraadt@
     
-    OpenBSD-Regress-ID: d2c2d5d38c1acc2b88cc99cfe00a2eb8bb39dfa4
+    OpenBSD-Commit-ID: 8d1b71f5a4127bc5e10a880c8ea6053394465247
 
-commit f5ccb5895d39cd627ad9e7b2c671d2587616100d
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Sat Jul 24 02:51:14 2021 +0000
+commit 15db86611baaafb24c40632784dabf82e3ddb1a7
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Nov 25 23:02:24 2021 +0000
 
-    upstream: Don't omit ssh-keygen -y from usage when built without
-    
-    OpenSSL.  It is actually available, albeit only for ed25519 keys.
+    upstream: debug("func: ...") -> debug_f("...")
     
-    OpenBSD-Commit-ID: 7a254c33d0e6a55c30c6b016a8d298d3cb7a7674
+    OpenBSD-Commit-ID: d58494dc05c985326a895adfbe16fbd5bcc54347
 
-commit 819d57ac23469f1f03baa8feb38ddefbada90fdc
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Sat Jul 24 02:08:13 2021 +0000
+commit b7ffbb17e37f59249c31f1ff59d6c5d80888f689
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Nov 19 18:53:46 2021 +1100
 
-    upstream: Exclude key conversion options from usage when built
-    
-    without OpenSSL since those are not available, similar to what we currently
-    do with the moduli screening options.  We can also use this to skip the
-    conversion regression tests in this case.
+    Allow for fd = -1 in compat ppoll overflow check.
     
-    OpenBSD-Commit-ID: 3c82caa398cf99cd4518c23bba5a2fc66b16bafe
+    Fixes tests on at least FreeBSD 6, possibly others.
 
-commit b6673b1d2ee90b4690ee84f634efe40225423c38
+commit 04b172da5b96a51b0d55c905b423ababff9f4e0b
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Sat Jul 24 13:02:51 2021 +1000
+Date:   Fri Nov 19 16:01:51 2021 +1100
 
-    Test OpenBSD upstream with and without OpenSSL.
+    Don't auto-enable Capsicum sandbox on FreeBSD 9/10.
+    
+    Since we changed from select() to ppoll() tests have been failing.
+    This seems to be because FreeBSD 10 (and presumably 9) do not allow
+    ppoll() in the privsep process and sshd will fail with "Not permitted in
+    capability mode".  Setting CAP_EVENT on the FDs doesn't help, but weirdly,
+    poll() works without that.  Those versions are EOL so this situation is
+    unlikely to change.
 
-commit 9d38074b5453c1abbdf888e80828c278d3b886ac
+commit a823f39986e7b879f26412e64c15630e1cfa0dc5
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sat Jul 24 01:54:23 2021 +0000
+Date:   Thu Nov 18 03:53:48 2021 +0000
 
-    upstream: test for first-match-wins in authorized_keys environment=
+    upstream: regression test for ssh-keygen -Y find-principals fix; from
     
-    options
+    Fabian Stelzer ok djm markus
     
-    OpenBSD-Regress-ID: 1517c90276fe84b5dc5821c59f88877fcc34c0e8
+    OpenBSD-Regress-ID: 34fe4088854c1a2eb4c0c51cc4676ba24096bac4
 
-commit 2b76f1dd19787e784711ea297ad8fc938b4484fd
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Jul 23 05:53:02 2021 +0000
+commit 199c4df66c0e39dd5c3333b162af274678c0501d
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Nov 18 21:32:11 2021 +0000
 
-    upstream: Simplify keygen-convert by using $SSH_KEYTYPES directly.
+    upstream: less confusing debug message; bz#3365
     
-    OpenBSD-Regress-ID: cdbe408ec3671ea9ee9b55651ee551370d2a4108
+    OpenBSD-Commit-ID: 836268d3642c2cdc84d39b98d65837f5241e4a50
 
-commit 7d64a9fb587ba9592f027f7a2264226c713d6579
+commit 97f9b6e61316c97a32dad94b7a37daa9b5f6b836
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sat Jul 24 01:55:19 2021 +0000
+Date:   Thu Nov 18 21:11:01 2021 +0000
 
-    upstream: don't leak environment= variable when it is not the first
-    
-    match
+    upstream: avoid xmalloc(0) for PKCS#11 keyid for ECDSA keys (we
     
-    OpenBSD-Commit-ID: 7fbdc3dfe0032deaf003fd937eeb4d434ee4efe0
-
-commit db2130e2340bf923e41c791aa9cd27b9e926042c
-Author: jmc@openbsd.org <jmc@openbsd.org>
-Date:   Fri Jul 23 06:01:17 2021 +0000
-
-    upstream: punctuation;
+    already did this for RSA keys). Avoids fatal errors for PKCS#11 libraries
+    that return empty keyid, e.g. Microchip ATECC608B "cryptoauthlib"; bz#3364
     
-    OpenBSD-Commit-ID: 64be152e378c45975073ab1c07e0db7eddd15806
+    OpenBSD-Commit-ID: 054d4dc1d6a99a2e6f8eebc48207b534057c154d
 
-commit 03190d10980c6fc9124e988cb2df13101f266507
+commit c74aa0eb73bd1edf79947d92d9c618fc3424c4a6
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Jul 23 05:56:47 2021 +0000
+Date:   Thu Nov 18 03:50:41 2021 +0000
 
-    upstream: mention in comment that read_passphrase(..., RP_ALLOW_STDIN)
+    upstream: ssh-keygen -Y find-principals was verifying key validity
     
-    will try to use askpass first. bz3314
+    when using ca certs but not with simple key lifetimes within the allowed
+    signers file.
     
-    convert a couple of debug() -> debug_f() while here
+    Since it returns the first keys principal it finds this could
+    result in a principal with an expired key even though a valid
+    one is just below.
     
-    OpenBSD-Commit-ID: c7e812aebc28fcc5db06d4710e0f73613dee545c
+    patch from Fabian Stelzer; feedback/ok djm markus
+    
+    OpenBSD-Commit-ID: b108ed0a76b813226baf683ab468dc1cc79e0905
 
-commit 1653ece6832b2b304d46866b262d5f69880a9ec7
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Jul 23 05:07:16 2021 +0000
+commit d902d728dfd81622454260e23bc09d5e5a9a795e
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Thu Nov 18 23:44:07 2021 +1100
 
-    upstream: Test conversion of ed25519 and ecdsa keys too.
-    
-    OpenBSD-Regress-ID: 3676d2d00e58e0d6d37f2878f108cc2b83bbe4bb
+    Correct calculation of tv_nsec in poll().
 
-commit 8b7af02dcf9d2b738787efd27da7ffda9859bed2
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Jul 23 04:56:21 2021 +0000
+commit 21dd5a9a3fb35e8299a1fbcf8d506f1f6b752b85
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Thu Nov 18 23:11:37 2021 +1100
 
-    upstream: Add test for exporting pubkey from a passphrase-protected
-    
-    private key.
-    
-    OpenBSD-Regress-ID: da99d93e7b235fbd5b5aaa01efc411225e6ba8ac
+    Add compat implementation of ppoll using pselect.
 
-commit 441095d4a3e5048fe3c87a6c5db5bc3383d767fb
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Jul 23 03:54:55 2021 +0000
+commit b544ce1ad4afb7ee2b09f714aa63efffc73fa93a
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Thu Nov 18 23:05:34 2021 +1100
 
-    upstream: regression test for time-limited signature keys
-    
-    OpenBSD-Regress-ID: 2a6f3bd900dbee0a3c96f1ff23e032c93ab392bc
+    Put poll.h inside ifdef HAVE_POLL_H.
 
-commit 9e1882ef6489a7dd16b6d7794af96629cae61a53
+commit 875408270c5a7dd69ed5449e5d85bd7120c88f70
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Jul 23 05:24:02 2021 +0000
+Date:   Thu Nov 18 03:31:44 2021 +0000
 
-    upstream: note successful authentication method in final "Authenticated
-    
-    to ..." message and partial auth success messages (all at LogLevel=verbose)
-    ok dtucker@
+    upstream: check for POLLHUP wherever we check for POLLIN
     
-    OpenBSD-Commit-ID: 06834b89ceb89f8f16c5321d368a66c08f441984
+    OpenBSD-Commit-ID: 6aa6f3ec6b17c3bd9bfec672a917f003a76d93e5
 
-commit a917e973a1b90b40ff1e950df083364b48fc6c78
+commit 36b5e37030d35bbaa18ba56825b1af55971d18a0
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Jul 23 04:04:52 2021 +0000
+Date:   Thu Nov 18 03:07:59 2021 +0000
 
-    upstream: Add a ForkAfterAuthentication ssh_config(5) counterpart
+    upstream: fd leak in sshd listen loop error path; from Gleb
     
-    to the ssh(1) -f flag. Last part of GHPR231 from Volker Diels-Grabsch. ok
-    dtucker
+    Smirnoff
     
-    OpenBSD-Commit-ID: b18aeda12efdebe2093d55263c90fe4ea0bce0d3
+    OpenBSD-Commit-ID: a7a2be27a690a74bf2381bc16cea38e265657412
 
-commit e0c5088f1c96a145eb6ea1dee438010da78f9ef5
+commit b99498d0c93f1edd04857b318308a66b28316bd8
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Jul 23 04:00:59 2021 +0000
+Date:   Thu Nov 18 03:07:20 2021 +0000
 
-    upstream: Add a StdinNull directive to ssh_config(5) that allows
+    upstream: check for POLLHUP as well as POLLIN in sshd listen loop;
     
-    the config file to do the same thing as -n does on the ssh(1) commandline.
-    Patch from Volker Diels-Grabsch via GHPR231; ok dtucker
+    ok deraadt millert
     
-    OpenBSD-Commit-ID: 66ddf3f15c76796d4dcd22ff464aed1edd62468e
+    OpenBSD-Commit-ID: a4f1244c5a9c2b08dac4f3b1dc22e9d1dc60c587
 
-commit e3957e21ffdc119d6d04c0b1686f8e2fe052f5ea
+commit 1f3055d788e8cf80851eb1728b535d57eb0dba6a
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Jul 23 03:57:20 2021 +0000
+Date:   Thu Nov 18 03:06:03 2021 +0000
 
-    upstream: make authorized_keys environment="..." directives
+    upstream: check for POLLHUP as well as POLLIN, handle transient IO
     
-    first-match-wins and more strictly limit their maximum number; prompted by
-    OOM reported by OSS-fuzz (35470).
+    errors as well as half-close on the output side; ok deraadt millert
     
-    feedback and ok dtucker@
+    OpenBSD-Commit-ID: de5c5b9939a37476d256328cbb96305bdecf511e
+
+commit 9778a15fa6dbdac6a95bf15865c2688b4bd6944e
+Author: Damien Miller <djm@mindrot.org>
+Date:   Thu Nov 18 10:16:55 2021 +1100
+
+    adjust seccomp filter for select->poll conversion
     
-    OpenBSD-Commit-ID: 01f63fc10dcd995e7aed9c378ad879161af83121
+    Needed to add ppoll syscall but also to relax the fallback rlimit
+    sandbox. Linux poll() fails with EINVAL if npfds > RLIMIT_NOFILE,
+    so we have to allow a single fd in the rlimit.
 
-commit d0bb1ce731762c55acb95817df4d5fab526c7ecd
+commit fcd8d895bbb849c64f0aed934e3303d37f696f5d
+Author: Damien Miller <djm@mindrot.org>
+Date:   Thu Nov 18 10:16:44 2021 +1100
+
+    update depends
+
+commit 76292787a1e93e668f10e36b4bf59ce0ae28e156
+Author: Damien Miller <djm@mindrot.org>
+Date:   Thu Nov 18 09:26:20 2021 +1100
+
+    compat for timespecsub() and friends
+
+commit fd7e7de4ddb4399c7e929b44f2bbfc118eddfcf8
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Jul 23 03:37:52 2021 +0000
+Date:   Wed Nov 17 21:06:39 2021 +0000
 
-    upstream: Let allowed signers files used by ssh-keygen(1)
+    upstream: set num_listen_socks to 0 on close-all instead of -1,
     
-    signatures support key lifetimes, and allow the verification mode to specify
-    a signature time to check at. This is intended for use by git to support
-    signing objects using ssh keys. ok dtucker@
+    which interferes with the new poll()-based listen loop; spotted and debugged
+    by anton@+deraadt@
     
-    OpenBSD-Commit-ID: 3e2c67b7dcd94f0610194d1e8e4907829a40cf31
+    OpenBSD-Commit-ID: f7ab8ab124f615a2e0c45fee14c38d2f2abbabbd
 
-commit 44142068dc7ef783d135e91ff954e754d2ed432e
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Mon Jul 19 08:48:33 2021 +0000
+commit fd9343579afac30a971f06643a669733d9acb407
+Author: deraadt@openbsd.org <deraadt@openbsd.org>
+Date:   Sun Nov 14 18:47:43 2021 +0000
 
-    upstream: Use SUDO when setting up hostkey.
+    upstream: use ppoll() instead of pselect() with djm
     
-    OpenBSD-Regress-ID: 990cf4481cab8dad62e90818a9b4b36c533851a7
+    OpenBSD-Commit-ID: 980f87c9564d5d2ad55722b7a6f44f21284cd215
 
-commit 6b67f3f1d1d187597e54a139cc7785c0acebd9a2
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Mon Jul 19 05:08:54 2021 +0000
+commit 092d29b232ef1a19609a5316ed7e4d896bb2e696
+Author: deraadt@openbsd.org <deraadt@openbsd.org>
+Date:   Sun Nov 14 06:15:36 2021 +0000
 
-    upstream: Increase time margin for rekey tests. Should help
-    
-    reliability on very heavily loaded hosts.
+    upstream: match .events with .fd better
     
-    OpenBSD-Regress-ID: 4c28a0fce3ea89ebde441d7091464176e9730533
+    OpenBSD-Commit-ID: 77eef212ca0add905949532af390164489c5984b
 
-commit 7953e1bfce9e76bec41c1331a29bc6cff9d416b8
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Mon Jul 19 13:47:51 2021 +1000
+commit 8d642c9a90fa4ed5a3effd785fb3591e14de00cd
+Author: deraadt@openbsd.org <deraadt@openbsd.org>
+Date:   Sun Nov 14 03:25:10 2021 +0000
 
-    Add sshfp-connect.sh file missed in previous.
+    upstream: convert select() to poll() ok djm
+    
+    OpenBSD-Commit-ID: b53e4940ff10dd24f8d16e8db8ef1970015d7ead
 
-commit b75a80fa8369864916d4c93a50576155cad4df03
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Mon Jul 19 03:13:28 2021 +0000
+commit 6582a31c388968f4073af2bd8621880735c3d42b
+Author: deraadt@openbsd.org <deraadt@openbsd.org>
+Date:   Sat Nov 13 21:14:13 2021 +0000
 
-    upstream: Ensure that all returned SSHFP records for the specified host
+    upstream: replace select() with ppoll(), including converting
     
-    name and hostkey type match instead of only one.  While there, simplify the
-    code somewhat and add some debugging.  Based on discussion in bz#3322, ok
-    djm@.
+    timeval's to timespec's to make things easier. back and forth and ok; djm
     
-    OpenBSD-Commit-ID: 0a6a0a476eb7f9dfe8fe2c05a1a395e3e9b22ee4
+    OpenBSD-Commit-ID: 89d3b23c60875da919e7820f9de6213286ffbec9
 
-commit 1cc1fd095393663cd72ddac927d82c6384c622ba
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Mon Jul 19 02:21:50 2021 +0000
+commit 7c025c005550c86a40200a2bcdd355d09413d61a
+Author: deraadt@openbsd.org <deraadt@openbsd.org>
+Date:   Sat Nov 13 17:26:13 2021 +0000
 
-    upstream: Id sync only, -portable already has this.
+    upstream: It really looks like pledge "stdio dns" is possible
     
-    Put dh_set_moduli_file call inside ifdef WITH_OPENSSL. Fixes
-    build with OPENSSL=no.
+    earlier. Discussed with mestre
     
-    OpenBSD-Commit-ID: af54abbebfb12bcde6219a44d544e18204defb15
+    OpenBSD-Commit-ID: 610873de63a593e0ac7bbbcb7a0f2894d36f4c01
 
-commit 33abbe2f4153f5ca5c874582f6a7cc91ae167485
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Mon Jul 19 02:46:34 2021 +0000
+commit 06acb04c20ee483fe4757bd12aec870cc4bb1076
+Author: deraadt@openbsd.org <deraadt@openbsd.org>
+Date:   Fri Nov 12 05:23:49 2021 +0000
 
-    upstream: Add test for host key verification via SSHFP records. This
-    
-    requires some external setup to operate so is disabled by default (see
-    comments in sshfp-connect.sh).
+    upstream: aggressively pre-fill the pollfd array with fd=-1
     
-    OpenBSD-Regress-ID: c52c461bd1df3a803d17498917d156ef64512fd9
+    OpenBSD-Commit-ID: c2a525de8f83c1a04405bd79122c424140552a5b
 
-commit f0cd000d8e3afeb0416dce1c711c3d7c28d89bdd
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Mon Jul 19 02:29:28 2021 +0000
+commit 7eec76793dec06e8f06b6cf71f9473141c69d109
+Author: deraadt@openbsd.org <deraadt@openbsd.org>
+Date:   Thu Nov 11 15:32:32 2021 +0000
 
-    upstream: Add ed25519 key and test SSHFP export of it. Only test
+    upstream: Convert from select() to ppoll(). Along the way, I
     
-    RSA SSHFP export if we have RSA functionality compiled in.
+    observed that the select() code was using exceptfds incorrectly.. ok millert
     
-    OpenBSD-Regress-ID: b4ff5181b8c9a5862e7f0ecdd96108622333a9af
+    OpenBSD-Commit-ID: 548e05bfc31b2af02319eb3d051286d4128dec96
 
-commit 0075511e27e5394faa28edca02bfbf13b9a6693e
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Mon Jul 19 00:16:26 2021 +0000
+commit e665ed2d0c24fe11d5470ce72fa1e187377d3fc4
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Nov 12 22:55:27 2021 +1100
 
-    upstream: Group keygen tests together.
+    Switch from LibreSSL 3.4.0 to 3.4.1.
     
-    OpenBSD-Regress-ID: 07e2d25c527bb44f03b7c329d893a1f2d6c5c40c
+    The LibreSSL 3.4.0 release has an OPENBSD_BRANCH that points to
+    "master" and that branch no longer has the files LibreSSL expects
+    and thus it will no longer build, breaking the test.
 
-commit 034828820c7e62652e7c48f9ee6b67fb7ba6fa26
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Sun Jul 18 23:10:10 2021 +0000
+commit 21b6b5a06c8c53c548d25e6074c5240e88e2ef34
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Nov 10 06:29:25 2021 +0000
 
-    upstream: Add test for ssh-keygen printing of SSHFP records.
+    upstream: add the sntrup761x25519-sha512@openssh.com hybrid
     
-    OpenBSD-Regress-ID: fde9566b56eeb980e149bbe157a884838507c46b
+    ECDH/x25519 + Streamlined NTRU Prime post-quantum KEX to the default
+    KEXAlgorithms list (after the ECDH methods but before the prime-group DH
+    ones).
+    
+    ok markus@
+    
+    OpenBSD-Commit-ID: 22b77e27a04e497a10e22f138107579652854210
 
-commit 52c3b6985ef1d5dadb4c4fe212f8b3a78ca96812
+commit 239da797cbf07a640d7b1ea02d3f99ace3ef792d
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sat Jul 17 00:38:11 2021 +0000
+Date:   Wed Nov 10 06:25:08 2021 +0000
 
-    upstream: wrap some long lines
+    upstream: fix ssh-keysign for KEX algorithms that use SHA384/512
     
-    OpenBSD-Commit-ID: 4f5186b1466656762dae37d3e569438d900c350d
+    exchange hashes; feedback/ok markus@
+    
+    OpenBSD-Commit-ID: 09a8fda1c081f5de1e3128df64f28b7bdadee239
 
-commit 43ec991a782791d0b3f42898cd789f99a07bfaa4
+commit 6997a592ecb1013df0c6d7f8df3e6517827aef11
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sat Jul 17 00:36:53 2021 +0000
+Date:   Mon Nov 8 21:32:49 2021 +0000
 
-    upstream: fix sftp on ControlPersist connections, broken by recent
+    upstream: improve error message when trying to expand a ~user path
     
-    SessionType change; spotted by sthen@
+    for a user that doesn't exist; better matches what the shell does
     
-    OpenBSD-Commit-ID: 4c5ddc5698790ae6ff50d2a4f8f832f0eeeaa234
+    ok deraadt@
+    
+    OpenBSD-Commit-ID: 1ddefa3c3a78b69ce13d1b8f67bc9f2cefd23ad6
 
-commit 073f45c236550f158c9a94003e4611c07dea5279
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Jul 16 09:00:23 2021 +0000
+commit 10b899a15c88eb40eb5f73cd0fa84ef0966f79c9
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Wed Nov 10 12:34:25 2021 +1100
 
-    upstream: Explicitly check for and start time-based rekeying in the
+    Don't trust closefrom() on Linux.
     
-    client and server mainloops.
+    glibc's closefrom implementation does not work in a chroot when the kernel
+    does not have close_range.  It tries to read from /proc/self/fd and when
+    that fails dies with an assertion of sorts.  Instead, call close_range
+    ourselves from our compat code and fall back if that fails.  bz#3349,
+    with william.wilson at canonical.com and fweimer at redhat.com.
+
+commit eb1f63195a9a38b519536a5b398d9939261ec081
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Sat Nov 6 10:13:39 2021 +0000
+
+    upstream: Plug a couple of minor mem leaks. From beldmit at
     
-    Previously the rekey timeout could expire but rekeying would not start
-    until a packet was sent or received. This could cause us to spin in
-    select() on the rekey timeout if the connection was quiet.
+    gmail.com via github PR#283, ok markus@
     
-    ok markus@
+    OpenBSD-Commit-ID: ec1fa7d305d46226861c3ca6fb9c9beb2ada2892
+
+commit e4f501bf1d3b53f1cc23d9521fd7c5163307b760
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Nov 5 03:10:58 2021 +0000
+
+    upstream: move cert_filter_principals() to earlier in the file for
     
-    OpenBSD-Commit-ID: 4356cf50d7900f3df0a8f2117d9e07c91b9ff987
+    reuse; no code change
+    
+    OpenBSD-Commit-ID: 598fa9528b656b2f38bcc3cf5b6f3869a8c115cf
 
-commit ef7c4e52d5d840607f9ca3a302a4cbb81053eccf
-Author: jmc@openbsd.org <jmc@openbsd.org>
-Date:   Wed Jul 14 06:46:38 2021 +0000
+commit 59c60f96fee321c7f38f00372826d37f289534af
+Author: deraadt@openbsd.org <deraadt@openbsd.org>
+Date:   Wed Nov 3 22:00:56 2021 +0000
 
-    upstream: reorder SessionType; ok djm
+    upstream: Many downstreams expect ssh to compile as non-C99...
     
-    OpenBSD-Commit-ID: c7dd0b39e942b1caf4976a0b1cf0fed33d05418c
+    OpenBSD-Commit-ID: e6aa3e08bda68e5fb838fc8a49b1d2dfc38ee783
 
-commit 8aa2f9aeb56506dca996d68ab90ab9c0bebd7ec3
+commit 7a78fe63b0b28ef7231913dfefe9d08f9bc41c61
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Wed Jul 14 11:26:50 2021 +1000
+Date:   Sat Nov 6 21:07:03 2021 +1100
 
-    Make whitespace consistent.
+    Skip getline() on HP-UX 10.x.
+    
+    HP-UX 10.x has a getline() implementation in libc that does not behave
+    as we expect so don't use it.  With correction from Thorsten Glaser and
+    typo fix from Larkin Nickle.
 
-commit 4f4297ee9b8a39f4dfd243a74c5f51f9e7a05723
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Wed Jul 14 11:26:12 2021 +1000
+commit 343ae252ebb35c6ecae26b447bf1551a7666720e
+Author: Damien Miller <djm@mindrot.org>
+Date:   Wed Nov 3 12:08:21 2021 +1100
 
-    Add ARM64 Linux self-hosted runner.
+    basic SECURITY.md (refers people to the website)
 
-commit eda8909d1b0a85b9c3804a04d03ec6738fd9dc7f
+commit ed45a0168638319e0a710633f6085b96b9cec656
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Jul 13 23:48:36 2021 +0000
+Date:   Tue Nov 2 22:57:27 2021 +0000
 
-    upstream: add a SessionType directive to ssh_config, allowing the
+    upstream: crank SSH_SK_VERSION_MAJOR to match recent change in
     
-    configuration file to offer equivalent control to the -N (no session) and -s
-    (subsystem) command-line flags.
+    usr/bin/ssh
     
-    Part of GHPR#231 by Volker Diels-Grabsch with some minor tweaks;
-    feedback and ok dtucker@
+    OpenBSD-Regress-ID: 113d181c7e3305e138db9b688cdb8b0a0019e552
+
+commit f3c34df860c4c1ebddacb973954e58167d9dbade
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Nov 2 22:56:40 2021 +0000
+
+    upstream: Better handle FIDO keys on tokens that provide user
     
-    OpenBSD-Commit-ID: 726ee931dd4c5cc7f1d7a187b26f41257f9a2d12
+    verification (UV) on the device itself, including biometric keys.
+    
+    Query the token during key creation to determine whether it supports
+    on-token UV and, if so, clear the SSH_SK_USER_VERIFICATION_REQD flag
+    in the key so that ssh(1) doesn't automatically prompty for PIN later.
+    
+    When making signatures with the key, query the token's capabilities
+    again and check whether the token is able (right now) to perform user-
+    verification without a PIN. If it is then the PIN prompt is bypassed
+    and user verification delegated to the token. If not (e.g. the token
+    is biometric capable, but no biometric are enrolled), then fall back
+    to user verification via the usual PIN prompt.
+    
+    Work by Pedro Martelletto; ok myself and markus@
+    
+    NB. cranks SSH_SK_VERSION_MAJOR
+    
+    OpenBSD-Commit-ID: e318a8c258d9833a0b7eb0236cdb68b5143b2f27
 
-commit 7ae69f2628e338ba6e0eae7ee8a63bcf8fea7538
+commit 0328a081f38c09d2d4d650e94461a47fb5eef536
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Jul 12 02:12:22 2021 +0000
+Date:   Fri Oct 29 03:03:06 2021 +0000
 
-    upstream: fix some broken tests; clean up output
+    upstream: sshsig: add tests for signing key validity and
     
-    OpenBSD-Regress-ID: 1d5038edb511dc4ce1622344c1e724626a253566
+    find-principals
+    
+    - adds generic find-principals tests (this command had none before)
+    - tests certs with a timeboxed validity both with and without a
+     restriced lifetime for the CA
+    - test for a revoked CA cert
+    
+    by Fabian Stelzer
+    
+    OpenBSD-Regress-ID: 9704b2c6df5b8ccfbdf2c06c5431f5f8cad280c9
 
-commit f5fc6a4c3404bbf65c21ca6361853b33d78aa87e
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Mon Jul 12 18:00:05 2021 +1000
+commit ccd358e1e25e25c13f0825996283cbf7a1647a3b
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Oct 29 02:48:19 2021 +0000
 
-    Add configure-time detection for SSH_TIME_T_MAX.
+    upstream: avoid signedness warning; spotted in -portable
     
-    Should fix printing cert times exceeding INT_MAX (bz#3329) on platforms
-    were time_t is a long long.  The limit used is for the signed type, so if
-    some system has a 32bit unsigned time_t then the lower limit will still
-    be imposed and we would need to add some way to detect this.  Anyone using
-    an unsigned 64bit can let us know when it starts being a problem.
+    OpenBSD-Regress-ID: 4cacc126086487c0ea7f3d86b42dec458cf0d0c6
 
-commit fd2d06ae4442820429d634c0a8bae11c8e40c174
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Mon Jul 12 06:22:57 2021 +0000
+commit 2741f52beb11490d7033a25e56ed0496f0c78006
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Oct 29 03:20:46 2021 +0000
 
-    upstream: Make limit for time_t test unconditional in the
+    upstream: ssh-keygen: make verify-time argument parsing optional
     
-    format_absolute_time fix for bz#3329 that allows printing of timestamps past
-    INT_MAX. This was incorrectly included with the previous commit.   Based on
-    discussion with djm@.
+    From Fabian Stelzer
     
-    OpenBSD-Commit-ID: 835936f6837c86504b07cabb596b613600cf0f6e
+    OpenBSD-Commit-ID: 1ff35e4c366a45a073663df90381be6a8ef4d370
 
-commit 6c29b387cd64a57b0ec8ae7d2c8d02789d88fcc3
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Mon Jul 12 06:08:57 2021 +0000
+commit a1217d363b88b32cfe54c4f02c6c1cf4bdefdd23
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Oct 29 13:48:34 2021 +1100
 
-    upstream: Use existing format_absolute_time() function when
+    unbreak fuzz harness for recent changes
+
+commit 68e522ed8183587c9367fa3842c5b75f64f3d12b
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Oct 29 13:32:24 2021 +1100
+
+    Use -Wbitwise-instead-of-logical if supported.
+
+commit be28b23012aa3fa323be7ec84863cf238927c078
+Author: Damien Miller <djm@mindrot.org>
+Date:   Thu Oct 28 16:24:53 2021 +1100
+
+    use -Wmisleading-indentation cflag if available
     
-    printing cert validity instead of doing it inline.  Part of bz#3329.
+    ok dtucker@
+
+commit 2e6f5f24dd2f9217f4ab8b737ed428d5d5278f91
+Author: Damien Miller <djm@mindrot.org>
+Date:   Thu Oct 28 16:24:44 2021 +1100
+
+    depend
+
+commit a5ab4882348d26addc9830a44e053238dfa2cb58
+Author: Damien Miller <djm@mindrot.org>
+Date:   Thu May 6 10:08:30 2021 +1000
+
+    remove built-in support for md5crypt()
     
-    OpenBSD-Commit-ID: a13d4e3c4f59644c23745eb02a09b2a4e717c00c
+    Users of MD5-hashed password should arrange for ./configure to link
+    against libxcrypt or similar. Though it would be better to avoid use
+    of MD5 password hashing entirely, it's arguably worse than DEScrypt.
+    
+    feedback and ok dtucker@
 
-commit 99981d5f8bfa383791afea03f6bce8454e96e323
+commit c5de1fffa6328b8246b87da28fa9df05813f76a3
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Jul 9 09:55:56 2021 +0000
+Date:   Thu Oct 28 02:55:30 2021 +0000
 
-    upstream: silence redundant error message; reported by Fabian Stelzer
+    upstream: increment SSH_SK_VERSION_MAJOR to match last change
     
-    OpenBSD-Commit-ID: 9349a703016579a60557dafd03af2fe1d44e6aa2
+    OpenBSD-Regress-ID: 17873814d1cbda97f49c8528d7b5ac9cadf6ddc0
 
-commit e86097813419b49d5bff5c4b51d1c3a5d4d2d804
-Author: John Ericson <John.Ericson@Obsidian.Systems>
-Date:   Sat Dec 26 11:40:49 2020 -0500
+commit 0001d04e55802d5bd9d6dece1081a99aa4ba2828
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Oct 28 02:54:18 2021 +0000
 
-    Re-indent krb5 section after pkg-config addition.
+    upstream: When downloading resident keys from a FIDO token, pass
+    
+    back the user ID that was used when the key was created and append it to the
+    filename the key is written to (if it is not the default).
+    
+    Avoids keys being clobbered if the user created multiple
+    resident keys with the same application string but different
+    user IDs.
+    
+    feedback Pedro Martelletto; ok markus
+    
+    NB. increments SSH_SK_VERSION_MAJOR
+    
+    OpenBSD-Commit-ID: dbd658b5950f583106d945641a634bc6562dd3a3
 
-commit 32dd2daa56c294e40ff7efea482c9eac536d8cbb
-Author: John Ericson <John.Ericson@Obsidian.Systems>
-Date:   Sat Dec 26 11:40:49 2020 -0500
+commit d4bed5445646e605c383a4374fa962e23bf9e3a3
+Author: deraadt@openbsd.org <deraadt@openbsd.org>
+Date:   Sun Oct 24 21:24:17 2021 +0000
 
-    Support finding Kerberos via pkg-config
+    upstream: For open/openat, if the flags parameter does not contain
     
-    This makes cross compilation easier.
+    O_CREAT, the 3rd (variadic) mode_t parameter is irrelevant.  Many developers
+    in the past have passed mode_t (0, 044, 0644, or such), which might lead
+    future people to copy this broken idiom, and perhaps even believe this
+    parameter has some meaning or implication or application. Delete them all.
+    This comes out of a conversation where tb@ noticed that a strange (but
+    intentional) pledge behaviour is to always knock-out high-bits from mode_t on
+    a number of system calls as a safety factor, and his bewilderment that this
+    appeared to be happening against valid modes (at least visually), but no
+    sorry, they are all irrelevant junk.  They could all be 0xdeafbeef. ok
+    millert
+    
+    OpenBSD-Commit-ID: 503d11633497115688c0c6952686524f01f53121
 
-commit def7a72234d7e4f684d72d33a0f7229f9eee0aa4
+commit d575cf44895104e0fcb0629920fb645207218129
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Jul 9 14:34:06 2021 +1000
+Date:   Fri Oct 22 23:27:41 2021 +1100
 
-    Update comments about EGD to include prngd.
+    kitchensink test target now needs krb5.
 
-commit b5d23150b4e3368f4983fd169d432c07afeee45a
+commit 4ae39cada214e955bcfd3448ff28f0ed18886706
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Oct 22 22:54:33 2021 +1100
+
+    Test both MIT KRB5 and Heimdal.
+
+commit 22b2681d88619e5247dc53c9f112058a7e248d48
 Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Mon Jul 5 01:21:07 2021 +0000
+Date:   Fri Oct 22 10:51:57 2021 +0000
 
-    upstream: Fix a couple of whitespace things. Portable already has
+    upstream: Plug mem addrinfo mem leaks.
     
-    these so this removes two diffs between the two.
+    Prevent mem leaks in the (unlikely) event that getaddrinfo returns
+    no addresses.  ALso, remove an unneeded NULL check in addr_ntop. From
+    khaleesicodes via github PR#281, ok deraadt@
     
-    OpenBSD-Commit-ID: 769f017ebafd8e741e337b3e9e89eb5ac73c9c56
+    OpenBSD-Commit-ID: e8a5afc686376637c355c5f7e122dc4b080b9c1a
 
-commit 8f57be9f279b8e905f9883066aa633c7e67b31cf
+commit 27c8c343b610263f83ac2328735feeb881c6c92f
 Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Mon Jul 5 01:16:46 2021 +0000
+Date:   Fri Oct 22 09:22:04 2021 +0000
 
-    upstream: Order includes as per style(9). Portable already has
+    upstream: Remove unnecessary semicolons
     
-    these so this removes a handful of diffs between the two.
+    ... in case statements. From khaleesicodes via github PR#280.
     
-    OpenBSD-Commit-ID: 8bd7452d809b199c19bfc49511a798f414eb4a77
+    OpenBSD-Commit-ID: e1e89360b65775cff83e77ce040b342015caf4ed
 
-commit b75624f8733b3ed9e240f86cac5d4a39dae11848
+commit e7eb73b8d1fe1008d92433ea949491ce654bfaba
 Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Mon Jul 5 00:50:25 2021 +0000
+Date:   Fri Oct 22 09:19:34 2021 +0000
 
-    upstream: Remove comment referencing now-removed
+    upstream: Fix typos in comments.
     
-    RhostsRSAAuthentication.  ok djm@
+    From khaleesicodes via github PR#280.
     
-    OpenBSD-Commit-ID: 3d864bfbd99a1d4429a58e301688f3be464827a9
+    OpenBSD-Commit-ID: 26fdd83652c40f098bf7c685e8ebb9eb72cc45fc
 
-commit b67eb12f013c5441bb4f0893a97533582ad4eb13
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Jul 5 00:25:42 2021 +0000
+commit 052a9d8494175e24312daa6c132665e58c17fe6e
+Author: deraadt@openbsd.org <deraadt@openbsd.org>
+Date:   Fri Oct 15 14:46:46 2021 +0000
 
-    upstream: allow spaces to appear in usernames for local to remote,
+    upstream: switch scp(1) back to sftp protocol.
     
-    and scp -3 remote to remote copies. with & ok dtucker bz#1164
+    openbsd 7.0 release shipped with the (hopefully last) scp that uses RCP
+    protocol for copying.  Let's get back to testing the SFTP protocol.
     
-    OpenBSD-Commit-ID: e9b550f3a85ffbb079b6720833da31317901d6dd
+    OpenBSD-Commit-ID: 9eaa35d95fd547b78b0a043b3f518e135f151f30
 
-commit 8c4ef0943e574f614fc7c6c7e427fd81ee64ab87
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Jul 2 07:20:44 2021 +0000
+commit a07664646bf6d293f5bbd45a5de54f3c36bb85da
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Oct 22 14:00:05 2021 +1100
 
-    upstream: Remove obsolete comments about SSHv1 auth methods. ok
-    
-    djm@
-    
-    OpenBSD-Commit-ID: 6060f70966f362d8eb4bec3da2f6c4712fbfb98f
+    Source configs script so setup_ci can use settings
 
-commit 88908c9b61bcb99f16e8d398fc41e2b3b4be2003
+commit 34df52c201c6b47e5a46b50c215e4d98a8bf6587
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Sat Jul 3 23:00:19 2021 +1000
+Date:   Fri Oct 22 09:42:14 2021 +1100
 
-    Remove reference to ChallengeResponse.
-    
-    challenge_response_authentication was removed from the struct, keeping
-    kbd_interactive_authentication.
+    Install libedit and pam based on config flags.
 
-commit 321874416d610ad2158ce6112f094a4862c2e37f
+commit 8c626cc563e8d21d844d06f9971a9ee01de6aa2a
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Sat Jul 3 20:38:09 2021 +1000
+Date:   Thu Oct 21 16:53:39 2021 +1100
 
-    Move signal.h up include order to match upstream.
+    Don't use 'here string", it's not POSIX.
 
-commit 4fa83e2d0e32c2dd758653e0359984bbf1334f32
+commit 086a4b5977472aefa3de918b88efad0faf83b2b1
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Sat Jul 3 20:36:06 2021 +1000
+Date:   Thu Oct 21 15:33:27 2021 +1100
 
-    Remove old OpenBSD version marker.
-    
-    Looks like an accidental leftover from a sync.
+    Remove -Werror from compiler package to install.
 
-commit 9d5e31f55d5f3899b72645bac41a932d298ad73b
+commit 5a7a4687507d057f9b5e7497f3d3f82e64753c02
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Sat Jul 3 20:34:19 2021 +1000
+Date:   Thu Oct 21 15:00:53 2021 +1100
 
-    Remove duplicate error on error path.
-    
-    There's an extra error() call on the listen error path, it looks like
-    its removal was missed during an upstream sync.
+    Build with -Werror on most recent gcc and clang.
 
-commit 888c459925c7478ce22ff206c9ac1fb812a40caf
+commit 4d2cbdb525d673acf941d48a7044fcf03125611a
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Sat Jul 3 20:32:46 2021 +1000
+Date:   Fri Oct 15 12:59:06 2021 +1100
 
-    Remove some whitespace not in upstream.
-    
-    Reduces diff vs OpenBSD by a small amount.
+    Include string.h and stdio.h for strerror.
 
-commit 4d2d4d47a18d93f3e0a91a241a6fdb545bbf7dc2
+commit fff13aaa262b7b3ec83ed21e29674cbf331780a7
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Sat Jul 3 19:27:43 2021 +1000
+Date:   Fri Oct 15 12:43:36 2021 +1100
 
-    Replace remaining references to ChallengeResponse.
-    
-    Portable had a few additional references to ChallengeResponse related to
-    UsePAM, replaces these with equivalent keyboard-interactive ones.
+    Include error reason if trace disabling fails.
 
-commit 53237ac789183946dac6dcb8838bc3b6b9b43be1
+commit d4b38144c02f3faa5271e5fb35df93507e06f1b4
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Sat Jul 3 19:23:28 2021 +1000
+Date:   Tue Oct 12 22:55:51 2021 +1100
 
-    Sync remaining ChallengeResponse removal.
+    Add tcmalloc test target.
+
+commit 002d65b0a30063c6e49bf8a53e709d8d5a0d45c1
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Sat Oct 9 10:52:42 2021 +0000
+
+    upstream: Document that CASignatureAlgorithms, ExposeAuthInfo and
     
-    These were omitted from commit 88868fd131.
+    PubkeyAuthOptions can be used in a Match block.  Patch from eehakkin via
+    github PR#277.
+    
+    OpenBSD-Commit-ID: c0a63f5f52e918645967ac022b28392da4b866aa
 
-commit 2c9e4b319f7e98744b188b0f58859d431def343b
+commit 40bd3709dddaae3a1b6113748bec3faa6a607531
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Sat Jul 3 19:17:31 2021 +1000
+Date:   Thu Oct 7 15:55:49 2021 +1100
 
-    Disable rocky84 to figure out why agent test fails
+    Skip SK unit tests when built without security-key
 
-commit bfe19197a92b7916f64a121fbd3c179abf15e218
+commit 482f73be10f10b93f818df19fcc8a912c0c371fc
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Jul 2 15:43:28 2021 +1000
+Date:   Thu Oct 7 15:55:04 2021 +1100
 
-    Remove now-unused SSHv1 enums.
+    Include relevant env vars on command line.
     
-    sRhostsRSAAuthentication and sRSAAuthentication are protocol 1 options
-    and are no longer used.
+    Makes it easier to reproduce a build by cut/pasting the configure line.
 
-commit c73b02d92d72458a5312bd098f32ce88868fd131
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Jul 2 05:11:20 2021 +0000
+commit ef5916b8acd9b1d2f39fad4951dae03b00dbe390
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Thu Oct 7 14:28:02 2021 +1100
 
-    upstream: Remove references to ChallengeResponseAuthentication in
-    
-    favour of KbdInteractiveAuthentication.  The former is what was in SSHv1, the
-    latter is what is in SSHv2 (RFC4256) and they were treated as somewhat but
-    not entirely equivalent.  We retain the old name as deprecated alias so
-    config files continue to work and a reference in the man page for people
-    looking for it.
-    
-    Prompted by bz#3303 which pointed out the discrepancy between the two
-    when used with Match.  Man page help & ok jmc@, with & ok djm@
-    
-    OpenBSD-Commit-ID: 2c1bff8e5c9852cfcdab1f3ea94dfef5a22f3b7e
+    Only enable sk-* key types if ENABLE_SK is defined
 
-commit f841fc9c8c7568a3b5d84a4cc0cefacb7dbc16b9
+commit 52d4232b493a9858fe616e28a8bbcc89afa2ad4d
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Jul 2 15:20:32 2021 +1000
+Date:   Wed Oct 6 18:14:37 2021 +1100
 
-    Fix ifdefs around get_random_bytes_prngd.
+    Disable security key on minix3.
     
-    get_random_bytes_prngd() is used if either of PRNGD_PORT or PRNGD_SOCKET
-    are defined, so adjust ifdef accordingly.
+    The test doesn't work so disable.
 
-commit 0767627cf66574484b9c0834500b42ea04fe528a
-Author: Damien Miller <djm@mindrot.org>
-Date:   Fri Jul 2 14:30:23 2021 +1000
+commit 7cd062c3a29669b8d7dc2a97e6575f4dcb7d35a2
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Wed Oct 6 17:45:28 2021 +1100
 
-    wrap get_random_bytes_prngd() in ifdef
-    
-    avoid unused static function warning
+    Add USE_LIBC_SHA2 for (at least) NetBSD 9.
 
-commit f93fdc4de158386efe1116bd44c5b3f4a7a82c25
+commit 639c440f6c3c2a8216a5eb9455ef13bf4204089c
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Mon Jun 28 13:06:37 2021 +1000
+Date:   Wed Oct 6 17:09:31 2021 +1100
 
-    Add rocky84 test target.
+    Define OPENSSL_NO_SHA including OpenSSL from test.
+    
+    We don't use SHA256 from OpenSSL in the sk-dummy module and the
+    definitions can conflict with system sha2.h (eg on NetBSD) so define
+    OPENSSL_NO_SHA so we don't attempt to redefine them.
 
-commit d443006c0ddfa7f6a5bd9c0ae92036f3d5f2fa3b
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Jun 25 06:30:22 2021 +0000
+commit 8f4be526a338d06624f146fa26007bb9dd3a4f7b
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Wed Oct 6 15:40:58 2021 +1100
 
-    upstream: fix decoding of X.509 subject name; from Leif Thuresson
-    
-    via bz3327 ok markus@
+    Disable security key on NetBSD4 test.
     
-    OpenBSD-Commit-ID: 0ea2e28f39750dd388b7e317bc43dd997a217ae8
+    sk-dummy used for the security key test includes both sha2.h and OpenSSL
+    causing the definitions conflict so disable security key support on this
+    platform.
 
-commit 2a5704ec142202d387fda2d6872fd4715ab81347
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Jun 25 06:20:39 2021 +0000
+commit 3b353ae58aa07a1cbbeb1da3ace21fc0dcccd66a
+Author: Damien Miller <djm@mindrot.org>
+Date:   Wed Oct 6 15:07:01 2021 +1100
 
-    upstream: Use better language to refer to the user. From l1ving
-    
-    via github PR#250, ok jmc@
-    
-    OpenBSD-Commit-ID: 07ca3526626996613e128aeddf7748c93c4d6bbf
+    clean regress/misc/sk-dummy in cleandir target
 
-commit 4bdf7a04797a0ea1c431a9d54588417c29177d19
+commit 57680a2ab43518c5ccbd8242c40482106cde6ac1
 Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Jun 25 03:38:17 2021 +0000
+Date:   Sat Oct 2 03:17:01 2021 +0000
 
-    upstream: Replace SIGCHLD/notify_pipe kludge with pselect.
+    upstream: Dynamically allocate encoded HashKnownHosts and free as
     
-    Previously sshd's SIGCHLD handler would wake up select() by writing a
-    byte to notify_pipe.  We can remove this by blocking SIGCHLD, checking
-    for child terminations then passing the original signal mask through
-    to pselect.  This ensures that the pselect will immediately wake up if
-    a child terminates between wait()ing on them and the pselect.
+    appropriate. Saves 1k of static storage and prevents snprintf "possible
+    truncation" warnings from newer compilers (although in this case it's false
+    positive since the actual sizes are limited by the output size of the SHA1).
+    ok djm@
     
-    In -portable, for platforms that do not have pselect the kludge is still
-    there but is hidden behind a pselect interface.
+    OpenBSD-Commit-ID: e254ae723f7e3dce352c7d5abc4b6d87faf61bf4
+
+commit e3e62deb549fde215b777d95276c304f84bf00c6
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Oct 6 03:35:13 2021 +0000
+
+    upstream: use libc SHA256 functions; make this work when compiled
     
-    Based on other changes for bz#2158, ok djm@
+    !WITH_OPENSSL
     
-    OpenBSD-Commit-ID: 202c85de0b3bdf1744fe53529a05404c5480d813
+    OpenBSD-Regress-ID: fda0764c1097cd42f979ace29b07eb3481259890
 
-commit c9f7bba2e6f70b7ac1f5ea190d890cb5162ce127
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Jun 25 15:08:18 2021 +1000
+commit 12937d867019469ebce83c2ff614cdc6688fc2d8
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Oct 1 05:20:20 2021 +0000
 
-    Move closefrom() to before first malloc.
+    upstream: Add test for ssh hashed known_hosts handling.
     
-    When built against tcmalloc, tcmalloc allocates a descriptor for its
-    internal use, so calling closefrom() afterward causes the descriptor
-    number to be reused resulting in a corrupted connection.  Moving the
-    closefrom a little earlier should resolve this.  From kircherlike at
-    outlook.com via bz#3321, ok djm@
+    OpenBSD-Regress-ID: bcef3b3cd5a1ad9899327b4b2183de2541aaf9cf
 
-commit 7ebfe4e439853b88997c9cfc2ff703408a1cca92
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Jun 18 20:41:45 2021 +1000
+commit 5a37cc118f464416d08cd0291a9b1611d8de9943
+Author: Damien Miller <djm@mindrot.org>
+Date:   Wed Oct 6 13:16:21 2021 +1100
 
-    Put second -lssh in link line for sftp-server.
+    fix broken OPENSSL_HAS_ECC test
     
-    When building --without-openssl the recent port-prngd.c change adds
-    a dependency on atomicio, but since nothing else in sftp-server uses
-    it, the linker may not find it.  Add a second -lssh similar to other
-    binaries.
+    spotted by dtucker
 
-commit e409d7966785cfd9f5970e66a820685c42169717
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Jun 18 18:34:08 2021 +1000
+commit 16a25414f303cd6790eb967aeb962040e32c9c7a
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Oct 1 22:40:06 2021 +1000
 
-    Try EGD/PRNGD if random device fails.
-    
-    When built --without-openssl, try EGD/PRGGD (if configured) as a last
-    resort before failing.
+    make sk-dummy.so work without libcrypto installed
 
-commit e43a898043faa3a965dbaa1193cc60e0b479033d
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Jun 18 18:32:51 2021 +1000
+commit dee22129bbc61e25b1003adfa2bc584c5406ef2d
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Oct 1 16:35:49 2021 +1000
 
-    Split EGD/PRNGD interface into its own file.
+    make OPENSSL_HAS_ECC checks more thorough
     
-    This will allow us to use it when building --without-openssl.
+    ok dtucker
 
-commit acb2887a769a1b1912cfd7067f3ce04fad240260
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Thu Jun 17 21:03:19 2021 +1000
+commit 872595572b6c9a584ed754165e8b7c4c9e7e1d61
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Oct 1 16:35:05 2021 +1000
 
-    Handle GIDs > 2^31 in getgrouplist.
+    fix FIDO key support for !OPENSSL_HAS_ECC case
     
-    When compiled in 32bit mode, the getgrouplist implementation may fail
-    for GIDs greater than LONG_MAX.  Analysis and change from ralf.winkel
-    at tui.com.
+    ok dtucker
 
-commit 31fac20c941126281b527605b73bff30a8f02edd
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Thu Jun 10 09:46:28 2021 +0000
+commit 489741dc68366940d369ac670b210b4834a6c272
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Oct 1 14:51:37 2021 +1000
 
-    upstream: Use $SUDO when reading sshd's pidfile here too.
-    
-    OpenBSD-Regress-ID: 6bfb0d455d493f24839034a629c5306f84dbd409
+    enable security key support for --without-openssl
 
-commit a3a58acffc8cc527f8fc6729486d34e4c3d27643
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Thu Jun 10 09:43:51 2021 +0000
+commit c978565c8589acfe4ea37ab5099d39c84158c713
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Oct 1 13:27:50 2021 +1000
 
-    upstream: Use $SUDO when reading sshd's pidfile in case it was
-    
-    created with a very restrictive umask.  This resyncs with -portable.
-    
-    OpenBSD-Regress-ID: 07fd2af06df759d4f64b82c59094accca1076a5d
+    need stdlib.h for free(3)
 
-commit 249ad4ae51cd3bc235e75a4846eccdf8b1416611
+commit 76a398edfb51951b2d65d522d7b02c72304db300
 Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Thu Jun 10 09:37:59 2021 +0000
+Date:   Thu Sep 30 05:26:26 2021 +0000
 
-    upstream: Set umask when creating hostkeys to prevent excessive
+    upstream: Fix up whitespace left by previous
     
-    permissions warning.
+    change removing privsep.  No other changes.
     
-    OpenBSD-Regress-ID: 382841db0ee28dfef7f7bffbd511803e1b8ab0ef
+    OpenBSD-Regress-ID: 87adec225d8afaee4d6a91b2b71203f52bf14b15
 
-commit 9d0892153c005cc65897e9372b01fa66fcbe2842
+commit ddcb53b7a7b29be65d57562302b2d5f41733e8dd
 Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Thu Jun 10 03:45:31 2021 +0000
+Date:   Thu Sep 30 05:20:08 2021 +0000
 
-    upstream: Add regress test for SIGHUP restart
+    upstream: Remove references to privsep.
     
-    while handling active and unauthenticated clients.  Should catch anything
-    similar to the pselect bug just fixed in sshd.c.
+    This removes several do..while loops but does not change the
+    indentation of the now-shallower loops, which will be done in a separate
+    whitespace-only commit to keep changes of style and substance separate.
     
-    OpenBSD-Regress-ID: 3b3c19b5e75e43af1ebcb9586875b3ae3a4cac73
+    OpenBSD-Regress-ID: 4bed1a0249df7b4a87c965066ce689e79472a8f7
 
-commit 73f6f191f44440ca3049b9d3c8e5401d10b55097
+commit ece2fbe486164860de8df3f8b943cccca3085eff
 Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Thu Jun 10 03:14:14 2021 +0000
+Date:   Thu Sep 30 04:22:50 2021 +0000
 
-    upstream: Continue accept loop when pselect
+    upstream: Use "skip" instead of "fatal"
     
-    returns -1, eg if it was interrupted by a signal.  This should prevent
-    the hang discovered by sthen@ wherein sshd receives a SIGHUP while it has
-    an unauthenticated child and goes on to a blocking read on a notify_pipe.
-    feedback deraadt@, ok djm@
+    if SUDO isn't set for the *-command tests. This means running "make tests"
+    without SUDO set will perform all of the tests that it can instead of
+    failing on the ones it cannot run.
     
-    OpenBSD-Commit-ID: 0243c1c5544fca0974dae92cd4079543a3fceaa0
+    OpenBSD-Regress-ID: bd4dbbb02f34b2e8c890558ad4a696248def763a
 
-commit c785c0ae134a8e8b5c82b2193f64c632a98159e4
+commit bb754b470c360e787a99fb4e88e2668198e97b41
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Jun 8 22:30:27 2021 +0000
+Date:   Fri Oct 1 04:50:36 2021 +0000
 
-    upstream: test that UserKnownHostsFile correctly accepts multiple
+    upstream: unbreak FIDO sk-ed25519 key enrollment for OPENSSL=no builds;
     
-    arguments; would have caught readconf.c r1.356 regression
+    ok dtucker@
     
-    OpenBSD-Regress-ID: 71ca54e66c2a0211b04999263e56390b1f323a6a
+    OpenBSD-Commit-ID: 6323a5241728626cbb2bf0452cf6a5bcbd7ff709
 
-commit 1a6f6b08e62c78906a3032e8d9a83e721c84574e
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Jun 8 22:06:12 2021 +0000
+commit 207648d7a6415dc915260ca75850404dbf9f0a0b
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Wed Sep 29 20:03:58 2021 +1000
 
-    upstream: fix regression in r1.356: for ssh_config options that
-    
-    accepted multiple string arguments, ssh was only recording the first.
-    Reported by Lucas via bugs@
-    
-    OpenBSD-Commit-ID: 7cbf182f7449bf1cb7c5b4452667dc2b41170d6d
+    Include stdlib.h for arc4random_uniform prototype.
 
-commit 78e30af3e2b2dd540a341cc827c6b98dd8b0a6de
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Jun 8 07:40:12 2021 +0000
+commit 696aadc854582c164d5fc04933d2f3e212dc0e06
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Wed Sep 29 20:00:30 2021 +1000
 
-    upstream: test argv_split() optional termination on comments
-    
-    OpenBSD-Regress-ID: 9fd1c4a27a409897437c010cfd79c54b639a059c
+    Look for clang after cc and gcc.
 
-commit a023138957ea2becf1c7f93fcc42b0aaac6f2b03
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Tue Jun 8 07:05:27 2021 +0000
+commit a3c6375555026d85dbf811fab566b9f76f196144
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Wed Sep 29 19:30:59 2021 +1000
 
-    upstream: Add testcases from bz#3319 for IPQoS and TunnelDevice
+    Use backticks instead of $(..) for portability.
     
-    being overridden on the command line.
+    Older shells (eg /bin/sh on Solaris 10) don't support $() syntax.
+
+commit 958aaa0387133d51f84fe9c8f30bca03025f2867
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Wed Sep 29 18:53:32 2021 +1000
+
+    Skip file-based tests by default on Mac OS.
     
-    OpenBSD-Regress-ID: 801674d5d2d02abd58274a78cab2711f11de14a8
+    The file-based tests need OpenSSL so skip them.
 
-commit 660cea10b2cdc11f13ba99c89b1bbb368a4d9ff2
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Jun 8 06:52:43 2021 +0000
+commit 55c8bdf6e9afb0f9fa8e4f10c25c7f0081b48fd0
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Wed Sep 29 18:42:47 2021 +1000
 
-    upstream: sprinkle some "# comment" at end of configuration lines
+    Build without OpenSSL on Mac OS.
     
-    to test comment handling
+    Modern versions don't ship enough libcrypto to build against.
+
+commit c9172193ea975415facf0afb356d87df21535f88
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Wed Sep 29 18:33:38 2021 +1000
+
+    Remove TEST_SSH_ECC.
     
-    OpenBSD-Regress-ID: cb82fbf40bda5c257a9f742c63b1798e5a8fdda7
+    Convert the only remaining user of it to runtime detection using ssh -Q.
 
-commit acc9c32dcb6def6c7d3688bceb4c0e59bd26b411
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Jun 8 06:51:47 2021 +0000
+commit 5e6d28b7874b0deae95d2c68947c45212d32e599
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Wed Sep 29 17:48:09 2021 +1000
 
-    upstream: more descriptive failure message
+    Split c89 test openssl setting out.
+
+commit c4ac7f98e230e83c015678dc958b1ffe828564ad
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Wed Sep 29 17:40:50 2021 +1000
+
+    Expand TEST_SHELL consistently with other vars.
+
+commit cfe5f7b0eb7621bfb0a756222de0431315c2ab8b
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Wed Sep 29 17:26:50 2021 +1000
+
+    Replace `pwd` with make variable in regress cmd.
+
+commit 899be59da5fbc3372444bd0fbe74af48313bed33
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Wed Sep 29 17:14:33 2021 +1000
+
+    Get BUILDDIR from autoconf.
     
-    OpenBSD-Regress-ID: 5300f6faf1d9e99c0cd10827b51756c5510e3509
+    Use this to replace `pwd`s in regress test command line.
 
-commit ce04dd4eae23d1c9cf7c424a702f48ee78573bc1
+commit c8d92d3d4f7d560146f2f936156ec4dac3fc5811
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Wed Sep 29 13:28:56 2021 +1000
+
+    Add make clean step to tests.
+
+commit 360fb41ef8359619ab90b0d131c914494e55d3dd
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Wed Sep 29 11:36:13 2021 +1000
+
+    Test all available clang and gcc versions.
+
+commit 4fb49899d7da22952d35a4bc4c9bdb2311087893
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Jun 7 01:16:34 2021 +0000
+Date:   Wed Sep 29 01:32:21 2021 +0000
 
-    upstream: test AuthenticationMethods inside a Match block as well
+    upstream: Test certificate hostkeys held in ssh-agent too. Would have
     
-    as in the main config section
+    caught regression fixed in sshd r1.575
     
-    OpenBSD-Regress-ID: ebe0a686621b7cb8bb003ac520975279c28747f7
+    ok markus@
+    
+    OpenBSD-Regress-ID: 1f164d7bd89f83762db823eec4ddf2d2556145ed
 
-commit 9018bd821fca17e26e92f7a7e51d9b24cd62f2db
+commit ce4854e12e749a05646e5775e9deb8cfaf49a755
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Jun 7 00:00:50 2021 +0000
+Date:   Wed Sep 29 01:33:32 2021 +0000
 
-    upstream: prepare for stricter sshd_config parsing that will refuse
+    upstream: add some debug output showing how many key file/command lines
     
-    a config that has {Allow,Deny}{Users,Groups} on a line with no subsequent
-    arguments. Such lines are permitted but are nonsensical noops ATM
+    were processed. Useful to see whether a file or command actually has keys
+    present
     
-    OpenBSD-Regress-ID: ef65463fcbc0bd044e27f3fe400ea56eb4b8f650
+    OpenBSD-Commit-ID: 0bd9ff94e84e03a22df8e6c12f6074a95d27f23c
 
-commit a10f929d1ce80640129fc5b6bc1acd9bf689169e
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Jun 8 07:09:42 2021 +0000
+commit 15abdd523501c349b703d9a27e2bb4252ad921ef
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Tue Sep 28 11:14:50 2021 +0000
 
-    upstream: switch sshd_config parsing to argv_split()
+    upstream: Make prototype for rijndaelEncrypt match function
     
-    similar to the previous commit, this switches sshd_config parsing to
-    the newer tokeniser. Config parsing will be a little stricter wrt
-    quote correctness and directives appearing without arguments.
+    including the bounds. Fixes error in portable where GCC>=11 takes notice of
+    the bounds. ok deraadt@
     
-    feedback and ok markus@
+    OpenBSD-Commit-ID: cdd2f05fd1549e1786a70871e513cf9e9cf099a6
+
+commit d1d29ea1d1ef1a1a54b209f062ec1dcc8399cf03
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Tue Sep 28 11:10:05 2021 +0000
+
+    upstream: Import regenerated moduli.
     
-    tested in snaps for the last five or so days - thanks Theo and those who
-    caught bugs
+    OpenBSD-Commit-ID: 4bec5db13b736b64b06a0fca704cbecc2874c8e1
+
+commit 39f2111b1d5f00206446257377dcce58cc72369f
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Wed Sep 29 10:53:55 2021 +1000
+
+    Add new compiler hardening flags.
     
-    OpenBSD-Commit-ID: 9c4305631d20c2d194661504ce11e1f68b20d93e
+    Add -fzero-call-used-regs and -ftrivial-auto-var-init to the list of
+    compiler hardening flags that configure checks for.  These are supported
+    by clang and gcc, and make ROP gadgets less useful and mitigate
+    stack-based infoleaks respectively.  ok djm@
 
-commit ea9e45c89a4822d74a9d97fef8480707d584da4d
+commit bf944e3794eff5413f2df1ef37cddf96918c6bde
+Author: Damien Miller <djm@mindrot.org>
+Date:   Mon Sep 27 00:03:19 2021 +1000
+
+    initgroups needs grp.h
+
+commit 8c5b5655149bd76ea21026d7fe73ab387dbc3bc7
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Jun 8 07:07:15 2021 +0000
+Date:   Sun Sep 26 14:01:11 2021 +0000
 
-    upstream: Switch ssh_config parsing to use argv_split()
-    
-    This fixes a couple of problems with the previous tokeniser,
-    strdelim()
+    upstream: openssh-8.8
     
-    1. strdelim() is permissive wrt accepting '=' characters. This is
-      intended to allow it to tokenise "Option=value" but because it
-      cannot keep state, it will incorrectly split "Opt=val=val2".
-    2. strdelim() has rudimentry handling of quoted strings, but it
-      is incomplete and inconsistent. E.g. it doesn't handle escaped
-      quotes inside a quoted string.
-    3. It has no support for stopping on a (unquoted) comment. Because
-      of this readconf.c r1.343 added chopping of lines at '#', but
-      this caused a regression because these characters may legitimately
-      appear inside quoted strings.
-    
-    The new tokeniser is stricter is a number of cases, including #1 above
-    but previously it was also possible for some directives to appear
-    without arguments. AFAIK these were nonsensical in all cases, and the
-    new tokeniser refuses to accept them.
-    
-    The new code handles quotes much better, permitting quoted space as
-    well as escaped closing quotes. Finally, comment handling should be
-    fixed - the tokeniser will terminate only on unquoted # characters.
-    
-    feedback & ok markus@
-    
-    tested in snaps for the last five or so days - thanks Theo and those who
-    caught bugs
-    
-    OpenBSD-Commit-ID: dc72fd12af9d5398f4d9e159d671f9269c5b14d5
+    OpenBSD-Commit-ID: 12357794602ac979eb7312a1fb190c453f492ec4
 
-commit d786424986c04d1d375f231fda177c8408e05c3e
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Tue Jun 8 07:02:46 2021 +0000
+commit f3cbe43e28fe71427d41cfe3a17125b972710455
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Sep 26 14:01:03 2021 +0000
 
-    upstream: Check if IPQoS or TunnelDevice are already set before
+    upstream: need initgroups() before setresgid(); reported by anton@,
     
-    overriding. Prevents values in config files from overriding values supplied
-    on the command line.  bz#3319, ok markus.
+    ok deraadt@
     
-    OpenBSD-Commit-ID: f3b08b898c324debb9195e6865d8999406938f74
+    OpenBSD-Commit-ID: 6aa003ee658b316960d94078f2a16edbc25087ce
 
-commit aae4b4d3585b9f944d7dbd3c9e5ba0006c55e457
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Jun 8 06:54:40 2021 +0000
+commit 8acaff41f7518be40774c626334157b1b1c5583c
+Author: Damien Miller <djm@mindrot.org>
+Date:   Sun Sep 26 22:16:36 2021 +1000
 
-    upstream: Allow argv_split() to optionally terminate tokenisation
-    
-    when it encounters an unquoted comment.
-    
-    Add some additional utility function for working with argument
-    vectors, since we'll be switching to using them to parse
-    ssh/sshd_config shortly.
+    update version numbers for release
+
+commit d39039ddc0010baa91c70a0fa0753a2699bbf435
+Author: kn@openbsd.org <kn@openbsd.org>
+Date:   Sat Sep 25 09:40:33 2021 +0000
+
+    upstream: RSA/SHA-1 is not used by default anymore
     
-    ok markus@ as part of a larger diff; tested in snaps
+    OK dtucker deraadt djm
     
-    OpenBSD-Commit-ID: fd9c108cef2f713f24e3bc5848861d221bb3a1ac
+    OpenBSD-Commit-ID: 055c51a221c3f099dd75c95362f902da1b8678c6
 
-commit da9f9acaac5bab95dca642b48e0c8182b246ab69
+commit 9b2ee74e3aa8c461eb5552a6ebf260449bb06f7e
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Mon Jun 7 19:19:23 2021 +1000
+Date:   Fri Sep 24 11:08:03 2021 +1000
 
-    Save logs on failure for upstream test
+    Move the fgrep replacement to hostkey-rotate.sh.
+    
+    The fgrep replacement for buggy greps doesn't work in the sftp-glob test
+    so move it to just where we know it's needed.
 
-commit 76883c60161e5f3808787085a27a8c37f8cc4e08
+commit f7039541570d4b66d76e6f574544db176d8d5c02
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Mon Jun 7 14:36:32 2021 +1000
+Date:   Fri Sep 24 08:04:14 2021 +1000
 
-    Add obsdsnap-i386 upstream test target.
+    Replacement function for buggy fgrep.
+    
+    GNU (f)grep <=2.18, as shipped by FreeBSD<=12 and NetBSD<=9 will
+    occasionally fail to find ssh host keys in the hostkey-rotate test.
+    If we have those versions, use awk instead.
 
-commit d45b9c63f947ec5ec314696e70281f6afddc0ac3
+commit f6a660e5bf28a01962af87568e118a2d2e79eaa0
+Author: David Manouchehri <david.manouchehri@riseup.net>
+Date:   Thu Sep 23 17:03:18 2021 -0400
+
+    Don't prompt for yes/no questions.
+
+commit 7ed1a3117c09f8c3f1add35aad77d3ebe1b85b4d
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Jun 7 03:38:38 2021 +0000
+Date:   Mon Sep 20 06:53:56 2021 +0000
 
-    upstream: fix debug message when finding a private key to match a
+    upstream: fix missing -s in SYNOPSYS and usage() as well as a
     
-    certificate being attempted for user authentication. Previously it would
-    print the certificate's path, whereas it was supposed to be showing the
-    private key's path. Patch from Alex Sherwin via GHPR247
+    capitalisation mistake; spotted by jmc@
     
-    OpenBSD-Commit-ID: d5af3be66d0f22c371dc1fe6195e774a18b2327b
+    OpenBSD-Commit-ID: 0ed8ee085c7503c60578941d8b45f3a61d4c9710
 
-commit 530739d42f6102668aecd699be0ce59815c1eceb
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sun Jun 6 11:34:16 2021 +0000
+commit 8c07170135dde82a26886b600a8bf6fb290b633d
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Mon Sep 20 04:02:13 2021 +0000
 
-    upstream: Match host certificates against host public keys, not private
+    upstream: Fix "Allocated port" debug message
     
-    keys. Allows use of certificates with private keys held in a ssh-agent.
-    Reported by Miles Zhou in bz3524; ok dtucker@
+    for unix domain sockets. From peder.stray at gmail.com via github PR#272,
+    ok deraadt@
     
-    OpenBSD-Commit-ID: 25f5bf70003126d19162862d9eb380bf34bac22a
+    OpenBSD-Commit-ID: 8d5ef3fbdcdd29ebb0792b5022a4942db03f017e
 
-commit 4265215d7300901fd7097061c7517688ade82f8e
+commit 277d3c6adfb128b4129db08e3d65195d94b55fe7
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sun Jun 6 03:40:39 2021 +0000
+Date:   Mon Sep 20 01:55:42 2021 +0000
 
-    upstream: Client-side workaround for a bug in OpenSSH 7.4: this release
-    
-    allows RSA/SHA2 signatures for public key authentication but fails to
-    advertise this correctly via SSH2_MSG_EXT_INFO. This causes clients of these
-    server to incorrectly match PubkeyAcceptedAlgorithms and potentially refuse
-    to offer valid keys.
+    upstream: Switch scp back to use the old protocol by default, ahead of
     
-    Reported by and based on patch from Gordon Messmer via bz3213, thanks
-    also for additional analysis by Jakub Jelen. ok dtucker
+    release. We'll wait a little longer for people to pick up sftp-server(8) that
+    supports the extension that scp needs for ~user paths to continue working in
+    SFTP protocol mode. Discussed with deraadt@
     
-    OpenBSD-Commit-ID: d6d0b7351d5d44c45f3daaa26efac65847a564f7
+    OpenBSD-Commit-ID: f281f603a705fba317ff076e7b11bcf2df941871
 
-commit bda270d7fb8522d43c21a79a4b02a052d7c64de8
+commit ace19b34cc15bea3482be90450c1ed0cd0dd0669
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sun Jun 6 03:17:02 2021 +0000
+Date:   Sat Sep 18 02:03:25 2021 +0000
 
-    upstream: degrade gracefully if a sftp-server offers the
+    upstream: better error message for ~user failures when the
     
-    limits@openssh.com extension but fails when the client tries to invoke it.
-    Reported by Hector Martin via bz3318
+    sftp-server lacks the expand-path extension; ok deraadt@
     
-    OpenBSD-Commit-ID: bd9d1839c41811616ede4da467e25746fcd9b967
+    OpenBSD-Commit-ID: 9c1d965d389411f7e86f0a445158bf09b8f9e4bc
 
-commit d345d5811afdc2d6923019b653cdd93c4cc95f76
+commit 6b1238ba971ee722a310d95037b498ede5539c03
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sun Jun 6 03:15:39 2021 +0000
+Date:   Thu Sep 16 15:22:22 2021 +0000
 
-    upstream: the limits@openssh.com extension was incorrectly marked
+    upstream: make some more scp-in-SFTP mode better match Unix idioms
     
-    as an operation that writes to the filesystem, which made it unavailable in
-    sftp-server read-only mode. Spotted by Hector Martin via bz3318
+    suggested by deraadt@
     
-    OpenBSD-Commit-ID: f054465230787e37516c4b57098fc7975e00f067
+    OpenBSD-Commit-ID: 0f2439404ed4cf0b0be8bf49a1ee734836e1ac87
 
-commit 2b71010d9b43d7b8c9ec1bf010beb00d98fa765a
-Author: naddy@openbsd.org <naddy@openbsd.org>
-Date:   Sat Jun 5 13:47:00 2021 +0000
+commit e694f8ac4409931e67d08ac44ed251b20b10a957
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Sep 16 15:11:19 2021 +0000
 
-    upstream: PROTOCOL.certkeys: update reference from IETF draft to
-    
-    RFC
+    upstream: allow log_stderr==2 to prefix log messages with argv[0]
     
-    Also fix some typos.
-    ok djm@
+    use this to make scp's SFTP mode error messages more scp-like
     
-    OpenBSD-Commit-ID: 5e855b6c5a22b5b13f8ffa3897a868e40d349b44
-
-commit aa99b2d9a3e45b943196914e8d8bf086646fdb54
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Jun 4 23:41:29 2021 +1000
-
-    Clear notify_pipe from readset if present.
+    prompted by and ok deraadt@
     
-    Prevents leaking an implementation detail to the caller.
+    OpenBSD-Commit-ID: 0e821dbde423fc2280e47414bdc22aaa5b4e0733
 
-commit 6de8dadf6b4d0627d35bca0667ca44b1d61c2c6b
+commit 8a7a06ee505cb833e613f74a07392e9296286c30
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Jun 4 23:24:25 2021 +1000
+Date:   Fri Sep 17 13:03:31 2021 +1000
 
-    space->tabs.
+    Test against LibreSSL 3.2.6, 3.3.4, 3.4.0.
 
-commit c8677065070ee34c05c7582a9c2f58d8642e552d
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Jun 4 18:39:48 2021 +1000
+commit c25c84074a47f700dd6534995b4af4b456927150
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Sep 16 05:36:03 2021 +0000
 
-    Add pselect implementation for platforms without.
+    upstream: missing space character in ssh -G output broke the
     
-    This is basically the existing notify_pipe kludge from serverloop.c
-    moved behind a pselect interface.  It works by installing a signal
-    handler that writes to a pipe that the select is watching, then calls
-    the original handler.
+    t-sshcfgparse regression test; spotted by anton@
     
-    The select call in serverloop will become pselect soon, at which point the
-    kludge will be removed from thereand will only exist in the compat layer.
-    Original code by markus, help from djm.
+    OpenBSD-Commit-ID: bcc36fae2f233caac4baa8e58482da4aa350eed0
 
-commit 7cd7f302d3a072748299f362f9e241d81fcecd26
-Author: Vincent Brillault <vincent.brillault@cern.ch>
-Date:   Sun May 24 09:15:06 2020 +0200
+commit a4bee1934bf5e5575fea486628f4123d6a29dff8
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Sep 15 06:56:01 2021 +0000
 
-    auth_log: dont log partial successes as failures
+    upstream: allow CanonicalizePermittedCNAMEs=none in ssh_config; ok
     
-    By design, 'partial' logins are successful logins, so initially with
-    authenticated set to 1, for which another authentication is required. As
-    a result, authenticated is always reset to 0 when partial is set to 1.
-    However, even if authenticated is 0, those are not failed login
-    attempts, similarly to attempts with authctxt->postponed set to 1.
+    markus@
+    
+    OpenBSD-Commit-ID: 668a82ba8e56d731b26ffc5703213bfe071df623
 
-commit e7606919180661edc7f698e6a1b4ef2cfb363ebf
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Jun 4 06:19:07 2021 +0000
+commit d0fffc88c8fe90c1815c6f4097bc8cbcabc0f3dd
+Author: mbuhl@openbsd.org <mbuhl@openbsd.org>
+Date:   Tue Sep 14 11:04:21 2021 +0000
 
-    upstream: The RB_GENERATE_STATIC(3) macro expands to a series of
+    upstream: put back the mux_ctx memleak fix for SSH_CHANNEL_MUX_CLIENT
     
-    function definitions and not a statement, so there should be no semicolon
-    following them. Patch from Michael Forney
+    OK mfriedl@
     
-    OpenBSD-Commit-ID: c975dd180580f0bdc0a4d5b7d41ab1f5e9b7bedd
+    OpenBSD-Commit-ID: 1aba1da828956cacaadb81a637338734697d9798
 
-commit c298c4da574ab92df2f051561aeb3e106b0ec954
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Jun 4 05:59:18 2021 +0000
+commit 19b3d846f06697c85957ab79a63454f57f8e22d6
+Author: schwarze@openbsd.org <schwarze@openbsd.org>
+Date:   Sat Sep 11 09:05:50 2021 +0000
 
-    upstream: rework authorized_keys example section, removing irrelevant
+    upstream: Do not ignore SIGINT while waiting for input if editline(3)
     
-    stuff, de-wrapping the example lines and better aligning the examples with
-    common usage and FAQs; ok jmc
+    is not used. Instead, in non-interactive mode, exit sftp(1), like for other
+    serious errors. As pointed out by dtucker@, when compiled without editline(3)
+    support in portable OpenSSH, the el == NULL branch is also used for
+    interactive mode. In that case, discard the input line and provide a fresh
+    prompt to the user just like in the case where editline(3) is used. OK djm@
     
-    OpenBSD-Commit-ID: d59f1c9281f828148e2a2e49eb9629266803b75c
+    OpenBSD-Commit-ID: 7d06f4d3ebba62115527fafacf38370d09dfb393
 
-commit d9cb35bbec5f623589d7c58fc094817b33030f35
+commit ba61123eef9c6356d438c90c1199a57a0d7bcb0a
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Jun 4 05:10:03 2021 +0000
+Date:   Sat Sep 11 00:40:24 2021 +0000
 
-    upstream: adjust SetEnv description to clarify $TERM handling
+    upstream: when using SFTP protocol, continue transferring files after a
     
-    OpenBSD-Commit-ID: 8b8cc0124856bc1094949d55615e5c44390bcb22
+    transfer error occurs. This matches original scp/rcp behaviour. ok dtucker@
+    
+    OpenBSD-Commit-ID: dfe4558d71dd09707e9b5d6e7d2e53b793da69fa
 
-commit 771f57a8626709f2ad207058efd68fbf30d31553
+commit b0ec59a708b493c6f3940336b1a537bcb64dd2a7
 Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Jun 4 05:09:08 2021 +0000
+Date:   Fri Sep 10 11:38:38 2021 +0000
 
-    upstream: Switch the listening select loop from select() to
+    upstream: Document that non-interactive commands are run via the user's
     
-    pselect() and mask signals while checking signal flags, umasking for pselect
-    and restoring afterwards. Also restore signals before sighup_restart so they
-    don't remain blocked after restart.
+    shell using the -c flag.  ok jmc@
     
-    This prevents a race where a SIGTERM or SIGHUP can arrive between
-    checking the flag and calling select (eg if sshd is processing a
-    new connection) resulting in sshd not shutting down until the next
-    time it receives a new connection.  bz#2158, with & ok djm@
+    OpenBSD-Commit-ID: 4f0d912077732eead10423afd1acf4fc0ceec477
+
+commit 66a658b5d9e009ea11f8a0ca6e69c7feb2d851ea
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Sep 10 10:26:02 2021 +0000
+
+    upstream: Document behaviour of arguments following non-interactive
     
-    OpenBSD-Commit-ID: bf85bf880fd78e00d7478657644fcda97b9a936f
+    commands. Prompted by github PR#139 from EvanTheB, feedback & ok djm@ jmc@
+    
+    OpenBSD-Commit-ID: fc758d1fe0471dfab4304fcad6cd4ecc3d79162a
 
-commit f64f8c00d158acc1359b8a096835849b23aa2e86
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Jun 4 05:02:40 2021 +0000
+commit 1d47e28e407d1f95fdf8f799be23f48dcfa5206b
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Sep 10 07:11:11 2021 +0000
 
-    upstream: allow ssh_config SetEnv to override $TERM, which is otherwise
+    upstream: Clarify which file's attributes -p preserves, and that
     
-    handled specially by the protocol. Useful in ~/.ssh/config to set TERM to
-    something generic (e.g. "xterm" instead of "xterm-256color") for destinations
-    that lack terminfo entries. feedback and ok dtucker@
+    it's specifically the file mode bits. bz#3340 from calestyo at scientia.net,
+    ok djm@ jmc@
     
-    OpenBSD-Commit-ID: 38b1ef4d5bc159c7d9d589d05e3017433e2d5758
+    OpenBSD-Commit-ID: f09e6098ed1c4be00c730873049825f8ee7cb884
 
-commit 60107677dc0ce1e93c61f23c433ad54687fcd9f5
+commit b344db7a413478e4c21e4cadba4a970ad3e6128a
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Jun 4 04:02:21 2021 +0000
+Date:   Fri Sep 10 05:46:09 2021 +0000
 
-    upstream: correct extension name "no-presence-required" =>
+    upstream: openssh-7.4 was incorrectly listed twice; spotted by
     
-    "no-touch-required"
+    Dmitry Belyavskiy, ok dtucker@
     
-    document "verify-required" option
+    OpenBSD-Commit-ID: 4b823ae448f6e899927ce7b04225ac9e489f58ef
+
+commit 9136d6239ad7a4a293e0418a49b69e70c76d58b8
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Thu Sep 9 06:17:39 2021 +0000
+
+    upstream: - move CAVEATS to its correct order - use the term
     
-    OpenBSD-Commit-ID: 1879ff4062cf61d79b515e433aff0bf49a6c55c5
+    "legacy" protocol rather than "original", as the latter made the text
+    misleading - uppercase SCP
+    
+    ok djm
+    
+    OpenBSD-Commit-ID: 8479255746d5fa76a358ee59e7340fecf4245ff0
 
-commit ecc186e46e3e30f27539b4311366dfda502f0a08
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Wed Jun 2 13:54:11 2021 +1000
+commit 2d678c5e3bdc2f5c99f7af5122e9d054925d560d
+Author: David Carlier <devnexen@gmail.com>
+Date:   Wed Sep 8 19:49:54 2021 +0100
 
-    Retire fbsd7 test target.
+    Disable tracing on FreeBSD using procctl.
     
-    It's the slowest of the selfhosted targets (since it's 32bit but has
-    most of the crypto algos). We still have coverage for 32bit i386.
+    Placed at the start of platform_disable_tracing() to prevent declaration
+    after code errors from strict C89 compilers (in the unlikely event that
+    more than one method is enabled).
 
-commit 5de0867b822ec48b5eec9abde0f5f95d1d646546
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Wed Jun 2 11:21:40 2021 +1000
+commit 73050fa38fb36ae3326d768b574806352b97002d
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Sep 8 23:31:39 2021 +0000
 
-    Check for $OPENSSL in md5 fallback too.
+    upstream: Use the SFTP protocol by default. The original scp/rcp
+    
+    protocol remains available via the -O flag.
+    
+    Note that ~user/ prefixed paths in SFTP mode require a protocol extension
+    that was first shipped in OpenSSH 8.7.
+    
+    ok deraadt, after baking in snaps for a while without incident
+    
+    OpenBSD-Commit-ID: 23588976e28c281ff5988da0848cb821fec9213c
 
-commit 1db69d1b6542f8419c04cee7fd523a4a11004be2
+commit c4565e69ffa2485cff715aa842ea7a350296bfb6
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Wed Jun 2 11:17:54 2021 +1000
+Date:   Wed Sep 8 21:09:49 2021 +1000
 
-    Add dfly60 target.
+    Really fix test on OpenSSL 1.1.1 stable.
 
-commit a3f2dd955f1c19cad387a139f0e719af346ca6ef
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Wed Jun 2 00:17:45 2021 +0000
+commit 79f1bb5f56cef3ae9276207316345b8309248478
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Wed Sep 8 18:51:39 2021 +1000
 
-    upstream: Merge back shell portability changes
-    
-    bringing it back in sync with -portable.
-    
-    OpenBSD-Regress-ID: c07905ba931e66ad7d849b87b7d19648007175d1
+    Correct OpenSSL 1.1.1 stable identifier.
 
-commit 9d482295c9f073e84d75af46b720a1c0f7ec2867
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Tue Jun 1 23:56:20 2021 +0000
+commit b6255593ed5ccbe5e7d3d4b26b2ad31ad4afc232
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Wed Sep 8 18:39:44 2021 +1000
 
-    upstream: Use a default value for $OPENSSL,
-    
-    allowing it to be overridden. Do the same in the PuTTY tests since it's
-    needed there and not exported by test-exec.sh.
+    Increment nfds when coming from startup_pipe.
     
-    OpenBSD-Regress-ID: c49dcd6aa7602a8606b7afa192196ca1fa65de16
+    If we have to increase nfds because startup_pipe[0] is above any of the
+    descriptors passed in the fd_sets, we also need to add 1 to nfds since
+    select takes highest FD number plus one.  bz#3345 from yaroslav.kuzmin
+    at vmssoftware.com.
 
-commit 07660b3c99f8ea74ddf4a440e55c16c9f7fb3dd1
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Mon May 24 10:25:18 2021 +0000
+commit a3e92a6794817df6012ac8546aea19652cc91b61
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Wed Sep 8 13:45:10 2021 +1000
 
-    upstream: Find openssl binary via environment variable. This
-    
-    allows overriding if necessary (eg in -portable where we're testing against a
-    specific version of OpenSSL).
-    
-    OpenBSD-Regress-ID: 491f39cae9e762c71aa4bf045803d077139815c5
+    Tests for OpenSSL 3.0.0 release & 1.1.1 branch.
 
-commit 1a4d1da9188d7c88f646b61f0d6a3b34f47c5439
+commit 4afe431da98ec1cf6a2933fe5658f4fd68dee9e2
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri May 21 04:03:47 2021 +0000
+Date:   Wed Sep 8 03:23:44 2021 +0000
 
-    upstream: fix memleak in test
+    upstream: correct my mistake in previous fix; spotted by halex
     
-    OpenBSD-Regress-ID: 5e529d0982aa04666604936df43242e97a7a6f81
+    OpenBSD-Commit-ID: 3cc62d92e3f70006bf02468fc146bfc36fffa183
 
-commit 60455a5d98065a73ec9a1f303345856bbd49aecc
+commit ca0e455b9331213ff9505a21b94c38e34faa2bba
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri May 21 03:59:01 2021 +0000
+Date:   Tue Sep 7 06:03:51 2021 +0000
 
-    upstream: also check contents of remaining string
+    upstream: avoid NULL deref in -Y find-principals. Report and fix
     
-    OpenBSD-Regress-ID: d526fa07253f4eebbc7d6205a0ab3d491ec71a28
+    from Carlo Marcelo Arenas Belón
+    MIME-Version: 1.0
+    Content-Type: text/plain; charset=UTF-8
+    Content-Transfer-Encoding: 8bit
+    
+    OpenBSD-Commit-ID: 6238486f8ecc888d6ccafcd9ad99e621bb41f1e0
 
-commit 39f6cd207851d7b67ca46903bfce4a9f615b5b1c
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri May 21 03:48:07 2021 +0000
+commit 37616807f150fb46610bbd5031c31af4857ad1e9
+Author: millert@openbsd.org <millert@openbsd.org>
+Date:   Mon Sep 6 00:36:01 2021 +0000
 
-    upstream: unit test for misc.c:strdelim() that mostly servces to
+    upstream: revision 1.381 neglected to remove
     
-    highlight its inconsistencies
+    sChallengeResponseAuthentication from the enum.  Noticed by
+    christos@zoulas.com.  OK dtucker@
     
-    OpenBSD-Regress-ID: 8d2bf970fcc01ccc6e36a5065f89b9c7fa934195
+    OpenBSD-Commit-ID: b533283a4dd6d04a867da411a4c7a8fbc90e34ff
 
-commit 7a3a1dd2c7d4461962acbcc0ebee9445ba892be0
+commit 7acb3578cdfec0b3d34501408071f7a96c1684ea
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Thu May 27 21:23:15 2021 +1000
-
-    Put minix3 config in the host-specific block.
-
-commit 59a194825f12fff8a7f75d91bf751ea17645711b
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon May 31 06:48:42 2021 +0000
+Date:   Sun Sep 5 20:45:42 2021 +1000
 
-    upstream: Hash challenge supplied by client during FIDO key enrollment
-    
-    prior to passing it to libfido2, which does expect a hash.
-    
-    There is no effect for users who are simply generating FIDO keys using
-    ssh-keygen - by default we generate a random 256 bit challenge, but
-    people building attestation workflows around our tools should now have
-    a more consistent experience (esp. fewer failures when they fail to
-    guess the magic 32-byte challenge length requirement).
-    
-    ok markus@
-    
-    OpenBSD-Commit-ID: b8d5363a6a7ca3b23dc28f3ca69470472959f2b5
+    Correct version_num for OpenSSL dev branch.
 
-commit eb68e669bc8ab968d4cca5bf1357baca7136a826
+commit 65bb01111320dfd0d25e21e1fd4d3f2b77532669
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Thu May 27 21:14:15 2021 +1000
+Date:   Sun Sep 5 19:37:39 2021 +1000
 
-    Include login_cap.h for login_getpwclass override.
+    Test against OpenSSL 3 branch as well as dev.
     
-    On minix3, login_getpwclass is __RENAME'ed to __login_getpwclass50 so
-    without this the include overriding login_getpwclass causes a compile
-    error.
+    Now that OpenSSL development has moved to 3.1, test against the most
+    recent version of the openssl-3.0 branch too.
 
-commit 2063af71422501b65c7a92a5e14c0e6a3799ed89
+commit 864ed0d5e04a503b97202c776b7cf3f163f3eeaa
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Thu May 27 21:13:38 2021 +1000
+Date:   Sun Sep 5 19:33:22 2021 +1000
 
-    Add minix3 test target.
+    OpenSSL development is now 3.1.*
 
-commit 2e1efcfd9f94352ca5f4b6958af8a454f8cf48cd
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed May 26 01:47:24 2021 +0000
+commit a60209a586a928f92ab323bf23bd07f57093342e
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Sep 3 07:43:23 2021 +0000
 
-    upstream: fix SEGV in UpdateHostkeys debug() message, triggered
+    upstream: Use .Cm instead of .Dq in StrictHostKeyChecking list for
     
-    when the update removed more host keys than remain present. Fix tested by
-    reporter James Cook, via bugs@
+    consistency. Patch from scop via github PR#257, ok jmc@
     
-    OpenBSD-Commit-ID: 44f641f6ee02bb957f0c1d150495b60cf7b869d3
+    OpenBSD-Commit-ID: 3652a91564570779431802c31224fb4a9cf39872
 
-commit 9acd76e6e4d2b519773e7119c33cf77f09534909
-Author: naddy@openbsd.org <naddy@openbsd.org>
-Date:   Sun May 23 18:22:57 2021 +0000
+commit 8d1d9eb6de37331e872700e9e399a3190cca1242
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Sep 3 07:27:03 2021 +0000
 
-    upstream: ssh: The client configuration keyword is
-    
-    "hostbasedacceptedalgorithms"
-    
-    This fixes a mistake that slipped in when "HostbasedKeyTypes" was
-    renamed to "HostbasedAcceptedAlgorithms".
+    upstream: Mention using ssh -i for specifying the public key file
     
-    Bug report by zack@philomathiclife.com
+    in the case where the private key is loaded into ssh-agent but is not present
+    locally.  Based on patch from rafork via github PR#215, ok jmc@
     
-    OpenBSD-Commit-ID: d745a7e8e50b2589fc56877f322ea204bc784f38
+    OpenBSD-Commit-ID: 2282e83b0ff78d2efbe705883b67240745fa5bb2
 
-commit 078a0e60c92700da4c536c93c007257828ccd05b
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Tue May 25 11:40:47 2021 +1000
+commit eb4362e5e3aa7ac26138b11e44d8c191910aff64
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Sep 3 05:25:50 2021 +0000
 
-    Rename README.md to ci-status.md.
+    upstream: Refer to KEX "algorithms" instead of "methods" to match
     
-    The original intent was to provide a status page for the CIs configured
-    in that directory, but it had the side effect of replacing the top-level
-    README.md.
+    other references and improve consistency.  Patch from scop via github PR#241,
+    ok djm@
+    
+    OpenBSD-Commit-ID: 840bc94ff6861b28d8603c8e8c16499bfb65e32c
 
-commit 7be4ac813662f68e89f23c50de058a49aa32f7e4
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed May 19 01:24:05 2021 +0000
+commit b3318946ce5725da43c4bf7eeea1b73129c47d2a
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Sep 3 05:12:25 2021 +0000
 
-    upstream: restore blocking status on stdio fds before close
-    
-    ssh(1) needs to set file descriptors to non-blocking mode to operate
-    but it was not restoring the original state on exit. This could cause
-    problems with fds shared with other programs via the shell, e.g.
-    
-    > $ cat > test.sh << _EOF
-    > #!/bin/sh
-    > {
-    >         ssh -Fnone -oLogLevel=verbose ::1 hostname
-    >         cat /usr/share/dict/words
-    > } | sleep 10
-    > _EOF
-    > $ ./test.sh
-    > Authenticated to ::1 ([::1]:22).
-    > Transferred: sent 2352, received 2928 bytes, in 0.1 seconds
-    > Bytes per second: sent 44338.9, received 55197.4
-    > cat: stdout: Resource temporarily unavailable
-    
-    This restores the blocking status for fds 0,1,2 (stdio) before ssh(1)
-    abandons/closes them.
+    upstream: Remove redundant attrib_clear in upload_dir_internal.
     
-    This was reported as bz3280 and GHPR246; ok dtucker@
+    The subsequent call to stat_to_attrib clears the struct as its first step
+    anyway. From pmeinhardt via github PR#220, ok djm@
     
-    OpenBSD-Commit-ID: 8cc67346f05aa85a598bddf2383fcfcc3aae61ce
+    OpenBSD-Commit-ID: f5234fc6d7425b607e179acb3383f21716f3029e
 
-commit c4902e1a653c67fea850ec99c7537f358904c0af
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon May 17 11:43:16 2021 +0000
+commit 7cc3fe28896e653956a6a2eed0a25d551b83a029
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Sep 3 04:11:13 2021 +0000
 
-    upstream: fix breakage of -W forwaring introduced in 1.554; reported by
+    upstream: Add test for client termination status on signal.
     
-    naddy@ and sthen@, ok sthen@
+    Based on patch from Alexxz via github PR#235 with some tweaks, to
+    match patch in bz#3281.
     
-    OpenBSD-Commit-ID: f72558e643a26dc4150cff6e5097b5502f6c85fd
+    OpenBSD-Regress-ID: d87c7446fb8b5f8b45894fbbd6875df326e729e2
 
-commit afea01381ad1fcea1543b133040f75f7542257e6
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Mon May 17 07:22:45 2021 +0000
+commit 5428b0d239f6b516c81d1dd15aa9fe9e60af75d4
+Author: deraadt@openbsd.org <deraadt@openbsd.org>
+Date:   Thu Sep 2 21:03:54 2021 +0000
 
-    upstream: Regenerate moduli.
+    upstream: sys/param.h is not needed for any visible reason
     
-    OpenBSD-Commit-ID: 83c93a2a07c584c347ac6114d6329b18ce515557
+    OpenBSD-Commit-ID: 8bdea2d0c75692e4c5777670ac039d4b01c1f368
 
-commit be2866d6207b090615ff083c9ef212b603816a56
-Author: Damien Miller <djm@mindrot.org>
-Date:   Mon May 17 09:40:23 2021 +1000
+commit 1ff38f34b4c4545eb28106629cafa1e0496bc726
+Author: Shchelkunov Artem <a.shchelkunov@ideco.ru>
+Date:   Wed Aug 11 18:07:58 2021 +0500
 
-    Handle Android libc returning NULL pw->pw_passwd
+    Fix memory leak in error path.
     
-    Reported by Luke Dashjr
+    *info is allocated via xstrdup but was leaked in the PAM_AUTH_ERR path.
+    From github PR#266.
 
-commit 5953c143008259d87342fb5155bd0b8835ba88e5
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri May 14 05:20:32 2021 +0000
+commit cb37e2f0c0ca4fef844ed7edc5d0e3b7d0e83f6a
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Wed Sep 1 03:16:06 2021 +0000
 
-    upstream: fix previous: test saved no_shell_flag, not the one that just
-    
-    got clobbered
+    upstream: Fix ssh-rsa fallback for old PuTTY interop tests.
     
-    OpenBSD-Commit-ID: b8deace085d9d941b2d02f810243b9c302e5355d
+    OpenBSD-Regress-ID: a19ac929da604843a5b5f0f48d2c0eb6e0773d37
 
-commit 1e9fa55f4dc4b334651d569d3448aaa3841f736f
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri May 14 03:09:48 2021 +0000
+commit 8b02ef0f28dc24cda8cbcd8b7eb02bda8f8bbe59
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Wed Sep 1 00:50:27 2021 +0000
 
-    upstream: Fix ssh started with ControlPersist incorrectly executing a
+    upstream: Add a function to skip remaining tests.
     
-    shell when the -N (no shell) option was specified. bz3290 reported by Richard
-    Schwab; patch from markus@ ok me
+    Many tests skip tests for various reasons but not in a consistent way and
+    don't always clean up, so add that and switch the tests that do that over.
     
-    OpenBSD-Commit-ID: ea1ea4af16a95687302f7690bdbe36a6aabf87e1
+    OpenBSD-Regress-ID: 72d2ec90a3ee8849486956a808811734281af735
 
-commit d1320c492f655d8f5baef8c93899d79dded217a5
+commit d486845c07324c04240f1674ac513985bd356f66
 Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Wed May 12 11:34:30 2021 +0000
+Date:   Tue Aug 31 07:13:59 2021 +0000
 
-    upstream: Clarify language about moduli. While both ends of the
+    upstream: Specify path to PuTTY keys.
     
-    connection do need to use the same parameters (ie groups), the DH-GEX
-    protocol takes care of that and both ends do not need the same contents in
-    the moduli file, which is what the previous text suggested.  ok djm@ jmc@
+    Portable needs this and it makes no difference on OpenBSD, so resync
+    them.  (Id sync only, Portable already had this.)
     
-    OpenBSD-Commit-ID: f0c18cc8e79c2fbf537a432a9070ed94e96a622a
+    OpenBSD-Regress-ID: 33f6f66744455886d148527af8368811e4264162
 
-commit d3cc4d650ce3e59f3e370b101778b0e8f1c02c4d
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri May 7 04:11:51 2021 +0000
+commit d22b299115e27606e846b23490746f69fdd4fb38
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Tue Aug 31 06:13:23 2021 +0000
 
-    upstream: include pid in LogVerbose spam
+    upstream: Better compat tests with old PuTTY.
     
-    OpenBSD-Commit-ID: aacb86f96ee90c7cb84ec27452374285f89a7f00
+    When running PuTTY interop tests and using a PuTTY version older than
+    0.76, re-enable the ssh-rsa host key algorithm (the 256 and 512 variants
+    of RSA were added some time between 0.73 and 0.76).
+    
+    OpenBSD-Regress-ID: e6138d6987aa705fa1e4f216db0bb386e1ff38e1
 
-commit e3c032333be5fdbbaf2751f6f478e044922b4ec4
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri May 7 03:09:38 2021 +0000
+commit 87ad70d605c3e39c9b8aa275db27120d7cc09b77
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Tue Aug 31 17:04:50 2021 +1000
 
-    upstream: don't sigdie() in signal handler in privsep child process;
-    
-    this can end up causing sandbox violations per bz3286; ok dtucker@
+    Resync PuTTY interop tests.
     
-    OpenBSD-Commit-ID: a7f40b2141dca4287920da68ede812bff7ccfdda
+    Resync behaviour when REGRESS_INTEROP_PUTTY is not set with OpenBSD.
 
-commit a4039724a3f2abac810735fc95cf9114a3856049
+commit e47b82a7bf51021afac218bf59a3be121827653d
 Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri May 7 09:23:40 2021 +0000
+Date:   Tue Aug 31 01:25:27 2021 +0000
 
-    upstream: Increase ConnectionAttempts from 4 to 10 as the tests
+    upstream: Specify hostkeyalgorithms in SSHFP test.
     
-    occasionally time out on heavily loaded hosts.
+    Specify host key algorithms in sshd's default set for the SSHFP test,
+    from djm@.  Make the reason for when the test is skipped a bit clearer.
     
-    OpenBSD-Regress-ID: 29a8cdef354fc9da471a301f7f65184770434f3a
+    OpenBSD-Regress-ID: 4f923dfc761480d5411de17ea6f0b30de3e32cea
 
-commit c0d7e36e979fa3cdb60f5dcb6ac9ad3fd018543b
+commit 7db3e0a9e8477c018757b59ee955f7372c0b55fb
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri May 7 02:26:55 2021 +0000
+Date:   Mon Aug 30 01:15:45 2021 +0000
 
-    upstream: dump out a usable private key string too; inspired by Tyson
-    
-    Whitehead
+    upstream: adapt to RSA/SHA1 deprectation
     
-    OpenBSD-Regress-ID: 65572d5333801cb2f650ebc778cbdc955e372058
+    OpenBSD-Regress-ID: 952397c39a22722880e4de9d1c50bb1a14f907bb
 
-commit 24fee8973abdf1c521cd2c0047d89e86d9c3fc38
+commit 2344750250247111a6c3c6a4fe84ed583a61cc11
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri May 7 02:29:40 2021 +0000
+Date:   Sun Aug 29 23:53:10 2021 +0000
 
-    upstream: correct mistake in spec - the private key blobs are encoded
+    upstream: After years of forewarning, disable the RSA/SHA-1
     
-    verbatim and not as strings (i.e. no 4-byte length header)
+    signature algorithm by default. It is feasible to create colliding SHA1
+    hashes, so we need to deprecate its use.
     
-    OpenBSD-Commit-ID: 3606b5d443d72118c5b76c4af6dd87a5d5a4f837
-
-commit f43859159cc62396ad5d080f0b1f2635a67dac02
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Tue May 4 22:53:52 2021 +0000
-
-    upstream: Don't pass NULL as a string in debugging as it does not work
+    RSA/SHA-256/512 remains available and will be transparently selected
+    instead of RSA/SHA1 for most SSH servers released in the last five+
+    years. There is no need to regenerate RSA keys.
     
-    on some platforms in -portable.  ok djm@
+    The use of RSA/SHA1 can be re-enabled by adding "ssh-rsa" to the
+    PubkeyAcceptedAlgorithms directives on the client and server.
     
-    OpenBSD-Commit-ID: 937c892c99aa3c9c272a8ed78fa7c2aba3a44fc9
+    ok dtucker deraadt
+    
+    OpenBSD-Commit-ID: 189bcc4789c7254e09e23734bdd5def8354ff1d5
 
-commit ac31aa3c6341905935e75f0539cf4a61bbe99779
+commit 56c4455d3b54b7d481c77c82115c830b9c8ce328
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon May 3 00:16:45 2021 +0000
+Date:   Sun Aug 29 23:44:07 2021 +0000
 
-    upstream: more debugging for UpdateHostKeys signature failures
+    upstream: wrap at 80 columns
     
-    OpenBSD-Commit-ID: 1ee95f03875e1725df15d5e4bea3e73493d57d36
+    OpenBSD-Commit-ID: 47ca2286d6b52a9747f34da16d742879e1a37bf0
 
-commit 8e32e97e788e0676ce83018a742203614df6a2b3
+commit 95401eea8503943449f712e5f3de52fc0bc612c5
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Sat May 1 20:07:47 2021 +1000
+Date:   Fri Aug 20 18:14:13 2021 +1000
 
-    Add obsd69 test target.
+    Replace shell function with ssh-keygen -A.
+    
+    Prevents the init script in the SysV package from trying (and failing)
+    to generate unsupported key types.  Remove now-unused COMMENT_OUT_ECC.
+    ok tim@
 
-commit f06893063597c5bb9d9e93f851c4070e77d2fba9
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Apr 30 04:29:53 2021 +0000
+commit d83ec9ed995a76ed1d5c65cf10b447222ec86131
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Aug 20 15:39:05 2021 +1000
 
-    upstream: a little debugging in the main mux process for status
-    
-    confirmation failures in multiplexed sessions
-    
-    OpenBSD-Commit-ID: 6e27b87c95176107597035424e1439c3232bcb49
+    Remove obsolete Redhat PAM config and init script.
 
-commit e65cf00da6bc31e5f54603b7feb7252dc018c033
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Apr 30 04:02:52 2021 +0000
+commit e1a596186c81e65a34ce13076449712d3bf97eb4
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Aug 20 14:03:49 2021 +1000
 
-    upstream: Remove now-unused skey function prototypes leftover from
-    
-    skey removal.
+    depend
+
+commit 5450606c8f7f7a0d70211cea78bc2dab74ab35d1
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Aug 20 13:59:43 2021 +1000
+
+    update version numbers
+
+commit feee2384ab8d694c770b7750cfa76a512bdf8246
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Aug 20 03:22:55 2021 +0000
+
+    upstream: openssh-8.7
     
-    OpenBSD-Commit-ID: 2fc36d519fd37c6f10ce74854c628561555a94c3
+    OpenBSD-Commit-ID: 8769dff0fd76ae3193d77bf83b439adee0f300cd
 
-commit ae5f9b0d5c8126214244ee6b35aae29c21028133
+commit 9a2ed62173cc551b2b5f479460bb015b19499de8
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Thu Apr 29 13:01:50 2021 +1000
+Date:   Fri Aug 20 10:48:13 2021 +1000
 
-    Wrap sntrup761x25519 inside ifdef.
+    Also check pid in pselect_notify_setup.
     
-    From balu.gajjala at gmail.com via bz#3306.
+    Spotted by djm@.
 
-commit 70a8dc138a6480f85065cdb239915ad4b7f928cf
+commit deaadcb93ca15d4f38aa38fb340156077792ce87
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Wed Apr 28 14:44:07 2021 +1000
+Date:   Fri Aug 20 08:39:33 2021 +1000
 
-    Add status badges for Actions-based tests.
+    Prefix pselect functions to clarify debug messages
 
-commit 40b59024cc3365815381474cdf4fe423102e391b
+commit 10e45654cff221ca60fd35ee069df67208fcf415
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Wed Apr 28 12:22:11 2021 +1000
+Date:   Fri Aug 20 08:30:42 2021 +1000
 
-    Add obsdsnap (OpenBSD snapshot) test target.
+    Fix race in pselect replacement code.
+    
+    On the second and subsequent calls to pselect the notify_pipe was not
+    added to the select readset, opening up a race that om G. Christensen
+    discovered on multiprocessor Solaris <=9 systems.
+    
+    Also reinitialize notify_pipe if the pid changes.  This will prevent a
+    parent and child from using the same FD, although this is not an issue
+    in the current structure it might be in future.
 
-commit e627067ec8ef9ae8e7a638f4dbac91d52dee3e6d
+commit 464ba22f1e38d25402e5ec79a9b8d34a32df5a3f
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Wed Apr 28 11:35:28 2021 +1000
+Date:   Wed Aug 18 12:51:30 2021 +1000
 
-    Add test building upstream OpenBSD source.
+    Check compiler for c99 declarations after code.
+    
+    The sntrup761 reference code contains c99-style declarations after code
+    so don't try to build that if the compiler doesn't support it.
 
-commit 1b8108ebd12fc4ed0fb39ef94c5ba122558ac373
+commit 7d878679a4b155a359d32104ff473f789501748d
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Tue Apr 27 14:22:20 2021 +1000
+Date:   Tue Aug 17 15:12:04 2021 +1000
 
-    Test against OpenSSL 1.1.0h instead of 1.1.0g.
-    
-    1.1.0g requires a perl glob module that's not installed by default.
+    Remove trailing backslash on regress-unit-binaries
 
-commit 9bc20efd39ce8525be33df3ee009f5a4564224f1
+commit b71b2508f17c68c5d9dbbe537686d81cedb9a781
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Tue Apr 27 12:37:59 2021 +1000
+Date:   Tue Aug 17 07:59:27 2021 +1000
 
-    Use the default VM type for libcrypto ver tests.
+    Put stdint.h inside HAVE_STDINT_H.
+    
+    From Tom G. Christensen.
 
-commit 9f79e80dc40965c2e73164531250b83b176c1eea
+commit 6a24567a29bd7b4ab64e1afad859ea845cbc6b8c
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Tue Apr 27 12:24:10 2021 +1000
+Date:   Mon Aug 16 14:13:02 2021 +1000
 
-    Always build OpenSSL shared.
+    Improve github test driver script.
     
-    This is the default for current versions but we need it to test against
-    earlier versions.
+     - use a trap to always output any failed regress logs (since the script
+       sets -e, the existing log output is never invoked).
+     - pass LTESTS and SKIP_LTESTS when re-running with sshd options (eg.
+       UsePAM).
 
-commit b3cc9fbdff2782eca79e33e02ac22450dc63bce9
+commit b467cf13705f59ed348b620722ac098fe31879b7
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Tue Apr 27 09:18:02 2021 +1000
+Date:   Mon Aug 16 11:32:23 2021 +1000
 
-    Fix custom OpenSSL tests.
+    Remove deprecated ubuntu-16.04 test targets.
     
-    Check out specified OpenSSL version.  Install custom libcrypto where
-    configure expects to find it.  Remove unneeded OpenSSL config time
-    options.  Older OpenSSL versions were not make -j safe so remove it.
+    Github has deprecated ubuntu-16.04 and it will be removed on 20
+    September.
 
-commit 77532609874a99a19e3e2eb2d1b7fa93aef963bb
+commit 20e6eefcdf78394f05e453d456c1212ffaa6b6a4
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Mon Apr 26 17:18:25 2021 +1000
+Date:   Sun Aug 15 23:25:26 2021 +1000
 
-    Export CC and CFLAGS for c89 test.
+    Skip agent ptrace test on hurd.
 
-commit 33f62dfbe865f4de77980ab88774bf1eb5e4e040
+commit 7c9115bbbf958fbf85259a061c1122e2d046aabf
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Mon Apr 26 17:13:44 2021 +1000
+Date:   Sun Aug 15 19:37:22 2021 +1000
 
-    Add c89 here too.
+    Add hurd test target.
 
-commit da9d59f526fce58e11cba49cd8eb011dc0bf5677
+commit 7909a566f6c6a78fcd30708dc49f4e4f9bb80ce3
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Mon Apr 26 15:34:23 2021 +1000
+Date:   Sun Aug 15 12:45:10 2021 +1000
 
-    Add test against OpenSSL w/out ECC.
+    Skip scp3 tests on all dfly58 and 60 configs.
 
-commit 29e194a752359ebf85bf7fce100f23a0477fc4de
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Mon Apr 26 14:49:59 2021 +1000
+commit e65198e52cb03534e8c846d1bca74c310b1526de
+Author: Tim Rice <tim@multitalents.net>
+Date:   Sat Aug 14 13:08:07 2021 -0700
 
-    Ensure we can still build with C89.
+    openbsd-compat/openbsd-compat.h: put bsd-signal.h before bsd-misc.h
+    to get sigset_t from signal.h needed for the pselect replacement.
 
-commit a38016d369d21df5d35f761f2b67e175e132ba22
+commit e50635640f79920d9375e0155cb3f4adb870eee5
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Mon Apr 26 14:29:03 2021 +1000
+Date:   Fri Aug 13 13:21:00 2021 +1000
 
-    Interop test agains PuTTY.
+    Test OpenSSH from OpenBSD head on 6.8 and 6.9.
 
-commit 095b0307a77be8803768857cc6c0963fa52ed85b
+commit e0ba38861c490c680117b7fe0a1d61a181cd00e7
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Mon Apr 26 14:02:03 2021 +1000
+Date:   Fri Aug 13 13:00:14 2021 +1000
 
-    Support testing against arbitary libcrytpo vers.
+    Skip scp3 test on dragonfly 58 and 60.
     
-    Add tests against various LibreSSL and OpenSSL versions.
+    The tests hang, so skip until we figure them out.
 
-commit b16082aa110fa7128ece2a9037ff420c4a285317
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Mon Apr 26 13:35:44 2021 +1000
+commit dcce2a2bcf007bf817a2fb0dce3db83fa9201e92
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Aug 12 23:59:25 2021 +0000
 
-    Add fbsd10 test target.
+    upstream: mention that CASignatureAlgorithms accepts +/- similarly to
+    
+    the other algorithm list directives; ok jmc bz#3335
+    
+    OpenBSD-Commit-ID: 0d46b53995817052c78e2dce9dbd133963b073d9
 
-commit 2c805f16b24ea37cc051c6018fcb05defab6e57a
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Sun Apr 25 14:15:02 2021 +1000
+commit 090a82486e5d7a8f7f16613d67e66a673a40367f
+Author: schwarze@openbsd.org <schwarze@openbsd.org>
+Date:   Thu Aug 12 09:59:00 2021 +0000
 
-    Disable compiler hardening on nbsd4.
+    upstream: In the editline(3) branch of the sftp(1) event loop,
     
-    The system compiler supports -fstack-protector-all, but using it will
-    result in an internal compiler error on some files.
+    handle SIGINT rather than ignoring it, such that the user can use Ctrl-C to
+    discard the currently edited command line and get a fresh prompt, just like
+    in ftp(1), bc(1), and in shells.
+    
+    It is critical to not use ssl_signal() for this particular case
+    because that function unconditionally sets SA_RESTART, but here we
+    need the signal to interrupt the read(2) in the el_gets(3) event loop.
+    
+    OK dtucker@ deraadt@
+    
+    OpenBSD-Commit-ID: 8025115a773f52e9bb562eaab37ea2e021cc7299
 
-commit 6a5d39305649da5dff1934ee54292ee0cebd579d
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Sun Apr 25 13:01:34 2021 +1000
+commit e1371e4f58404d6411d9f95eb774b444cea06a26
+Author: naddy@openbsd.org <naddy@openbsd.org>
+Date:   Wed Aug 11 14:07:54 2021 +0000
 
-    Add nbsd3, nbsd4 and nbsd9 test targets.
+    upstream: scp: tweak man page and error message for -3 by default
+    
+    Now that the -3 option is enabled by default, flip the documentation
+    and error message logic from "requires -3" to "blocked by -R".
+    
+    ok djm@
+    
+    OpenBSD-Commit-ID: a872592118444fb3acda5267b2a8c3d4c4252020
 
-commit d1aed05bd2e4ae70f359a394dc60a2d96b88f78c
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Sat Apr 24 22:03:46 2021 +1000
+commit 49f46f6d77328a3d10a758522b670a3e8c2235e7
+Author: naddy@openbsd.org <naddy@openbsd.org>
+Date:   Wed Aug 11 14:05:19 2021 +0000
 
-    Comment out nbsd2 test target for now.
+    upstream: scp: do not spawn ssh with two -s flags for
+    
+    remote-to-remote copies
+    
+    Do not add another "-s" to the argument vector every time an SFTP
+    connection is initiated.  Instead, introduce a subsystem flag to
+    do_cmd() and add "-s" when the flag is set.
+    
+    ok djm@
+    
+    OpenBSD-Commit-ID: 25df69759f323661d31b2e1e790faa22e27966c1
 
-commit a6b4ec94e5bd5a8a18cd2c9942d829d2e5698837
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Sat Apr 24 17:52:24 2021 +1000
+commit 2a2cd00783e1da45ee730b7f453408af1358ef5b
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Aug 11 08:55:04 2021 +0000
 
-    Add OPENBSD ORIGINAL marker.
+    upstream: test -Oprint-pubkey
+    
+    OpenBSD-Regress-ID: 3d51afb6d1f287975fb6fddd7a2c00a3bc5094e0
 
-commit 3737c9f66ee590255546c4b637b6d2be669a11eb
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Apr 23 19:49:46 2021 +1000
+commit b9f4635ea5bc33ed5ebbacf332d79bae463b0f54
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Aug 11 08:54:17 2021 +0000
 
-    Replace "==" (a bashism) with "=".
+    upstream: when verifying sshsig signatures, support an option
+    
+    (-Oprint-pubkey) to dump the full public key to stdout; based on patch from
+    Fabian Stelzer; ok markus@
+    
+    OpenBSD-Commit-ID: 0598000e5b9adfb45d42afa76ff80daaa12fc3e2
 
-commit a116b6f5be17a1dd345b7d54bf8aa3779a28a0df
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Apr 23 16:34:48 2021 +1000
+commit 750c1a45ba4e8ad63793d49418a0780e77947b9b
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Aug 11 05:21:32 2021 +0000
 
-    Add nbsd2 test target.
+    upstream: oops, missed one more %p
+    
+    OpenBSD-Commit-ID: e7e62818d1564cc5cd9086eaf7a51cbd1a9701eb
 
-commit 196bf2a9bb771f45d9b0429cee7d325962233c44
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Apr 23 14:54:10 2021 +1000
+commit b5aa27b69ab2e1c13ac2b5ad3f8f7d389bad7489
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Aug 11 05:20:17 2021 +0000
 
-    Add obsd68 test target.
+    upstream: remove a bunch of %p in format strings; leftovers of
+    
+    debuggings past. prompted by Michael Forney, ok dtucker@
+    
+    OpenBSD-Commit-ID: 4853a0d6c9cecaba9ecfcc19066e52d3a8dcb2ac
 
-commit e3ba6574ed69e8b7af725cf5e8a9edaac04ff077
+commit 419aa01123db5ff5dbc68b2376ef23b222862338
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Apr 23 14:53:32 2021 +1000
-
-    Remove dependency on bash.
+Date:   Wed Aug 11 09:21:09 2021 +1000
 
-commit db1f9ab8feb838aee9f5b99c6fd3f211355dfdcf
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Apr 23 14:41:13 2021 +1000
+    Add includes.h to compat tests.
+    
+    On platforms where closefrom returns void (eg glibc>=2.34) the prototype
+    for closefrom in its compat tests would cause compile errors.  Remove
+    this and have the tests pull in the compat headers in the same way as
+    the main code.  bz#3336.
 
-    Add obsd67 test target.
+commit 931f592f26239154eea3eb35a086585897b1a185
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Aug 10 03:35:45 2021 +0000
 
-commit c039a6bf79192fe1daa9ddcc7c87dd98e258ae7c
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Apr 23 11:08:23 2021 +1000
+    upstream: adapt to scp -M flag change; make scp3.sh test SFTP mode too
+    
+    OpenBSD-Regress-ID: 43fea26704a0f0b962b53c1fabcb68179638f9c0
 
-    Re-add macos-11.0 test target.
+commit 391ca67fb978252c48d20c910553f803f988bd37
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Aug 10 03:33:34 2021 +0000
 
-commit a6db3a47b56adb76870d59225ffb90a65bc4daf2
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Apr 23 10:28:28 2021 +1000
+    upstream: Prepare for a future where scp(1) uses the SFTP protocol by
+    
+    default. Replace recently added -M option to select the protocol with -O
+    (olde) and -s (SFTP) flags, and label the -s flag with a clear warning that
+    it will be removed in the near future (so no, don't use it in scripts!).
+    
+    prompted by/feedback from deraadt@
+    
+    OpenBSD-Commit-ID: 92ad72cc6f0023c9be9e316d8b30eb6d8d749cfc
 
-    Add openindiana test target.
+commit bfdd4b722f124a4fa9173d20dd64dd0fc69856be
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Aug 9 23:56:36 2021 +0000
 
-commit 3fe7e73b025c07eda46d78049f1da8ed7dfc0c69
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Apr 23 10:26:35 2021 +1000
-
-    Test krb5 on Solaris 11 too.
-
-commit f57fbfe5eb02df1a91f1a237c4d27165afd87c13
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Thu Apr 22 22:27:26 2021 +1000
-
-    Don't always set SUDO.
+    upstream: make scp -3 the default for remote-to-remote copies. It
     
-    Rely on sourcing configs to set as appropriate.
-
-commit e428f29402fb6ac140b52f8f12e06ece7bb104a0
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Thu Apr 22 22:26:08 2021 +1000
-
-    Remove now-unused 2nd arg to configs.
-
-commit cb4ff640d79b3c736879582139778f016bbb2cd7
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Wed Apr 21 01:08:04 2021 +1000
-
-    Add win10 test target.
-
-commit 4457837238072836b2fa3107d603aac809624983
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Tue Apr 20 23:31:29 2021 +1000
-
-    Add nbsd8 test target.
+    provides a much better and more intuitive user experience and doesn't require
+    exposing credentials to the source host.
+    
+    thanks naddy@ for catching the missing argument in usage()
+    
+    "Yes please!" - markus@
+    "makes a lot of sense" - deraadt@
+    "the right thing to do" - dtucker@
+    
+    OpenBSD-Commit-ID: d0d2af5f0965c5192ba5b2fa461c9f9b130e5dd9
 
-commit bd4fba22e14da2fa196009010aabec5a8ba9dd42
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Sat Apr 17 09:55:47 2021 +1000
+commit 2f7a3b51cef689ad9e93d0c6c17db5a194eb5555
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Aug 9 23:49:31 2021 +0000
 
-    Add obsd51 target.
+    upstream: make scp in SFTP mode try to use relative paths as much
+    
+    as possible. Previosuly, it would try to make relative and ~/-rooted paths
+    absolute before requesting transfers.
+    
+    prompted by and much discussion deraadt@
+    ok markus@
+    
+    OpenBSD-Commit-ID: 46639d382ea99546a4914b545fa7b00fa1be5566
 
-commit 9403d0e805c77a5741ea8c3281bbe92558c2f125
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Apr 16 18:14:25 2021 +1000
+commit 2ab864010e0a93c5dd95116fb5ceaf430e2fc23c
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Aug 9 23:47:44 2021 +0000
 
-    Add fbsd13 target.
+    upstream: SFTP protocol extension to allow the server to expand
+    
+    ~-prefixed paths, in particular ~user ones. Allows scp in sftp mode to accept
+    these paths, like scp in rcp mode does.
+    
+    prompted by and much discussion deraadt@
+    ok markus@
+    
+    OpenBSD-Commit-ID: 7d794def9e4de348e1e777f6030fc9bafdfff392
 
-commit e86968280e358e62649d268d41f698d64d0dc9fa
-Author: Damien Miller <djm@mindrot.org>
-Date:   Fri Apr 16 13:55:25 2021 +1000
+commit 41b019ac067f1d1f7d99914d0ffee4d2a547c3d8
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Aug 9 23:44:32 2021 +0000
 
-    depend
+    upstream: when scp is in SFTP mode, try to deal better with ~
+    
+    prefixed paths. ~user paths aren't supported, but ~/ paths will be accepted
+    and prefixed with the SFTP server starting directory (more to come)
+    
+    prompted by and discussed with deraadt@
+    ok markus@
+    
+    OpenBSD-Commit-ID: 263a071f14555c045fd03132a8fb6cbd983df00d
 
-commit 2fb25ca11e8b281363a2a2a4dec4c497a1475d9a
-Author: Damien Miller <djm@mindrot.org>
-Date:   Fri Apr 16 13:53:02 2021 +1000
+commit b4b3f3da6cdceb3fd168b5fab69d11fba73bd0ae
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Aug 9 07:21:01 2021 +0000
 
-    crank version in README and RPM spec files
+    upstream: on fatal errors, make scp wait for ssh connection before
+    
+    exiting avoids LogLevel=verbose (or greater) messages from ssh appearing
+    after scp has returned exited and control has returned to the shell; ok
+    markus@
+    
+    (this was originally committed as r1.223 along with unrelated stuff that
+    I rolled back in r1.224)
+    
+    OpenBSD-Commit-ID: 1261fd667ad918484889ed3d7aec074f3956a74b
 
-commit b2b60ebab0cb77b5bc02d364d72e13db882f33ae
+commit 2ae7771749e0b4cecb107f9d4860bec16c3f4245
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Apr 16 03:42:00 2021 +0000
+Date:   Mon Aug 9 07:19:12 2021 +0000
 
-    upstream: openssh-8.6
+    upstream: rever r1.223 - I accidentally committed unrelated changes
     
-    OpenBSD-Commit-ID: b5f3e133c846127ec114812248bc17eff07c3e19
+    OpenBSD-Commit-ID: fb73f3865b2647a27dd94db73d6589506a9625f9
 
-commit faf2b86a46c9281d237bcdec18c99e94a4eb820a
-Author: markus@openbsd.org <markus@openbsd.org>
-Date:   Thu Apr 15 16:24:31 2021 +0000
+commit 986abe94d481a1e82a01747360bd767b96b41eda
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Aug 9 07:16:09 2021 +0000
 
-    upstream: do not pass file/func to monitor; noted by Ilja van Sprundel;
+    upstream: show only the final path component in the progress meter;
     
-    ok djm@
+    more useful with long paths (that may truncate) and better matches
+    traditional scp behaviour; spotted by naddy@ ok deraadt@
     
-    OpenBSD-Commit-ID: 85ae5c063845c410283cbdce685515dcd19479fa
+    OpenBSD-Commit-ID: 26b544d0074f03ebb8a3ebce42317d8d7ee291a3
 
-commit 2dc328023f60212cd29504fc05d849133ae47355
-Author: Damien Miller <djm@mindrot.org>
-Date:   Wed Apr 14 11:42:55 2021 +1000
+commit 2b67932bb3176dee4fd447af4368789e04a82b93
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Aug 9 07:13:54 2021 +0000
 
-    sshd don't exit on transient read errors
+    upstream: on fatal errors, make scp wait for ssh connection before
     
-    openssh-8.5 introduced a regression that would cause sshd to exit
-    because of transient read errors on the network socket (e.g. EINTR,
-    EAGAIN). Reported by balu.gajjala AT gmail.com via bz3297
+    exiting avoids LogLevel=verbose (or greater) messages from ssh appearing
+    after scp has returned exited and control has returned to the shell; ok
+    markus@
+    
+    OpenBSD-Commit-ID: ef9dab5ef5ae54a6a4c3b15d380568e94263456c
 
-commit d5d6b7d76d171a2e6861609dcd92e714ee62ad88
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sat Apr 10 18:45:00 2021 +1000
+commit 724eb900ace30661d45db2ba01d0f924d95ecccb
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Sun Aug 8 08:49:09 2021 +0000
 
-    perform report_failed_grab() inline
+    upstream: xstrdup environment variable used by ForwardAgent. bz#3328
+    
+    from goetze at dovetail.com, ok djm@ deraadt@
+    
+    OpenBSD-Commit-ID: 760320dac1c3b26904284ba417a7d63fccc5e742
 
-commit ea996ce2d023aa3c6d31125e2c3ebda1cb42db8c
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sat Apr 10 18:22:57 2021 +1000
+commit 86b4cb3a884846b358305aad17a6ef53045fa41f
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Sun Aug 8 08:27:28 2021 +0000
 
-    dedicated gnome-ssk-askpass3 source
-    
-    Compatibility with Wayland requires that we use the gdk_seat_grab()
-    API for grabbing mouse/keyboard, however these API don't exist in
-    Gtk+2.
+    upstream: Although it's POSIX, not all shells used in Portable support
     
-    This branches gnome-ssk-askpass2.c => gnome-ssk-askpass3.c and
-    makes the changes to use the gdk_seat_grab() instead of grabbing
-    mouse/focus separately via GDK.
+    the implicit 'in "$@"' after 'for i'.
     
-    In the future, we can also use the branched file to avoid some
-    API that has been soft-deprecated in GTK+3, e.g. gtk_widget_modify_fg
+    OpenBSD-Regress-ID: 3c9aec6bca4868f85d2742b6ba5223fce110bdbc
 
-commit bfa5405da05d906ffd58216eb77c4375b62d64c2
+commit f2ccf6c9f395923695f22345e626dfd691227aaf
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Thu Apr 8 15:18:15 2021 +1000
+Date:   Sun Aug 8 17:39:56 2021 +1000
 
-    Ensure valgrind-out exists.
+    Move portable specific settings down.
     
-    Normally the regress tests would create it, but running the unit tests
-    on their own would fail because the directory did not exist.
+    This brings the top hunk of the file back in sync with OpenBSD
+    so patches to the CVS Id should apply instead of always being
+    rejected.
 
-commit 1f189181f3ea09a9b08aa866f78843fec800874f
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Thu Apr 8 15:17:19 2021 +1000
+commit 71b0eb997e220b0fc9331635af409ad84979f2af
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Sun Aug 8 07:27:52 2021 +0000
 
-    Pass OBJ to unit test make invocation.
+    upstream: Move setting of USER further down the startup In portable
     
-    At least the Valgrind unit tests uses $OBJ.
+    we have to change this and having it in the same hunk as the CVS Id string
+    means applying changes fails every. single. time.
+    
+    OpenBSD-Regress-ID: 87cd603eb6db58c9b430bf90adacb7f90864429b
 
-commit f42b550c281d28bd19e9dd6ce65069164f3482b0
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Thu Apr 8 14:20:12 2021 +1000
+commit f0aca2706c710a0da1a4be705f825a807cd15400
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Sun Aug 8 06:38:33 2021 +0000
 
-    Add pattern for valgrind-unit.
+    upstream: Drop -q in ssh-log-wrapper.sh to preserve logs.
+    
+    scp and sftp like to add -q to the command line passed to ssh which
+    overrides the LogLevel we set in the config files and suppresses output
+    to the debug logs so drop any "-q" from the invoked ssh.  In the one
+    case where we actually want to use -q in the banner test, call the ssh
+    binary directly bypassing the logging wrapper.
+    
+    OpenBSD-Regress-ID: e2c97d3c964bda33a751374c56f65cdb29755b75
 
-commit 19e534462710e98737478fd9c44768b50c27c4c6
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Thu Apr 8 13:31:08 2021 +1000
+commit cf27810a649c5cfae60f8ce66eeb25caa53b13bc
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Sat Aug 7 01:57:08 2021 +0000
 
-    Run unit tests under valgrind.
+    upstream: Fix prototype mismatch for do_cmd. ok djm@
     
-    Run a separate build for the unit tests under Valgrind.  They take long
-    enough that running in parallel with the other Valgrind tests helps.
+    OpenBSD-Commit-ID: 1c1598bb5237a7ae0be99152f185e0071163714d
 
-commit 80032102d05e866dc2a48a5caf760cf42c2e090e
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Thu Apr 8 13:25:57 2021 +1000
+commit 85de69f64665245786e28c81ab01fe18b0e2a149
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Aug 7 01:55:01 2021 +0000
 
-    ifdef out MIN and MAX.
+    upstream: sftp-client.c needs poll.h
     
-    In -portable, defines.h ensures that these are defined, so redefining
-    potentially causes a warning.  We don't just delete it to make any
-    future code syncs a little but easier.  bz#3293.
+    remove unused variable
+    
+    OpenBSD-Commit-ID: 233ac6c012cd23af62f237167a661db391055a16
 
-commit d1bd184046bc310c405f45da3614a1dc5b3e521a
+commit 397c4d72e50023af5fe3aee5cc2ad407a6eb1073
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Wed Apr 7 10:23:51 2021 +1000
+Date:   Sat Aug 7 11:30:57 2021 +1000
 
-    Remove only use of warn().
-    
-    The warn() function is only used in one place in portable and does not
-    exist upstream.  Upgrade the only instance it's used to fail()
-    (the privsep/sandbox+proxyconnect, from back when that was new) and
-    remove the now-unused function.
+    Include poll.h and friends for struct pollfd.
 
-commit fea8f4b1aa85026ad5aee5ad8e1599a8d5141fe0
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Wed Apr 7 10:18:32 2021 +1000
+commit a9e2c533195f28627f205682482d9da384c4c52e
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Aug 7 00:14:17 2021 +0000
 
-    Move make_tmpdir() into portable-specific area.
+    upstream: do_upload() used a near-identical structure for
     
-    Reduces diff vs OpenBSD and makes it more likely diffs will apply
-    cleanly.
-
-commit 13e5fa2acffd26e754c6ee1d070d0afd035d4cb7
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Tue Apr 6 23:57:56 2021 +0000
-
-    upstream: Add TEST_SSH_ELAPSED_TIMES environment variable to print the
+    tracking expected status replies from the server to what do_download() was
+    using.
     
-    elapsed time in seconds of each test.  This depends on "date +%s" which is
-    not specified by POSIX but is commonly implemented.
+    Refactor it to use the same structure and factor out some common
+    code into helper functions.
     
-    OpenBSD-Regress-ID: ec3c8c19ff49b2192116a0a646ee7c9b944e8a9c
+    OpenBSD-Commit-ID: 0c167df8ab6df4a5292c32421922b0cf379e9054
 
-commit ef4f46ab4387bb863b471bad124d46e8d911a79a
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Wed Apr 7 09:59:15 2021 +1000
+commit 7b1cbcb7599d9f6a3bbad79d412604aa1203b5ee
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Aug 7 00:12:09 2021 +0000
 
-    Move the TEST_SSH_PORT section down a bit.
+    upstream: make scp(1) in SFTP mode follow symlinks like
     
-    This groups the portable-specific changes together and makes it a
-    little more likely that patches will apply cleanly.
-
-commit 3674e33fa70dfa1fe69b345bf576113af7b7be11
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Wed Apr 7 10:05:10 2021 +1000
-
-    Further split Valgrind tests.
+    traditional scp(1) ok markus@
     
-    Even split in two, the Valgrind tests take by far the longest to run,
-    so split them four ways to further increase parallelism.
+    OpenBSD-Commit-ID: 97255e55be37e8e26605e4ba1e69f9781765d231
 
-commit 961af266b861e30fce1e26170ee0dbb5bf591f29
+commit 133b44e500422df68c9c25c3b6de35c0263132f1
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Apr 6 23:24:30 2021 +0000
+Date:   Sat Aug 7 00:10:49 2021 +0000
 
-    upstream: include "ssherr.h" not <ssherr.h>; from Balu Gajjala via
+    upstream: fix incorrect directory permissions on scp -3
     
-    bz#3292
+    transfers; ok markus@
     
-    OpenBSD-Commit-ID: e9535cd9966eb2e69e73d1ede1f44905c30310bd
-
-commit e7d0a285dbdd65d8df16123ad90f15e91862f959
-Author: Damien Miller <djm@mindrot.org>
-Date:   Wed Apr 7 08:50:38 2021 +1000
-
-    wrap struct rlimit in HAVE_GETRLIMIT too
-
-commit f283a6c2e0a9bd9369e18462acd00be56fbe5b0d
-Author: Damien Miller <djm@mindrot.org>
-Date:   Wed Apr 7 08:20:35 2021 +1000
-
-    wrap getrlimit call in HAVE_GETRLIMIT; bz3291
+    OpenBSD-Commit-ID: 64b2abaa5635a2be65ee2e77688ad9bcebf576c2
 
-commit 679bdc4a5c9244f427a7aee9c14b0a0ed086da1f
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Tue Apr 6 09:07:33 2021 +0000
+commit 98b59244ca10e62ff67a420856770cb700164f59
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Aug 7 00:09:57 2021 +0000
 
-    upstream: Don't check return value of unsetenv(). It's part of the
+    upstream: a bit more debugging of file attributes being
     
-    environment setup and not part of the actual test, and some platforms
-    -portable runs on declare it as returning void, which prevents the test from
-    compiling.
+    sent/received over the wire
     
-    OpenBSD-Regress-ID: 24f08543ee3cdebc404f2951f3e388cc82b844a1
+    OpenBSD-Commit-ID: f68c4e207b08ef95200a8b2de499d422808e089b
 
-commit 320af2f3de6333aa123f1b088eca146a245e968a
-Author: jmc@openbsd.org <jmc@openbsd.org>
-Date:   Sun Apr 4 11:36:56 2021 +0000
+commit c677e65365d6f460c084e41e0c4807bb8a9cf601
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Aug 7 00:08:52 2021 +0000
 
-    upstream: remove stray inserts; from matthias schmidt
+    upstream: make scp(1) in SFTP mode output better match original
     
-    OpenBSD-Commit-ID: 2c36ebdc54e14bbf1daad70c6a05479a073d5c63
-
-commit 801f710953b24dd2f21939171c622eac77c7484d
-Author: jmc@openbsd.org <jmc@openbsd.org>
-Date:   Sun Apr 4 06:11:24 2021 +0000
-
-    upstream: missing comma; from kawashima james
+    scp(1) by suppressing "Retrieving [path]" lines that were emitted to support
+    the interactive sftp(1) client. ok markus@
     
-    OpenBSD-Commit-ID: 31cec6bf26c6db4ffefc8a070715ebef274e68ea
-
-commit b3ca08cb174266884d44ec710a84cd64c12414ea
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Mon Apr 5 23:46:42 2021 +1000
-
-    Install libcbor with libfido2.
+    OpenBSD-Commit-ID: 06be293df5f156a18f366079be2f33fa68001acc
 
-commit f3ca8af87a4c32ada660da12ae95cf03d190c083
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sat Apr 3 18:21:08 2021 +1100
+commit 48cd39b7a4e5e7c25101c6d1179f98fe544835cd
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Aug 7 00:07:18 2021 +0000
 
-    enable authopt and misc unit tests
+    upstream: factor out a structure duplicated between downloading
     
-    Neither were wired into the build, both required some build
-    adaptations for -portable
+    and crossloading; ok markus@
+    
+    OpenBSD-Commit-ID: 96eede24d520569232086a129febe342e4765d39
 
-commit dc1b45841fb97e3d7f655ddbcfef3839735cae5f
+commit 318c06bb04ee21a0cfa6b6022a201eacaa53f388
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sat Apr 3 06:58:30 2021 +0000
+Date:   Sat Aug 7 00:06:30 2021 +0000
 
-    upstream: typos in comments; GHPR#180 from Vill
+    upstream: use sftp_client crossloading to implement scp -3
     
-    =?UTF-8?q?e=20Skytt=C3=A4?=
-    MIME-Version: 1.0
-    Content-Type: text/plain; charset=UTF-8
-    Content-Transfer-Encoding: 8bit
+    feedback/ok markus@
     
-    OpenBSD-Commit-ID: 93c732381ae0e2b680c79e67c40c1814b7ceed2c
+    OpenBSD-Commit-ID: 7db4c0086cfc12afc9cfb71d4c2fd3c7e9416ee9
 
-commit 53ea05e09b04fd7b6dea66b42b34d65fe61b9636
+commit de7115b373ba0be3861c65de9b606a3e0e9d29a3
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sat Apr 3 06:55:52 2021 +0000
+Date:   Sat Aug 7 00:02:41 2021 +0000
 
-    upstream: sync CASignatureAlgorithms lists with reality. GHPR#174 from
+    upstream: support for "cross"-loading files/directories, i.e.
     
-    Matt Hazinski
+    downloading from one SFTP server while simultaneously uploading to another.
     
-    OpenBSD-Commit-ID: f05e4ca54d7e67b90fe58fe1bdb1d2a37e0e2696
-
-commit 57ed647ee07bb883a2f2264231bcd1df6a5b9392
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sat Apr 3 17:47:37 2021 +1100
-
-    polish whitespace for portable files
+    feedback & ok markus@
+    
+    OpenBSD-Commit-ID: 3982878e29d8df0fa4ddc502f5ff6126ac714235
 
-commit 31d8d231eb9377df474746a822d380c5d68d7ad6
+commit a50bd0367ff2063bbc70a387740a2aa6914de094
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sat Apr 3 06:18:40 2021 +0000
+Date:   Sat Aug 7 00:01:29 2021 +0000
 
-    upstream: highly polished whitespace, mostly fixing spaces-for-tab
+    upstream: factor our SSH2_FXP_OPEN calls into their own function;
     
-    and bad indentation on continuation lines. Prompted by GHPR#185
+    "looks fine" markus@
     
-    OpenBSD-Commit-ID: e5c81f0cbdcc6144df1ce468ec1bac366d8ad6e9
+    OpenBSD-Commit-ID: d3dea2153f08855c6d9dacc01973248944adeffb
 
-commit 34afde5c73b5570d6f8cce9b49993b23b77bfb86
+commit e3c0ba05873cf3d3f7d19d595667a251026b2d84
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sat Apr 3 05:54:14 2021 +0000
+Date:   Sat Aug 7 00:00:33 2021 +0000
 
-    upstream: whitespace (tab after space)
+    upstream: prepare for scp -3 implemented via sftp
     
-    OpenBSD-Commit-ID: 0e2b3f7674e985d3f7c27ff5028e690ba1c2efd4
-
-commit 7cd262c1c5a08cc7f4f30e3cab108ef089d0a57b
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Sat Apr 3 16:59:10 2021 +1100
-
-    Save config.h and config.log on failure too.
+    OpenBSD-Commit-ID: 194aac0dd87cb175334b71c2a30623a5ad55bb44
 
-commit 460aee9298f365357e9fd26851c22e0dca51fd6a
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sat Apr 3 05:46:41 2021 +0000
+commit 395d8fbdb094497211e1461cf0e2f80af5617e0a
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Aug 6 09:00:18 2021 +0000
 
-    upstream: fix incorrect plural; from Ville Skyt
+    upstream: Make diff invocation more portable.
     
-    =?UTF-8?q?t=C3=A4=20via=20GHPR#181?=
-    MIME-Version: 1.0
-    Content-Type: text/plain; charset=UTF-8
-    Content-Transfer-Encoding: 8bit
+    POSIX does not require diff to have -N, so compare in both directions
+    with just -r, which should catch missing files in either directory.
     
-    OpenBSD-Commit-ID: 92f31754c6296d8f403d7c293e09dc27292d22c9
+    OpenBSD-Regress-ID: 0e2ec8594556a6f369ed5a0a90c6806419b845f7
 
-commit 082804c14e548cada75c81003a3c68ee098138ee
+commit d247a73ce27b460138599648d9c637c6f2b77605
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sat Apr 3 05:40:39 2021 +0000
+Date:   Wed Aug 4 21:28:00 2021 +0000
 
-    upstream: ensure that pkcs11_del_provider() is called before exit -
-    
-    some PKCS#11 providers get upset if C_Initialize is not matched with
-    C_Finalize.
-    
-    From Adithya Baglody via GHPR#234; ok markus
+    upstream: regression test for scp -3
     
-    OpenBSD-Commit-ID: f8e770e03b416ee9a58f9762e162add900f832b6
+    OpenBSD-Regress-ID: b44375d125c827754a1f722ec6b6b75b634de05d
 
-commit 464ebc82aa926dd132ec75a0b064574ef375675e
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sat Apr 3 05:28:43 2021 +0000
+commit 35c8e41a6f6d8ad76f8d1cd81ac2ea23d0d993b2
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Aug 6 05:04:42 2021 +0000
 
-    upstream: unused variable
+    upstream: Document "ProxyJump none". bz#3334.
     
-    OpenBSD-Commit-ID: 85f6a394c8e0f60d15ecddda75176f112007b205
+    OpenBSD-Commit-ID: f78cc6f55731f2cd35c3a41d5352ac1ee419eba7
 
-commit dc3c0be8208c488e64a8bcb7d9efad98514e0ffb
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sat Apr 3 05:21:46 2021 +0000
+commit 911ec6411821bda535d09778df7503b92f0eafab
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Wed Aug 4 01:34:55 2021 +0000
 
-    upstream: Fix two problems in string->argv conversion: 1) multiple
+    upstream: Allow for different (but POSIX compliant) behaviour of
     
-    backslashes were not being dequoted correctly and 2) quoted space in the
-    middle of a string was being incorrectly split.
-    MIME-Version: 1.0
-    Content-Type: text/plain; charset=UTF-8
-    Content-Transfer-Encoding: 8bit
+    basename(3) and prevent a use-after-free in that case in the new sftp-compat
+    code.
     
-    A unit test for these cases has already been committed
+    POSIX allows basename(3) to either return a pointer to static storage
+    or modify the passed string and return a pointer to that.  OpenBSD does
+    the former and works as is, but on other platforms "filename" points
+    into "tmp" which was just freed.  This makes the freeing of tmp
+    consistent with the other variable in the loop.
     
-    prompted by and based on GHPR#223 by Eero Häkkinen; ok markus@
+    Pinpointed by the -portable Valgrind regress test.  ok djm@ deraadt@
     
-    OpenBSD-Commit-ID: d7ef27abb4eeeaf6e167e9312e4abe9e89faf1e4
+    OpenBSD-Commit-ID: 750f3c19bd4440e4210e30dd5d7367386e833374
 
-commit f75bcbba58a08c670727ece5e3f8812125969799
+commit 6df1fecb5d3e51f3a8027a74885c3a44f6cbfcbd
 Author: Damien Miller <djm@mindrot.org>
-Date:   Sat Apr 3 16:22:48 2021 +1100
+Date:   Wed Aug 4 11:05:11 2021 +1000
 
-    missing bits from 259d648e
+    use openbsd-compat glob.h is required
 
-commit 4cbc4a722873d9b68cb5496304dc050d7168df78
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Mar 31 21:59:26 2021 +0000
+commit 9ebd1828881dfc9014a344587934a5ce7db6fa1b
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Tue Aug 3 21:03:23 2021 +1000
 
-    upstream: cannot effectively test posix-rename extension after
-    
-    changes in feature advertisment.
+    Missing space between macro arg and punctuation.
     
-    OpenBSD-Regress-ID: 5e390bf88d379162aaa81b60ed86b34cb0c54d29
+    From jmc@
 
-commit 259d648e63e82ade4fe2c2c73c8b67fe57d9d049
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Mar 19 04:23:50 2021 +0000
+commit 0fd3f62eddc7cf54dcc9053be6f58998f3eb926a
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Tue Aug 3 21:02:33 2021 +1000
 
-    upstream: add a test for misc.c:argv_split(), currently fails
-    
-    OpenBSD-Regress-ID: ad6b96d6ebeb9643b698b3575bdd6f78bb144200
+    Avoid lines >80 chars.  From jmc@
 
-commit 473ddfc2d6b602cb2d1d897e0e5c204de145cd9a
+commit af5d8094d8b755e1daaf2e20ff1dc252800b4c9b
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Mar 19 03:25:01 2021 +0000
+Date:   Tue Aug 3 01:05:24 2021 +0000
 
-    upstream: split
+    upstream: regression tests for scp SFTP protocol support; mostly by
     
-    OpenBSD-Regress-ID: f6c03c0e4c58b3b9e04b161757b8c10dc8378c34
+    Jakub Jelen in GHPR#194 ok markus
+    
+    OpenBSD-Regress-ID: 36f1458525bcb111741ec8547eaf58b13cddc715
 
-commit 1339800fef8d0dfbfeabff71b34670105bcfddd2
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Mar 31 22:16:34 2021 +0000
+commit e4673b7f67ae7740131a4ecea29a846593049a91
+Author: anton@openbsd.org <anton@openbsd.org>
+Date:   Thu Jul 29 15:34:09 2021 +0000
 
-    upstream: Use new limits@openssh.com protocol extension to let the
-    
-    client select good limits based on what the server supports. Split the
-    download and upload buffer sizes to allow them to be chosen independently.
+    upstream: Treat doas with arguments as a valid SUDO variable.
     
-    In practice (and assuming upgraded sftp/sftp-server at each end), this
-    increases the download buffer 32->64KiB and the upload buffer
-    32->255KiB.
+    Allows one to specify SUDO="doas -n" which I do while running make regress.
     
-    Patches from Mike Frysinger; ok dtucker@
+    ok dtucker@
     
-    OpenBSD-Commit-ID: ebd61c80d85b951b794164acc4b2f2fd8e88606c
+    OpenBSD-Regress-ID: 4fe5814b5010dbf0885500d703bea06048d11005
 
-commit 6653c61202d104e59c8e741329fcc567f7bc36b8
+commit 197e29f1cca190d767c4b2b63a662f9a9e5da0b3
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Mar 31 21:58:07 2021 +0000
+Date:   Mon Aug 2 23:38:27 2021 +0000
 
-    upstream: do not advertise protocol extensions that have been
+    upstream: support for using the SFTP protocol for file transfers in
     
-    disallowed by the command-line options (e.g. -p/-P/-R); ok dtucker@
+    scp, via a new "-M sftp" option. Marked as experimental for now.
     
-    OpenBSD-Commit-ID: 3a8a76b3f5131741aca4b41bfab8d101c9926205
+    Some corner-cases exist, in particular there is no attempt to
+    provide bug-compatibility with scp's weird "double shell" quoting
+    rules.
+    
+    Mostly by Jakub Jelen in GHPR#194 with some tweaks by me. ok markus@
+    Thanks jmc@ for improving the scp.1 bits.
+    
+    OpenBSD-Commit-ID: 6ce4c9157ff17b650ace571c9f7793d92874051c
 
-commit 71241fc05db4bbb11bb29340b44b92e2575373d8
-Author: Damien Miller <djm@mindrot.org>
-Date:   Mon Mar 29 15:14:25 2021 +1100
+commit dd533c7ab79d61a7796b77b64bd81b098e0d7f9f
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Fri Jul 30 14:28:13 2021 +0000
 
-    gnome-ssh-askpass3 is a valid target here
+    upstream: fix a formatting error and add some Xr; from debian at
+    
+    helgefjell de
+    
+    removed references to rlogin etc. as no longer relevant;
+    suggested by djm
+    
+    ok djm dtucker
+    
+    OpenBSD-Commit-ID: 3c431c303068d3aec5bb18573a0bd5e0cd77c5ae
 
-commit 8a9520836e71830f4fccca066dba73fea3d16bda
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Mar 19 02:22:34 2021 +0000
+commit c7cd347a8823819411222c1e10a0d26747d0fd5c
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Fri Jul 30 14:25:01 2021 +0000
 
-    upstream: return non-zero exit status when killed by signal; bz#3281 ok
+    upstream: fix a formatting error and mark up known_hosts
     
-    dtucker@
+    consistently; issues reported by debian at helgefjell de
     
-    OpenBSD-Commit-ID: 117b31cf3c807993077b596bd730c24da9e9b816
+    ok djm dtucker
+    
+    OpenBSD-Commit-ID: a1fd8d21dc77f507685443832df0c9700481b0ce
 
-commit 1269b8a686bf1254b03cd38af78167a04aa6ec88
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Mar 19 02:18:28 2021 +0000
+commit 4455aec2e4fc90f64ae4fc47e78ebc9c18721738
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Wed Jul 28 05:57:42 2021 +0000
 
-    upstream: increase maximum SSH2_FXP_READ to match the maximum
+    upstream: no need to talk about version 2 with the -Q option, so
     
-    packet size. Also handle zero-length reads that are borderline nonsensical
-    but not explicitly banned by the spec. Based on patch from Mike Frysinger,
-    feedback deraadt@ ok dtucker@
+    rewrite the text to read better;
     
-    OpenBSD-Commit-ID: 4e67d60d81bde7b84a742b4ee5a34001bdf80d9c
+    issue reported by debian at helgefjell de
+    ok djm dtucker
+    
+    OpenBSD-Commit-ID: 59fe2e8219c37906740ad062e0fdaea487dbe9cf
 
-commit 860b67604416640e8db14f365adc3f840aebcb1f
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Mar 16 06:15:43 2021 +0000
+commit bec429338e9b30d2c7668060e82608286a8a4777
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Tue Jul 27 14:28:46 2021 +0000
 
-    upstream: don't let logging clobber errno before use
+    upstream: word fix; reported by debian at helgefjell de
     
-    OpenBSD-Commit-ID: ce6cca370005c270c277c51c111bb6911e1680ec
+    OpenBSD-Commit-ID: 0c6fd22142422a25343c5bd1a618f31618f41ece
 
-commit 5ca8a9216559349c56e09039c4335636fd85c241
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Sat Mar 13 14:40:43 2021 +1100
+commit efad4deb5a1f1cf79ebefd63c6625059060bfbe1
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Tue Jul 27 14:14:25 2021 +0000
 
-    Only call dh_set_moduli_file if using OpenSSL.
+    upstream: standardise the grammar in the options list; issue
     
-    Fixes link failure when configuring --without-openssl since dh.c is not
-    linked in.
+    reported by debian at helgefjell de
+    
+    ok dtucker djm
+    
+    OpenBSD-Commit-ID: 7ac15575045d82f4b205a42cc7d5207fe4c3f8e6
 
-commit 867a7dcf003c51d5a83f83565771a35f0d9530ac
+commit 1e11fb24066f3fc259ee30db3dbb2a3127e05956
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Sat Mar 13 13:52:53 2021 +1100
+Date:   Mon Aug 2 18:56:29 2021 +1000
 
-    Don't install moduli during tests.
-    
-    Now that we have TEST_SSH_MODULI_FILE pointing to the moduli in the
-    soure directory we don't need to install the file to prevent warnings
-    about it being missing.
+    Check for RLIMIT_NOFILE before trying to use it.
 
-commit 0c054538fccf92b4a028008321d3711107bee6d5
+commit 0f494236b49fb48c1ef33669f14822ca4f3ce2f4
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Sat Mar 13 13:51:26 2021 +1100
+Date:   Tue Jul 27 17:45:34 2021 +1000
 
-    Point TEST_SSH_MODULI_FILE at our own moduli.
+    lastenv is only used in setenv.
     
-    This will allow the test to run without requiring a moduli file
-    installed at the configured default path.
+    Prevents an unused variable warning on platforms that have setenv but
+    not unsetenv.
 
-commit 4d48219c72ab0c71238806f057f0e9630b7dd25c
-Author: jsg@openbsd.org <jsg@openbsd.org>
-Date:   Fri Mar 12 05:18:01 2021 +0000
+commit a1f78e08bdb3eaa88603ba3c6e01de7c8671e28a
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Mon Jul 26 12:45:30 2021 +1000
 
-    upstream: spelling
+    Move SUDO to "make test" command line.
     
-    OpenBSD-Commit-ID: 478bc3db04f62f1048ed6e1765400f3ab325e60f
+    Environment variables don't get passed by vmrun, so move to command
+    line.
 
-commit 88057eb6df912abf2678ea5c846d9d9cbc92752c
+commit 02e624273b9c78a49a01239159b8c09b8409b1a0
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Sun Jul 25 23:26:36 2021 +1000
+
+    Set SUDO for tests and cleanup.
+
+commit 460ae5d93051bab70239ad823dd784822d58baad
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Sun Jul 25 22:37:55 2021 +1000
+
+    Pass OPENSSL=no to make tests too.
+
+commit b398f499c68d74ebe3298b73757cf3f36e14e0cb
 Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Mar 12 04:08:19 2021 +0000
+Date:   Sun Jul 25 12:27:37 2021 +0000
 
-    upstream: Add ModuliFile keyword to sshd_config to specify the
+    upstream: Skip unit and makefile-based key conversion tests when
     
-    location of the "moduli" file containing the groups for DH-GEX.  This will
-    allow us to run tests against arbitrary moduli files without having to
-    install them. ok djm@
+    we're building with OPENSSL=no.
     
-    OpenBSD-Commit-ID: 8df99d60b14ecaaa28f3469d01fc7f56bff49f66
+    OpenBSD-Regress-ID: 20455ed9a977c93f846059d1fcb48e29e2c8d732
 
-commit f07519a2af96109325b5a48b1af18b57601074ca
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Mar 12 03:43:40 2021 +0000
+commit 727ce36c8c5941bde99216d27109405907caae4f
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Sun Jul 25 12:13:03 2021 +0000
 
-    upstream: pwcopy() struct passwd that we're going to reuse across a
+    upstream: Replace OPENSSL as the variable that points to the
     
-    bunch of library calls; bz3273 ok dtucker@
+    openssl binary with OPENSSL_BIN.  This will allow us to use the OPENSSL
+    variable from mk.conf or the make(1) command line indicating if we're
+    building with our without OpenSSL, and ultimately get the regress tests
+    working in the OPENSSL=no configuration.
     
-    OpenBSD-Commit-ID: b6eafa977b2e44607b1b121f5de855107809b762
+    OpenBSD-Regress-ID: 2d788fade3264d7803e5b54cae8875963f688c4e
 
-commit 69d6d4b0c8a88d3d1288415605f36e2df61a2f12
+commit 55e17101a9075f6a63af724261c5744809dcb95c
 Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Wed Mar 10 06:32:27 2021 +0000
+Date:   Sat Jul 24 02:57:28 2021 +0000
 
-    upstream: Import regenerated moduli file.
+    upstream: Skip RFC4716 format import and export tests when built
     
-    OpenBSD-Commit-ID: 7ac6c252d2a5be8fbad4c66d9d35db507c9dac5b
+    without OpenSSL.
+    
+    OpenBSD-Regress-ID: d2c2d5d38c1acc2b88cc99cfe00a2eb8bb39dfa4
 
-commit e5895e8ecfac65086ea6b34d0d168409a66a15e1
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Mar 10 04:58:45 2021 +0000
+commit f5ccb5895d39cd627ad9e7b2c671d2587616100d
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Sat Jul 24 02:51:14 2021 +0000
 
-    upstream: no need to reset buffer after send_msg() as that is done
+    upstream: Don't omit ssh-keygen -y from usage when built without
     
-    for us; patch from Mike Frysinger
+    OpenSSL.  It is actually available, albeit only for ed25519 keys.
     
-    OpenBSD-Commit-ID: 565516495ff8362a38231e0f1a087b8ae66da59c
+    OpenBSD-Commit-ID: 7a254c33d0e6a55c30c6b016a8d298d3cb7a7674
 
-commit 721948e67488767df0fa0db71ff2578ee2bb9210
+commit 819d57ac23469f1f03baa8feb38ddefbada90fdc
 Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Sat Mar 13 01:52:16 2021 +0000
+Date:   Sat Jul 24 02:08:13 2021 +0000
 
-    upstream: Add TEST_SSH_MODULI_FILE variable to allow overriding of the
+    upstream: Exclude key conversion options from usage when built
     
-    moduli file used during the test run.
+    without OpenSSL since those are not available, similar to what we currently
+    do with the moduli screening options.  We can also use this to skip the
+    conversion regression tests in this case.
     
-    OpenBSD-Regress-ID: be10f785263120edb64fc87db0e0d6570a10220a
+    OpenBSD-Commit-ID: 3c82caa398cf99cd4518c23bba5a2fc66b16bafe
 
-commit 82fef71e20ffef425b932bec26f5bc46aa1ed41c
+commit b6673b1d2ee90b4690ee84f634efe40225423c38
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Mar 12 15:58:57 2021 +1100
+Date:   Sat Jul 24 13:02:51 2021 +1000
 
-    Allow (but return EACCES) fstatat64 in sandbox.
-    
-    This is apparently used in some configurations of OpenSSL when glibc
-    has getrandom().  bz#3276, patch from Kris Karas, ok djm@
+    Test OpenBSD upstream with and without OpenSSL.
 
-commit 1cd67ee15ce3d192ab51be22bc4872a6a7a4b6d9
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Mar 12 13:16:10 2021 +1100
+commit 9d38074b5453c1abbdf888e80828c278d3b886ac
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Jul 24 01:54:23 2021 +0000
 
-    Move generic includes outside of ifdef.
+    upstream: test for first-match-wins in authorized_keys environment=
     
-    This ensures that the macros in log.h are defined in the case where
-    either of --with-solaris-projects or --with-solaris-privs are used
-    without --with-solaris-contracts.  bz#3278.
-
-commit 2421a567a8862fe5102a4e7d60003ebffd1313dd
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Wed Mar 10 17:41:21 2021 +1100
+    options
+    
+    OpenBSD-Regress-ID: 1517c90276fe84b5dc5821c59f88877fcc34c0e8
 
-    Import regenerated moduli file.
+commit 2b76f1dd19787e784711ea297ad8fc938b4484fd
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Jul 23 05:53:02 2021 +0000
 
-commit e99080c05d9d48dbbdb022538533d53ae1bd567d
-Author: millert@openbsd.org <millert@openbsd.org>
-Date:   Sat Mar 6 20:36:31 2021 +0000
-
-    upstream: Fix PRINT macro, the suffix param to sshlog() was missing.
-    
-    Also remove redundant __func__ prefix from PRINT calls as the macro already
-    adds __FILE__, __func__ and __LINE__.  From Christos Zoulas. OK dtucker@
+    upstream: Simplify keygen-convert by using $SSH_KEYTYPES directly.
     
-    OpenBSD-Commit-ID: 01fdfa9c5541151b5461d9d7d6ca186a3413d949
+    OpenBSD-Regress-ID: cdbe408ec3671ea9ee9b55651ee551370d2a4108
 
-commit 160db17fc678ceb5e3fd4a7e006cc73866f484aa
+commit 7d64a9fb587ba9592f027f7a2264226c713d6579
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Mar 3 22:41:49 2021 +0000
+Date:   Sat Jul 24 01:55:19 2021 +0000
 
-    upstream: don't sshbuf_get_u32() into an enum; reported by goetze
+    upstream: don't leak environment= variable when it is not the first
     
-    AT dovetail.com via bz3269
+    match
     
-    OpenBSD-Commit-ID: 99a30a8f1df9bd72be54e21eee5c56a0f050921a
+    OpenBSD-Commit-ID: 7fbdc3dfe0032deaf003fd937eeb4d434ee4efe0
 
-commit cffd033817a5aa388764b6661855dcdaabab0588
-Author: sthen@openbsd.org <sthen@openbsd.org>
-Date:   Wed Mar 3 21:40:16 2021 +0000
+commit db2130e2340bf923e41c791aa9cd27b9e926042c
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Fri Jul 23 06:01:17 2021 +0000
 
-    upstream: typo in other_hostkeys_message() display output, ok djm
+    upstream: punctuation;
     
-    OpenBSD-Commit-ID: 276f58afc97b6f5826e0be58380b737603dbf5f5
+    OpenBSD-Commit-ID: 64be152e378c45975073ab1c07e0db7eddd15806
 
-commit 7fe141b96b13bd7dc67ca985e14d55b9bd8a03fd
+commit 03190d10980c6fc9124e988cb2df13101f266507
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Mar 3 08:42:52 2021 +0000
+Date:   Fri Jul 23 05:56:47 2021 +0000
 
-    upstream: needs FILE*; from Mike Frysinger
+    upstream: mention in comment that read_passphrase(..., RP_ALLOW_STDIN)
     
-    OpenBSD-Commit-ID: dddb3aa9cb5792eeeaa37a1af67b5a3f25ded41d
-
-commit d2afd717e62d76bb41ab5f3ab4ce6f885c8edc98
-Author: Damien Miller <djm@mindrot.org>
-Date:   Tue Mar 2 21:31:47 2021 +1100
-
-    update depend
-
-commit f0c4eddf7cf224ebcac1f07ac8afdb30c6e9fe0a
-Author: Damien Miller <djm@mindrot.org>
-Date:   Tue Mar 2 21:30:14 2021 +1100
-
-    update relnotes URL
-
-commit 67a8bb7fe62a381634db4c261720092e7d514a3d
-Author: Damien Miller <djm@mindrot.org>
-Date:   Tue Mar 2 21:29:54 2021 +1100
-
-    update RPM spec version numbers
-
-commit 0a4b23b11b9a4e6eec332dd5c6ab2ac6f62aa164
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Mar 2 01:48:18 2021 +0000
-
-    upstream: openssh-8.5
+    will try to use askpass first. bz3314
     
-    OpenBSD-Commit-ID: 185e85d60fe042b8f8fa1ef29d4ef637bdf397d6
-
-commit de3866383b6720ad4cad83be76fe4c8aa111a249
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Mon Mar 1 21:13:24 2021 +1100
-
-    Only upload config logs if configure fails.
+    convert a couple of debug() -> debug_f() while here
+    
+    OpenBSD-Commit-ID: c7e812aebc28fcc5db06d4710e0f73613dee545c
 
-commit 85ff2a564ce838f8690050081176c1de1fb33116
+commit 1653ece6832b2b304d46866b262d5f69880a9ec7
 Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Sun Feb 28 22:56:30 2021 +0000
+Date:   Fri Jul 23 05:07:16 2021 +0000
 
-    upstream: Add %k to list of keywords. From
-    
-    =?UTF-8?q?=20Eero=20H=C3=A4kkinenvia=20bz#3267?=
-    MIME-Version: 1.0
-    Content-Type: text/plain; charset=UTF-8
-    Content-Transfer-Encoding: 8bit
+    upstream: Test conversion of ed25519 and ecdsa keys too.
     
-    OpenBSD-Commit-ID: 9c87f39a048cee2a7d1c8bab951b2f716256865e
+    OpenBSD-Regress-ID: 3676d2d00e58e0d6d37f2878f108cc2b83bbe4bb
 
-commit e774bac35933e71f924f4301786e7fb5bbe1422f
+commit 8b7af02dcf9d2b738787efd27da7ffda9859bed2
 Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Sun Feb 28 01:50:47 2021 +0000
+Date:   Fri Jul 23 04:56:21 2021 +0000
 
-    upstream: Do not try to reset signal handler for signal 0 in
+    upstream: Add test for exporting pubkey from a passphrase-protected
     
-    subprocess. Prevents spurious debug message.  ok djm@
+    private key.
     
-    OpenBSD-Commit-ID: 7f9785e292dcf304457566ad4637effd27ad1d46
+    OpenBSD-Regress-ID: da99d93e7b235fbd5b5aaa01efc411225e6ba8ac
 
-commit 351c5dbbd74ce300c4f058112f9731c867c6e225
+commit 441095d4a3e5048fe3c87a6c5db5bc3383d767fb
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sat Feb 27 23:42:37 2021 +0000
+Date:   Fri Jul 23 03:54:55 2021 +0000
 
-    upstream: fix alphabetic ordering of options; spotted by Iain Morgan
+    upstream: regression test for time-limited signature keys
     
-    OpenBSD-Commit-ID: f955fec617d74af0feb5b275831a9fee813d7ad5
-
-commit 0d1c9dbe578597f8d45d3ac7690df10d32d743e5
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Sat Feb 27 12:25:25 2021 +1100
-
-    zlib is now optional.
+    OpenBSD-Regress-ID: 2a6f3bd900dbee0a3c96f1ff23e032c93ab392bc
 
-commit b7c6ee7b437d9adfd19ef49d6c0f19f13f26f9b3
-Author: Jeffrey H. Johnson <61629094+johnsonjh@users.noreply.github.com>
-Date:   Sat Feb 27 01:04:58 2021 +0000
+commit 9e1882ef6489a7dd16b6d7794af96629cae61a53
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Jul 23 05:24:02 2021 +0000
 
-    Fix punctuatio and typo in README.md.
+    upstream: note successful authentication method in final "Authenticated
     
-    Some very minor fixes, missing 's' and punctuation.
+    to ..." message and partial auth success messages (all at LogLevel=verbose)
+    ok dtucker@
+    
+    OpenBSD-Commit-ID: 06834b89ceb89f8f16c5321d368a66c08f441984
 
-commit 6248b86074804983e8f7a2058856a516dbfe2924
-Author: Damien Miller <djm@mindrot.org>
-Date:   Fri Feb 26 16:45:50 2021 +1100
+commit a917e973a1b90b40ff1e950df083364b48fc6c78
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Jul 23 04:04:52 2021 +0000
 
-    Revert "ssh: optional bind interface if bind address specified."
+    upstream: Add a ForkAfterAuthentication ssh_config(5) counterpart
     
-    This reverts commit 5a878a71a3528c2626aa1d331934fd964782d41c.
+    to the ssh(1) -f flag. Last part of GHPR231 from Volker Diels-Grabsch. ok
+    dtucker
     
-    Apologies - I accidentally pushed this.
+    OpenBSD-Commit-ID: b18aeda12efdebe2093d55263c90fe4ea0bce0d3
 
-commit 493339a940b13be6071629c3c2dd5a3b6fc17023
-Author: Damien Miller <djm@mindrot.org>
-Date:   Fri Feb 26 15:45:38 2021 +1100
+commit e0c5088f1c96a145eb6ea1dee438010da78f9ef5
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Jul 23 04:00:59 2021 +0000
 
-    detech BSD libc hash functions in libbsd / libmd
+    upstream: Add a StdinNull directive to ssh_config(5) that allows
     
-    Some Linux distributions are shipping the BSD-style hashing functions
-    (e.g. SHA256Update) in libbsd and/or libmd. Detect this situation to
-    avoid header/replacement clashes later. ok dtucker@
-
-commit 5a878a71a3528c2626aa1d331934fd964782d41c
-Author: Dmitrii Turlupov <dturlupov@factor-ts.ru>
-Date:   Thu Feb 4 16:27:31 2021 +0300
-
-    ssh: optional bind interface if bind address specified.
+    the config file to do the same thing as -n does on the ssh(1) commandline.
+    Patch from Volker Diels-Grabsch via GHPR231; ok dtucker
     
-    Allows the -b and -B options to be used together.
-    For example, when the interface is in the VRF.
+    OpenBSD-Commit-ID: 66ddf3f15c76796d4dcd22ff464aed1edd62468e
 
-commit 1fe4d70df94d3bcc2b35fd57cad6b5fc4b2d7b16
+commit e3957e21ffdc119d6d04c0b1686f8e2fe052f5ea
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Feb 26 04:18:42 2021 +0000
+Date:   Fri Jul 23 03:57:20 2021 +0000
 
-    upstream: remove this KEX fuzzer; it's awkward to use and doesn't play
+    upstream: make authorized_keys environment="..." directives
     
-    nice with popular fuzzing drivers like libfuzzer. AFAIK nobody has used it
-    but me.
+    first-match-wins and more strictly limit their maximum number; prompted by
+    OOM reported by OSS-fuzz (35470).
     
-    OpenBSD-Regress-ID: cad919522b3ce90c147c95abaf81b0492ac296c9
-
-commit 24a3a67bd7421740d08803b84bd784e764107928
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Feb 26 11:49:19 2021 +1100
-
-    Remove macos-11.00 PAM test target too.
+    feedback and ok dtucker@
     
-    These are failing apparently due to some kind of infrastructure problem,
-    making it look like every commit is busted.
+    OpenBSD-Commit-ID: 01f63fc10dcd995e7aed9c378ad879161af83121
 
-commit 473201783f732ca8b0ec528b56aa55fa0d8cf717
+commit d0bb1ce731762c55acb95817df4d5fab526c7ecd
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Feb 26 00:16:58 2021 +0000
+Date:   Fri Jul 23 03:37:52 2021 +0000
 
-    upstream: a bit more debugging behind #ifdef DEBUG_SK
+    upstream: Let allowed signers files used by ssh-keygen(1)
     
-    OpenBSD-Commit-ID: d9fbce14945721061cb322f0084c2165d33d1993
+    signatures support key lifetimes, and allow the verification mode to specify
+    a signature time to check at. This is intended for use by git to support
+    signing objects using ssh keys. ok dtucker@
+    
+    OpenBSD-Commit-ID: 3e2c67b7dcd94f0610194d1e8e4907829a40cf31
 
-commit fd9fa76a344118fe1ef10b9a6c9e85d39599e9a8
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Feb 26 01:15:10 2021 +1100
+commit 44142068dc7ef783d135e91ff954e754d2ed432e
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Mon Jul 19 08:48:33 2021 +0000
 
-    Remove macos-11.0 from the test target list.
+    upstream: Use SUDO when setting up hostkey.
     
-    It has been consistently failing for the past few days with a github
-    actions internal error.
+    OpenBSD-Regress-ID: 990cf4481cab8dad62e90818a9b4b36c533851a7
 
-commit 476ac8e9d33dbf96ef97aab812b8d7089d0cdc24
-Author: Philip Hands <phil@hands.com>
-Date:   Wed Feb 24 23:43:16 2021 +0100
+commit 6b67f3f1d1d187597e54a139cc7785c0acebd9a2
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Mon Jul 19 05:08:54 2021 +0000
 
-    tidy the $INSTALLKEY_SH code layout a little
+    upstream: Increase time margin for rekey tests. Should help
     
-    SSH-Copy-ID-Upstream: 78178aa5017222773e4c23d9001391eeaeca8983
+    reliability on very heavily loaded hosts.
+    
+    OpenBSD-Regress-ID: 4c28a0fce3ea89ebde441d7091464176e9730533
 
-commit 983e05ef3b81329d76d6a802b39ad0d1f637c06c
-Author: Jakub Jelen <jjelen@redhat.com>
-Date:   Tue Sep 29 10:02:45 2020 +0000
+commit 7953e1bfce9e76bec41c1331a29bc6cff9d416b8
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Mon Jul 19 13:47:51 2021 +1000
 
-    if unable to add a missing newline, fail
-    
-    SSH-Copy-ID-Upstream: 76b25e18f55499ea9edb4c4d6dc4a80bebc36d95
+    Add sshfp-connect.sh file missed in previous.
 
-commit 3594b3b015f6014591da88ba71bf6ff010be7411
-Author: Philip Hands <phil@hands.com>
-Date:   Tue Oct 13 14:12:58 2020 +0200
+commit b75a80fa8369864916d4c93a50576155cad4df03
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Mon Jul 19 03:13:28 2021 +0000
 
-    use $AUTH_KEY_DIR, now that we have it
-    
-    since that was a change made since jjelen's commit was written
+    upstream: Ensure that all returned SSHFP records for the specified host
     
-    also, quote the variables
+    name and hostkey type match instead of only one.  While there, simplify the
+    code somewhat and add some debugging.  Based on discussion in bz#3322, ok
+    djm@.
     
-    SSH-Copy-ID-Upstream: 588cd8e5cbf95f3443d92b9ab27c5d73ceaf6616
+    OpenBSD-Commit-ID: 0a6a0a476eb7f9dfe8fe2c05a1a395e3e9b22ee4
 
-commit 333e25f7bc43cee6e36f766e39dad6f9918b318c
-Author: Jakub Jelen <jjelen@redhat.com>
-Date:   Tue Sep 29 10:00:01 2020 +0000
+commit 1cc1fd095393663cd72ddac927d82c6384c622ba
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Mon Jul 19 02:21:50 2021 +0000
 
-    restorecon the correct directory
+    upstream: Id sync only, -portable already has this.
     
-    if using different path for authorized_keys file
+    Put dh_set_moduli_file call inside ifdef WITH_OPENSSL. Fixes
+    build with OPENSSL=no.
     
-    SSH-Copy-ID-Upstream: 791a3df47b48412c726bff6f7b1d190721e65d51
-
-commit 9beeab8a37a49a9e3ffb1972fff6621ee5bd7a71
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Thu Feb 25 03:27:34 2021 +0000
+    OpenBSD-Commit-ID: af54abbebfb12bcde6219a44d544e18204defb15
 
-    upstream: s/PubkeyAcceptedKeyTypes/PubkeyAcceptedAlgorithms/
-    
-    OpenBSD-Regress-ID: 3dbc005fa29f69dc23d97e433b6dffed6fe7cb69
-
-commit 2dd9870c16ddbd83740adeead5030d6840288c8f
+commit 33abbe2f4153f5ca5c874582f6a7cc91ae167485
 Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Wed Feb 24 23:12:35 2021 +0000
+Date:   Mon Jul 19 02:46:34 2021 +0000
 
-    upstream: Rename pubkeyacceptedkeytypes to pubkeyacceptedalgorithms in
+    upstream: Add test for host key verification via SSHFP records. This
     
-    test to match change to config-dump output.
+    requires some external setup to operate so is disabled by default (see
+    comments in sshfp-connect.sh).
     
-    OpenBSD-Regress-ID: 74c9a4ad50306be873d032819d5e55c24eb74d5d
+    OpenBSD-Regress-ID: c52c461bd1df3a803d17498917d156ef64512fd9
 
-commit b9225c3a1c3f5827e31d5d64a71b8e0504a25619
+commit f0cd000d8e3afeb0416dce1c711c3d7c28d89bdd
 Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Wed Feb 24 01:18:08 2021 +0000
+Date:   Mon Jul 19 02:29:28 2021 +0000
 
-    upstream: Put obsolete aliases for hostbasedalgorithms and
+    upstream: Add ed25519 key and test SSHFP export of it. Only test
     
-    pubkeyacceptedalgorithms after their current names so that the config-dump
-    mode finds and uses the current names.  Spotted by Phil Pennock.
+    RSA SSHFP export if we have RSA functionality compiled in.
     
-    OpenBSD-Commit-ID: 5dd10e93cccfaff3aaaa09060c917adff04a9b15
+    OpenBSD-Regress-ID: b4ff5181b8c9a5862e7f0ecdd96108622333a9af
 
-commit 8b8b60542d6652b2c91e0ef9e9cc81bcb65e6b42
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Feb 23 21:55:08 2021 +0000
+commit 0075511e27e5394faa28edca02bfbf13b9a6693e
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Mon Jul 19 00:16:26 2021 +0000
 
-    upstream: lots more s/key types/signature algorithms/ mostly in
-    
-    HostbasedAcceptedAlgorithms and HostKeyAlgorithms; prompted by Jakub Jelen
+    upstream: Group keygen tests together.
     
-    OpenBSD-Commit-ID: 3f719de4385b1a89e4323b2549c66aae050129cb
+    OpenBSD-Regress-ID: 07e2d25c527bb44f03b7c329d893a1f2d6c5c40c
 
-commit 0aeb508aaabc4818970c90831e3d21843c3c6d09
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Feb 23 21:50:18 2021 +0000
+commit 034828820c7e62652e7c48f9ee6b67fb7ba6fa26
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Sun Jul 18 23:10:10 2021 +0000
 
-    upstream: Correct reference to signature algorithms as keys; from
-    
-    Jakub Jelen
+    upstream: Add test for ssh-keygen printing of SSHFP records.
     
-    OpenBSD-Commit-ID: 36f7ecee86fc811aa0f8e21e7a872eee044b4be5
+    OpenBSD-Regress-ID: fde9566b56eeb980e149bbe157a884838507c46b
 
-commit f186a020f2ba5f9c462a23293750e29ba0a746b1
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Tue Feb 23 16:05:22 2021 +1100
+commit 52c3b6985ef1d5dadb4c4fe212f8b3a78ca96812
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Jul 17 00:38:11 2021 +0000
 
-    Add a couple more test VMs.
+    upstream: wrap some long lines
+    
+    OpenBSD-Commit-ID: 4f5186b1466656762dae37d3e569438d900c350d
 
-commit ffcdd3d90e74176b3bb22937ad1f65a6c1cd3f9d
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Mon Feb 22 08:09:27 2021 +1100
+commit 43ec991a782791d0b3f42898cd789f99a07bfaa4
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Jul 17 00:36:53 2021 +0000
 
-    Valgrind test: split and move up list.
+    upstream: fix sftp on ControlPersist connections, broken by recent
     
-    Since the valgrind test takes so long it approaches the limit allowed by
-    github, move it to the head of the list so it's the first one started and
-    split the longest tests out into a second instance that runs concurrently
-    with the first.
+    SessionType change; spotted by sthen@
+    
+    OpenBSD-Commit-ID: 4c5ddc5698790ae6ff50d2a4f8f832f0eeeaa234
 
-commit c3b1636770785cc2830dedd0f22ef7d3d3491d6d
+commit 073f45c236550f158c9a94003e4611c07dea5279
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Feb 23 00:05:31 2021 +0000
+Date:   Fri Jul 16 09:00:23 2021 +0000
 
-    upstream: warn when the user specifies a ForwardAgent path that does
+    upstream: Explicitly check for and start time-based rekeying in the
     
-    not exist and exit if ExitOnForwardFailure is set; bz3264
+    client and server mainloops.
     
-    OpenBSD-Commit-ID: 72f7875865e723e464c71bf8692e83110699bf26
+    Previously the rekey timeout could expire but rekeying would not start
+    until a packet was sent or received. This could cause us to spin in
+    select() on the rekey timeout if the connection was quiet.
+    
+    ok markus@
+    
+    OpenBSD-Commit-ID: 4356cf50d7900f3df0a8f2117d9e07c91b9ff987
 
-commit 5fcb0514949d61aadaf4a89cf16eb78fb47491ec
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Sat Feb 20 13:34:02 2021 +1100
+commit ef7c4e52d5d840607f9ca3a302a4cbb81053eccf
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Wed Jul 14 06:46:38 2021 +0000
 
-    Disable rlimit sandbox, doesn't work with valgrind
+    upstream: reorder SessionType; ok djm
     
-    Only run regress tests, runing unit tests as well makes it run longer
-    than allowed y github.
+    OpenBSD-Commit-ID: c7dd0b39e942b1caf4976a0b1cf0fed33d05418c
 
-commit bb0b9bf45396c19486080d3eb0a159f94de7e6ba
+commit 8aa2f9aeb56506dca996d68ab90ab9c0bebd7ec3
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Sat Feb 20 13:06:25 2021 +1100
+Date:   Wed Jul 14 11:26:50 2021 +1000
 
-    Upload valgrind logs on failure.
+    Make whitespace consistent.
 
-commit ebb3b75e974cb241c6b9b9f5881b09c7bd32b651
+commit 4f4297ee9b8a39f4dfd243a74c5f51f9e7a05723
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Feb 19 22:18:50 2021 +1100
+Date:   Wed Jul 14 11:26:12 2021 +1000
 
-    Rename "vm" to "os" in selfhosted to match c-cpp.
+    Add ARM64 Linux self-hosted runner.
+
+commit eda8909d1b0a85b9c3804a04d03ec6738fd9dc7f
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Jul 13 23:48:36 2021 +0000
+
+    upstream: add a SessionType directive to ssh_config, allowing the
     
-    Should make it easier to share code or maybe merge at some point.
+    configuration file to offer equivalent control to the -N (no session) and -s
+    (subsystem) command-line flags.
+    
+    Part of GHPR#231 by Volker Diels-Grabsch with some minor tweaks;
+    feedback and ok dtucker@
+    
+    OpenBSD-Commit-ID: 726ee931dd4c5cc7f1d7a187b26f41257f9a2d12
 
-commit 76c0be0fe0465cb2b975dbd409f8d38b55e55bcb
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Feb 19 22:15:22 2021 +1100
+commit 7ae69f2628e338ba6e0eae7ee8a63bcf8fea7538
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Jul 12 02:12:22 2021 +0000
 
-    Upload regress failure logs in c-cpp too.
+    upstream: fix some broken tests; clean up output
+    
+    OpenBSD-Regress-ID: 1d5038edb511dc4ce1622344c1e724626a253566
 
-commit 8751b6c3136f5225c40f41bbf29aa29e15795f6e
+commit f5fc6a4c3404bbf65c21ca6361853b33d78aa87e
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Feb 19 22:13:36 2021 +1100
+Date:   Mon Jul 12 18:00:05 2021 +1000
 
-    Comment out Solaris 64bit PAM build...
+    Add configure-time detection for SSH_TIME_T_MAX.
     
-    until I can figure out why it's failing.
+    Should fix printing cert times exceeding INT_MAX (bz#3329) on platforms
+    were time_t is a long long.  The limit used is for the signed type, so if
+    some system has a 32bit unsigned time_t then the lower limit will still
+    be imposed and we would need to add some way to detect this.  Anyone using
+    an unsigned 64bit can let us know when it starts being a problem.
 
-commit e9f6d563c06886b277c6b9abafa99fa80726dc48
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Feb 19 10:20:17 2021 +1100
+commit fd2d06ae4442820429d634c0a8bae11c8e40c174
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Mon Jul 12 06:22:57 2021 +0000
 
-    Actually run Valgrind tests.
+    upstream: Make limit for time_t test unconditional in the
+    
+    format_absolute_time fix for bz#3329 that allows printing of timestamps past
+    INT_MAX. This was incorrectly included with the previous commit.   Based on
+    discussion with djm@.
+    
+    OpenBSD-Commit-ID: 835936f6837c86504b07cabb596b613600cf0f6e
 
-commit 41d232e226624f1a81c17091c36b44c9010aae62
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Feb 19 10:16:56 2021 +1100
+commit 6c29b387cd64a57b0ec8ae7d2c8d02789d88fcc3
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Mon Jul 12 06:08:57 2021 +0000
 
-    Add test against Valgrind.
+    upstream: Use existing format_absolute_time() function when
+    
+    printing cert validity instead of doing it inline.  Part of bz#3329.
+    
+    OpenBSD-Commit-ID: a13d4e3c4f59644c23745eb02a09b2a4e717c00c
 
-commit e6528d91f12fba05f0ea64224091c9d0f38bdf1d
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Thu Feb 18 16:30:01 2021 +1100
+commit 99981d5f8bfa383791afea03f6bce8454e96e323
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Jul 9 09:55:56 2021 +0000
 
-    Add fbsd12 test target.
+    upstream: silence redundant error message; reported by Fabian Stelzer
+    
+    OpenBSD-Commit-ID: 9349a703016579a60557dafd03af2fe1d44e6aa2
 
-commit 6506cb2798d98ff03a7cc06567c392a81f540680
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Thu Feb 18 15:21:13 2021 +1100
+commit e86097813419b49d5bff5c4b51d1c3a5d4d2d804
+Author: John Ericson <John.Ericson@Obsidian.Systems>
+Date:   Sat Dec 26 11:40:49 2020 -0500
 
-    Remove unused arg.
+    Re-indent krb5 section after pkg-config addition.
 
-commit 93c31a623973b0fad508214593aab6ca94b11dcb
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Thu Feb 18 14:54:07 2021 +1100
+commit 32dd2daa56c294e40ff7efea482c9eac536d8cbb
+Author: John Ericson <John.Ericson@Obsidian.Systems>
+Date:   Sat Dec 26 11:40:49 2020 -0500
 
-    Add DEBUG_SK to kitchensink builds.
+    Support finding Kerberos via pkg-config
+    
+    This makes cross compilation easier.
 
-commit 65085740d3574eeb3289d592f042df62c2689bb0
+commit def7a72234d7e4f684d72d33a0f7229f9eee0aa4
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Thu Feb 18 14:53:14 2021 +1100
+Date:   Fri Jul 9 14:34:06 2021 +1000
 
-    Add bbone test target (arm32).
+    Update comments about EGD to include prngd.
 
-commit 63238f5aed66148b8d6ca7bd5fb347d624200155
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Thu Feb 18 02:49:35 2021 +0000
+commit b5d23150b4e3368f4983fd169d432c07afeee45a
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Mon Jul 5 01:21:07 2021 +0000
 
-    upstream: Fix the hostkeys rotation extension documentation
-    
-    The documentation was lacking the needed want-reply field in the initial
-    global request.
+    upstream: Fix a couple of whitespace things. Portable already has
     
-    https://github.com/openssh/openssh-portable/pull/218 by dbussink
+    these so this removes two diffs between the two.
     
-    OpenBSD-Commit-ID: 051824fd78edf6d647a0b9ac011bf88e28775054
+    OpenBSD-Commit-ID: 769f017ebafd8e741e337b3e9e89eb5ac73c9c56
 
-commit 34c5ef6e2d06d9f0e20cb04a9aebf67a6f96609a
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Thu Feb 18 02:15:07 2021 +0000
+commit 8f57be9f279b8e905f9883066aa633c7e67b31cf
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Mon Jul 5 01:16:46 2021 +0000
 
-    upstream: make names in function prototypes match those in
+    upstream: Order includes as per style(9). Portable already has
     
-    definition from https://github.com/openssh/openssh-portable/pull/225 by
-    ZenithalHourlyRate
+    these so this removes a handful of diffs between the two.
     
-    OpenBSD-Commit-ID: 7c736307bf3f2c7cb24d6f82f244eee959485acd
+    OpenBSD-Commit-ID: 8bd7452d809b199c19bfc49511a798f414eb4a77
 
-commit 88e3d4de31ab4f14cac658e9e0c512043b15b146
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Thu Feb 18 02:13:58 2021 +0000
+commit b75624f8733b3ed9e240f86cac5d4a39dae11848
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Mon Jul 5 00:50:25 2021 +0000
 
-    upstream: unbreak SK_DEBUG builds
+    upstream: Remove comment referencing now-removed
     
-    from https://github.com/openssh/openssh-portable/pull/225 by
-    ZenithalHourlyRate
+    RhostsRSAAuthentication.  ok djm@
     
-    OpenBSD-Commit-ID: 28d7259ce1b04d025411464decfa2f1a097b43eb
+    OpenBSD-Commit-ID: 3d864bfbd99a1d4429a58e301688f3be464827a9
 
-commit 788cbc5b74a53956ba9fff11e1ca506271a3597f
+commit b67eb12f013c5441bb4f0893a97533582ad4eb13
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Thu Feb 18 00:30:17 2021 +0000
+Date:   Mon Jul 5 00:25:42 2021 +0000
 
-    upstream: sftp-server: implement limits@openssh.com extension
-    
-    This is a simple extension that allows the server to clearly
-    communicate transfer limits it is imposing so the client doesn't
-    have to guess, or force the user to manually tune.  This is
-    particularly useful when an attempt to use too large of a value
-    causes the server to abort the connection.
+    upstream: allow spaces to appear in usernames for local to remote,
     
-    Patch from Mike Frysinger; ok dtucker@
+    and scp -3 remote to remote copies. with & ok dtucker bz#1164
     
-    OpenBSD-Commit-ID: f96293221e5aa24102d9bf30e4f4ef04d5f4fb51
+    OpenBSD-Commit-ID: e9b550f3a85ffbb079b6720833da31317901d6dd
 
-commit 324449a68d510720d0e4dfcc8e9e5a702fe6a48f
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Feb 18 12:06:25 2021 +1100
+commit 8c4ef0943e574f614fc7c6c7e427fd81ee64ab87
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Jul 2 07:20:44 2021 +0000
 
-    support OpenSSL 3.x cipher IV API change
-    
-    OpenSSL renamed the "get current CIPHER_CTX" IV operation in 3.x.
-    This uses the new name if available.
+    upstream: Remove obsolete comments about SSHv1 auth methods. ok
     
-    https://github.com/openssl/openssl/issues/13411
+    djm@
     
-    bz#3238 ok dtucker@
+    OpenBSD-Commit-ID: 6060f70966f362d8eb4bec3da2f6c4712fbfb98f
 
-commit 845fe9811c047063d935eca89188ed55c993626b
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Feb 18 11:25:38 2021 +1100
+commit 88908c9b61bcb99f16e8d398fc41e2b3b4be2003
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Sat Jul 3 23:00:19 2021 +1000
 
-    prefer login_getpwclass() to login_getclass()
-    
-    FreeBSD has login_getpwclass() that does some special magic for
-    UID=0. Prefer this to login_getclass() as its easier to emulate
-    the former with the latter.
+    Remove reference to ChallengeResponse.
     
-    Based on FreeBSD PR 37416 via Ed Maste; ok dtucker@
+    challenge_response_authentication was removed from the struct, keeping
+    kbd_interactive_authentication.
 
-commit d0763c8d566119cce84d9806e419badf20444b02
+commit 321874416d610ad2158ce6112f094a4862c2e37f
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Thu Feb 18 10:45:27 2021 +1100
+Date:   Sat Jul 3 20:38:09 2021 +1000
 
-    Fixing quoting for installing moduli on target guest.
+    Move signal.h up include order to match upstream.
 
-commit b3afc243bc820f323a09e3218e9ec8a30a3c1933
+commit 4fa83e2d0e32c2dd758653e0359984bbf1334f32
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Thu Feb 18 10:27:16 2021 +1100
-
-    Install moduli on target not host.
-
-commit f060c2bc85d59d111fa18a12eb3872ee4b9f7e97
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Feb 18 10:33:58 2021 +1100
+Date:   Sat Jul 3 20:36:06 2021 +1000
 
-    don't free string returned by login_getcapstr(3)
-    
-    OpenBSD and NetBSD require the caller to free strings returned
-    bu the login_* functions, but FreeBSD requires that callers don't.
-    
-    Fortunately in this case, we can harmlessly leak as the process is
-    about to exec the shell/command.
+    Remove old OpenBSD version marker.
     
-    From https://reviews.freebsd.org/D28617 via Ed Maste; ok dtucker@
+    Looks like an accidental leftover from a sync.
 
-commit bc9b0c25703215501da28aa7a6539f96c0fa656f
+commit 9d5e31f55d5f3899b72645bac41a932d298ad73b
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Thu Feb 18 10:10:00 2021 +1100
+Date:   Sat Jul 3 20:34:19 2021 +1000
 
-    Skip unit tests on sol11 to speed things up.
+    Remove duplicate error on error path.
+    
+    There's an extra error() call on the listen error path, it looks like
+    its removal was missed during an upstream sync.
 
-commit 161873035c12cc22211fc73d07170ade47746bc5
+commit 888c459925c7478ce22ff206c9ac1fb812a40caf
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Thu Feb 18 10:09:27 2021 +1100
+Date:   Sat Jul 3 20:32:46 2021 +1000
 
-    Remove SKIP_UNIT as it needs to be a make arg.
+    Remove some whitespace not in upstream.
+    
+    Reduces diff vs OpenBSD by a small amount.
 
-commit 1c293868e4b4e8e74e3ea15b8dff90f6b089967a
+commit 4d2d4d47a18d93f3e0a91a241a6fdb545bbf7dc2
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Thu Feb 18 10:05:03 2021 +1100
+Date:   Sat Jul 3 19:27:43 2021 +1000
 
-    Always intall moduli.
+    Replace remaining references to ChallengeResponse.
     
-    Allows us to run tests without falling back to a fixed modulus.  Ensure that
-    the directory exists.
+    Portable had a few additional references to ChallengeResponse related to
+    UsePAM, replaces these with equivalent keyboard-interactive ones.
 
-commit 5c8f41ad100601ec2fdcbccdfe92890c31f81bbe
+commit 53237ac789183946dac6dcb8838bc3b6b9b43be1
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Thu Feb 18 09:59:09 2021 +1100
+Date:   Sat Jul 3 19:23:28 2021 +1000
 
-    Quote SSHD_CONFOPTS in case it contains spaces.
+    Sync remaining ChallengeResponse removal.
+    
+    These were omitted from commit 88868fd131.
 
-commit 4653116c1f5384ea7006e6396d9b53c33d218975
+commit 2c9e4b319f7e98744b188b0f58859d431def343b
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Thu Feb 18 09:51:18 2021 +1100
+Date:   Sat Jul 3 19:17:31 2021 +1000
 
-    Fix labels on targets (dots vs underscores).
+    Disable rocky84 to figure out why agent test fails
 
-commit 4512047f57ca3c6e8cd68f0cc69be59e98b25287
+commit bfe19197a92b7916f64a121fbd3c179abf15e218
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Wed Feb 17 21:47:48 2021 +1100
+Date:   Fri Jul 2 15:43:28 2021 +1000
 
-    More compact representation of config matrix.
+    Remove now-unused SSHv1 enums.
+    
+    sRhostsRSAAuthentication and sRSAAuthentication are protocol 1 options
+    and are no longer used.
 
-commit 0406cd09f05c2e419b113dd4c0eac8bc34ec915b
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Wed Feb 17 21:19:18 2021 +1100
+commit c73b02d92d72458a5312bd098f32ce88868fd131
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Jul 2 05:11:20 2021 +0000
 
-    Skip unit tests on hosted VMs to speed things up.
+    upstream: Remove references to ChallengeResponseAuthentication in
+    
+    favour of KbdInteractiveAuthentication.  The former is what was in SSHv1, the
+    latter is what is in SSHv2 (RFC4256) and they were treated as somewhat but
+    not entirely equivalent.  We retain the old name as deprecated alias so
+    config files continue to work and a reference in the man page for people
+    looking for it.
+    
+    Prompted by bz#3303 which pointed out the discrepancy between the two
+    when used with Match.  Man page help & ok jmc@, with & ok djm@
+    
+    OpenBSD-Commit-ID: 2c1bff8e5c9852cfcdab1f3ea94dfef5a22f3b7e
 
-commit 4582612e6147d766c336198c498740242fb8f1ec
+commit f841fc9c8c7568a3b5d84a4cc0cefacb7dbc16b9
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Wed Feb 17 20:21:29 2021 +1100
+Date:   Fri Jul 2 15:20:32 2021 +1000
 
-    Merge macos and ubuntu tests.
+    Fix ifdefs around get_random_bytes_prngd.
+    
+    get_random_bytes_prngd() is used if either of PRNGD_PORT or PRNGD_SOCKET
+    are defined, so adjust ifdef accordingly.
 
-commit 09f4b84654b71099559492e9aed5e1a38bf24815
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Wed Feb 17 18:41:30 2021 +1100
+commit 0767627cf66574484b9c0834500b42ea04fe528a
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Jul 2 14:30:23 2021 +1000
 
-    Convert most github hosted tests to new config structure.
+    wrap get_random_bytes_prngd() in ifdef
+    
+    avoid unused static function warning
 
-commit 65380ff7e054be1454e5ab4fd7bb9c66f8fcbaa9
+commit f93fdc4de158386efe1116bd44c5b3f4a7a82c25
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Wed Feb 17 18:27:36 2021 +1100
+Date:   Mon Jun 28 13:06:37 2021 +1000
 
-    Only run selfhosted tests from selfhosted repo.
+    Add rocky84 test target.
 
-commit f031366535650b88248ed7dbf23033afdf466240
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Jan 15 14:11:43 2021 +1100
+commit d443006c0ddfa7f6a5bd9c0ae92036f3d5f2fa3b
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Jun 25 06:30:22 2021 +0000
 
-    Add self-hosted runners for VMs of other platforms.
-    
-    Github only hosts a limited number of platforms, and the runner code
-    is only supported on slightly wider range of platforms.  To increase
-    our test coverage beyond that, we run the runner natively on a VM host,
-    where it runs a jobs that boot VMs of other platforms, waits for them
-    to come up then runs the build and test by ssh'ing into the guest.
-    This means that the minimum dependencies for the guests are quite low
-    (basically just sshd, a compiler and make).
-    
-    The interface to the VM host is fairly simple (basically 3 scripts:
-    vmstartup, vmrun and vmshutdown), but those are specific to the VM host
-    so are not in the public repo.  We also mount the working directory on the
-    host via sshfs, so things like artifact upload by the runner also work.
-    
-    As part of this we are moving the per-test-target configs into a single
-    place (.github/configs) where there will be referenced by a single short
-    "config" key.  I plan to make the github-hosted runners use this too.
+    upstream: fix decoding of X.509 subject name; from Leif Thuresson
     
-    The self-hosted runners are run off a private repo on github since that
-    prevents third parties from accessing them[0], and since runner quota is
-    limited on private repos, we avoid running the tests we run on the public
-    repo.
+    via bz3327 ok markus@
     
-    [0] https://docs.github.com/en/actions/hosting-your-own-runners/about-self-hosted-runners#self-hosted-runner-security-with-public-repositories
+    OpenBSD-Commit-ID: 0ea2e28f39750dd388b7e317bc43dd997a217ae8
 
-commit 64bbd7444d658ef7ee14a7ea5ccc7f5810279ee7
+commit 2a5704ec142202d387fda2d6872fd4715ab81347
 Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Wed Feb 17 03:59:00 2021 +0000
+Date:   Fri Jun 25 06:20:39 2021 +0000
 
-    upstream: Make sure puttygen is new enough to successfully run the
+    upstream: Use better language to refer to the user. From l1ving
     
-    PuTTY interop tests, otherwise skip them.
+    via github PR#250, ok jmc@
     
-    OpenBSD-Regress-ID: 34565bb50b8aec58331ed02a5e9e0a9a929bef51
+    OpenBSD-Commit-ID: 07ca3526626996613e128aeddf7748c93c4d6bbf
 
-commit da0a9afcc446a30ca49dd216612c41ac3cb1f2d4
-Author: markus@openbsd.org <markus@openbsd.org>
-Date:   Mon Feb 15 20:43:15 2021 +0000
+commit 4bdf7a04797a0ea1c431a9d54588417c29177d19
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Jun 25 03:38:17 2021 +0000
 
-    upstream: ssh: add PermitRemoteOpen for remote dynamic forwarding
+    upstream: Replace SIGCHLD/notify_pipe kludge with pselect.
     
-    with SOCKS ok djm@, dtucker@
+    Previously sshd's SIGCHLD handler would wake up select() by writing a
+    byte to notify_pipe.  We can remove this by blocking SIGCHLD, checking
+    for child terminations then passing the original signal mask through
+    to pselect.  This ensures that the pselect will immediately wake up if
+    a child terminates between wait()ing on them and the pselect.
     
-    OpenBSD-Commit-ID: 64fe7b6360acc4ea56aa61b66498b5ecc0a96a7c
-
-commit b696858a7f9db72a83d02cb6edaca4b30a91b386
-Author: markus@openbsd.org <markus@openbsd.org>
-Date:   Mon Feb 15 20:36:35 2021 +0000
-
-    upstream: factor out opt_array_append; ok djm@
+    In -portable, for platforms that do not have pselect the kludge is still
+    there but is hidden behind a pselect interface.
     
-    OpenBSD-Commit-ID: 571bc5dd35f99c5cf9de6aaeac428b168218e74a
+    Based on other changes for bz#2158, ok djm@
+    
+    OpenBSD-Commit-ID: 202c85de0b3bdf1744fe53529a05404c5480d813
 
-commit ad74fc127cc45567e170e8c6dfa2cfd9767324ec
-Author: dlg@openbsd.org <dlg@openbsd.org>
-Date:   Mon Feb 15 11:09:22 2021 +0000
+commit c9f7bba2e6f70b7ac1f5ea190d890cb5162ce127
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Jun 25 15:08:18 2021 +1000
 
-    upstream: ProxyJump takes "none" to disable processing like
-    
-    ProxyCommand does
-    
-    ok djm@ jmc@
+    Move closefrom() to before first malloc.
     
-    OpenBSD-Commit-ID: 941a2399da2193356bdc30b879d6e1692f18b6d3
+    When built against tcmalloc, tcmalloc allocates a descriptor for its
+    internal use, so calling closefrom() afterward causes the descriptor
+    number to be reused resulting in a corrupted connection.  Moving the
+    closefrom a little earlier should resolve this.  From kircherlike at
+    outlook.com via bz#3321, ok djm@
 
-commit 16eacdb016ccf38dd9959c78edd3a6282513aa53
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Feb 12 03:49:09 2021 +0000
+commit 7ebfe4e439853b88997c9cfc2ff703408a1cca92
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Jun 18 20:41:45 2021 +1000
 
-    upstream: sftp: add missing lsetstat@openssh.com documentation
+    Put second -lssh in link line for sftp-server.
     
-    patch from Mike Frysinger
-    
-    OpenBSD-Commit-ID: 9c114db88d505864075bfe7888b7c8745549715b
+    When building --without-openssl the recent port-prngd.c change adds
+    a dependency on atomicio, but since nothing else in sftp-server uses
+    it, the linker may not find it.  Add a second -lssh similar to other
+    binaries.
 
-commit e04fd6dde16de1cdc5a4d9946397ff60d96568db
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Feb 12 03:14:18 2021 +0000
+commit e409d7966785cfd9f5970e66a820685c42169717
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Jun 18 18:34:08 2021 +1000
 
-    upstream: factor SSH_AGENT_CONSTRAIN_EXTENSION parsing into its own
-    
-    function and remove an unused variable; ok dtucker@
+    Try EGD/PRNGD if random device fails.
     
-    OpenBSD-Commit-ID: e1a938657fbf7ef0ba5e73b30365734a0cc96559
+    When built --without-openssl, try EGD/PRGGD (if configured) as a last
+    resort before failing.
 
-commit 1bb130ed34721d46452529d094d9bbf045607d79
+commit e43a898043faa3a965dbaa1193cc60e0b479033d
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Thu Feb 11 10:18:05 2021 +1100
+Date:   Fri Jun 18 18:32:51 2021 +1000
 
-    Add __NR_futex_time64 to seccomp sandbox.
+    Split EGD/PRNGD interface into its own file.
     
-    This is apparently needed for (some) 32 bit platforms with glibc 2.33.
-    Patch from nix at esperi.org.uk and jjelen at redhat.com via bz#3260.
+    This will allow us to use it when building --without-openssl.
 
-commit f88a7a431212a16e572ecabd559e632f369c363e
+commit acb2887a769a1b1912cfd7067f3ce04fad240260
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Sat Feb 6 09:37:01 2021 +1100
+Date:   Thu Jun 17 21:03:19 2021 +1000
 
-    Add a hostname function for systems that don't have it.
+    Handle GIDs > 2^31 in getgrouplist.
     
-    Some systems don't have a hostname command (it's not required by POSIX).
-    The do have uname -n (which is), but as found by tim@ some others (eg
-    UnixWare) do not report the FQDN from uname -n.
+    When compiled in 32bit mode, the getgrouplist implementation may fail
+    for GIDs greater than LONG_MAX.  Analysis and change from ralf.winkel
+    at tui.com.
 
-commit 5e385a71ef2317856f37c91a98658eb12eb5a89c
+commit 31fac20c941126281b527605b73bff30a8f02edd
 Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Feb 5 22:03:40 2021 +0000
+Date:   Thu Jun 10 09:46:28 2021 +0000
 
-    upstream: Roll back the hostname->uname change in rev 1.10. It turns
-    
-    out uname -n doesn't do what we need for some platforms in portable, so we'll
-    fix the original problem (that some other platforms don't have hostname at
-    all) by providing wrapper function to implement it.
+    upstream: Use $SUDO when reading sshd's pidfile here too.
     
-    OpenBSD-Regress-ID: 827a707d6201d5a8e196a8c28aec1d2c76c52341
+    OpenBSD-Regress-ID: 6bfb0d455d493f24839034a629c5306f84dbd409
 
-commit b446c214279de50ed8388e54897eb1be5281c894
+commit a3a58acffc8cc527f8fc6729486d34e4c3d27643
 Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Feb 5 06:01:58 2021 +0000
+Date:   Thu Jun 10 09:43:51 2021 +0000
 
-    upstream: hostname is not specified by POSIX but uname -n is, so use
+    upstream: Use $SUDO when reading sshd's pidfile in case it was
     
-    the latter for portability.  Patch from Geert Hendrickx via github PR#208.
+    created with a very restrictive umask.  This resyncs with -portable.
     
-    OpenBSD-Regress-ID: d6a79c7c4d141a0d05ade4a042eb57dddbce89f3
+    OpenBSD-Regress-ID: 07fd2af06df759d4f64b82c59094accca1076a5d
 
-commit 1cb6ce98d658e5fbdae025a3bd65793980e3b5d9
-Author: David Carlier <devnexen@gmail.com>
-Date:   Sat Nov 21 12:22:23 2020 +0000
+commit 249ad4ae51cd3bc235e75a4846eccdf8b1416611
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Thu Jun 10 09:37:59 2021 +0000
 
-    Using explicit_memset for the explicit_bzero compatibility layer.
+    upstream: Set umask when creating hostkeys to prevent excessive
     
-    Favoriting the native implementation in this case.
-
-commit 2e0beff67def2120f4b051b1016d7fbf84823e78
-Author: Luca Weiss <luca@z3ntu.xyz>
-Date:   Sun Nov 8 14:19:23 2020 +0100
-
-    Deny (non-fatal) statx in preauth privsep child.
+    permissions warning.
+    
+    OpenBSD-Regress-ID: 382841db0ee28dfef7f7bffbd511803e1b8ab0ef
 
-commit a35d3e911e193a652bd09eed40907e3e165b0a7b
+commit 9d0892153c005cc65897e9372b01fa66fcbe2842
 Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Feb 5 02:20:23 2021 +0000
+Date:   Thu Jun 10 03:45:31 2021 +0000
 
-    upstream: Remove debug message from sigchld handler. While this
+    upstream: Add regress test for SIGHUP restart
     
-    works on OpenBSD it can cause problems on other platforms.  From kircherlike
-    at outlook.com via bz#3259, ok djm@
+    while handling active and unauthenticated clients.  Should catch anything
+    similar to the pselect bug just fixed in sshd.c.
     
-    OpenBSD-Commit-ID: 3e241d7ac1ee77e3de3651780b5dc47b283a7668
+    OpenBSD-Regress-ID: 3b3c19b5e75e43af1ebcb9586875b3ae3a4cac73
 
-commit 69338ab46afe9e3dfb7762ad65351d854077c998
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Feb 2 22:36:59 2021 +0000
+commit 73f6f191f44440ca3049b9d3c8e5401d10b55097
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Thu Jun 10 03:14:14 2021 +0000
 
-    upstream: whitespace
+    upstream: Continue accept loop when pselect
     
-    OpenBSD-Commit-ID: 544bb092e03fcbecb420196cd0f70af13ea868ad
+    returns -1, eg if it was interrupted by a signal.  This should prevent
+    the hang discovered by sthen@ wherein sshd receives a SIGHUP while it has
+    an unauthenticated child and goes on to a blocking read on a notify_pipe.
+    feedback deraadt@, ok djm@
+    
+    OpenBSD-Commit-ID: 0243c1c5544fca0974dae92cd4079543a3fceaa0
 
-commit f71219a01d8f71c4b3ed7e456337a84ddba1653e
+commit c785c0ae134a8e8b5c82b2193f64c632a98159e4
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Feb 2 22:36:46 2021 +0000
+Date:   Tue Jun 8 22:30:27 2021 +0000
 
-    upstream: fix memleaks in private key deserialisation; enforce more
+    upstream: test that UserKnownHostsFile correctly accepts multiple
     
-    consistency between redundant fields in private key certificate and private
-    key body; ok markus@
+    arguments; would have caught readconf.c r1.356 regression
     
-    OpenBSD-Commit-ID: dec344e414d47f0a7adc13aecf3760fe58101240
+    OpenBSD-Regress-ID: 71ca54e66c2a0211b04999263e56390b1f323a6a
 
-commit 3287790e78bf5b53c4a3cafb67bb5aa03e3910f0
+commit 1a6f6b08e62c78906a3032e8d9a83e721c84574e
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Feb 2 22:35:14 2021 +0000
+Date:   Tue Jun 8 22:06:12 2021 +0000
 
-    upstream: memleak on error path; ok markus@
+    upstream: fix regression in r1.356: for ssh_config options that
     
-    OpenBSD-Commit-ID: 2091a36d6ca3980c81891a6c4bdc544e63cb13a8
+    accepted multiple string arguments, ssh was only recording the first.
+    Reported by Lucas via bugs@
+    
+    OpenBSD-Commit-ID: 7cbf182f7449bf1cb7c5b4452667dc2b41170d6d
 
-commit 3dd0c64e08f1bba21d71996d635c7256c8c139d1
+commit 78e30af3e2b2dd540a341cc827c6b98dd8b0a6de
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sun Jan 31 22:55:29 2021 +0000
+Date:   Tue Jun 8 07:40:12 2021 +0000
 
-    upstream: more strictly enforce KEX state-machine by banning packet
-    
-    types once they are received. Fixes memleak caused by duplicate
-    SSH2_MSG_KEX_DH_GEX_REQUEST (spotted by portable OpenSSH kex_fuzz via
-    oss-fuzz #30078).
-    
-    ok markus@
+    upstream: test argv_split() optional termination on comments
     
-    OpenBSD-Commit-ID: 87331c715c095b587d5c88724694cdeb701c9def
+    OpenBSD-Regress-ID: 9fd1c4a27a409897437c010cfd79c54b639a059c
 
-commit 7a92a324a2e351fabd0ba8ef9b434d3b12d54ee3
+commit a023138957ea2becf1c7f93fcc42b0aaac6f2b03
 Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Sun Jan 31 10:50:10 2021 +0000
+Date:   Tue Jun 8 07:05:27 2021 +0000
 
-    upstream: Set linesize returned by getline to zero when freeing and
+    upstream: Add testcases from bz#3319 for IPQoS and TunnelDevice
     
-    NULLing the returned string.  OpenBSD's getline handles this just fine, but
-    some implementations used by -portable do not.  ok djm@
+    being overridden on the command line.
     
-    OpenBSD-Commit-ID: 4d7bd5169d3397654247db9655cc69a9908d165c
+    OpenBSD-Regress-ID: 801674d5d2d02abd58274a78cab2711f11de14a8
 
-commit a5dfc5bae8c16e2a7caf564758d812c7672480b5
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sat Jan 30 16:32:29 2021 +1100
+commit 660cea10b2cdc11f13ba99c89b1bbb368a4d9ff2
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Jun 8 06:52:43 2021 +0000
 
-    allow a fuzz case to contain more than one request
+    upstream: sprinkle some "# comment" at end of configuration lines
     
-    loop until input buffer empty, no message consumed or 256 messages
-    processed
-
-commit 0ef24ad60204022f7e33b6e9d171172c50514132
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sat Jan 30 16:28:23 2021 +1100
-
-    expect fuzz cases to have length prefix
+    to test comment handling
     
-    might make life a little easier for the fuzzer, e.g. it can now
-    produce valid (multi-request) messages by smashing two cases together.
-
-commit de613f2713d2dfcd3b03c00e5558a40997f52712
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sat Jan 30 12:03:30 2021 +1100
-
-    ssh-agent fuzzer
+    OpenBSD-Regress-ID: cb82fbf40bda5c257a9f742c63b1798e5a8fdda7
 
-commit 7e96c877bcb2fb645355a687b8cb7347987c1c58
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sat Jan 30 12:02:46 2021 +1100
+commit acc9c32dcb6def6c7d3688bceb4c0e59bd26b411
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Jun 8 06:51:47 2021 +0000
 
-    move keys out of kex_fuzz.cc into separate header
+    upstream: more descriptive failure message
     
-    add certificates and missing key types
-
-commit 76f46d75664fdaa1112739ca523ff85ee4eb52b4
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sat Jan 30 12:02:10 2021 +1100
-
-    some fixed test data (mostly keys) for fuzzing
+    OpenBSD-Regress-ID: 5300f6faf1d9e99c0cd10827b51756c5510e3509
 
-commit 7c2e3d6de1f2edb0c8b4725b4c2b56360e032b19
+commit ce04dd4eae23d1c9cf7c424a702f48ee78573bc1
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sat Jan 30 00:56:38 2021 +0000
+Date:   Mon Jun 7 01:16:34 2021 +0000
 
-    upstream: add a SK_DUMMY_INTEGRATE define that allows the dummy
+    upstream: test AuthenticationMethods inside a Match block as well
     
-    security key middleware to be directly linked; useful for writing fuzzers,
-    etc.
+    as in the main config section
     
-    OpenBSD-Regress-ID: 0ebd00159b58ebd85e61d8270fc02f1e45df1544
+    OpenBSD-Regress-ID: ebe0a686621b7cb8bb003ac520975279c28747f7
 
-commit 1a4b92758690faa12f49079dd3b72567f909466d
+commit 9018bd821fca17e26e92f7a7e51d9b24cd62f2db
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Jan 29 06:29:46 2021 +0000
+Date:   Mon Jun 7 00:00:50 2021 +0000
 
-    upstream: fix the values of enum sock_type
+    upstream: prepare for stricter sshd_config parsing that will refuse
     
-    OpenBSD-Commit-ID: 18d048f4dbfbb159ff500cfc2700b8fb1407facd
+    a config that has {Allow,Deny}{Users,Groups} on a line with no subsequent
+    arguments. Such lines are permitted but are nonsensical noops ATM
+    
+    OpenBSD-Regress-ID: ef65463fcbc0bd044e27f3fe400ea56eb4b8f650
 
-commit 8afaa7d7918419d3da6c0477b83db2159879cb33
+commit a10f929d1ce80640129fc5b6bc1acd9bf689169e
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Jan 29 06:28:10 2021 +0000
+Date:   Tue Jun 8 07:09:42 2021 +0000
 
-    upstream: give typedef'd struct a struct name; makes the fuzzer I'm
+    upstream: switch sshd_config parsing to argv_split()
     
-    writing a bit easier
+    similar to the previous commit, this switches sshd_config parsing to
+    the newer tokeniser. Config parsing will be a little stricter wrt
+    quote correctness and directives appearing without arguments.
     
-    OpenBSD-Commit-ID: 1052ab521505a4d8384d67acb3974ef81b8896cb
-
-commit 1e660115f0c7c4a750cd31e468ff889f33dd8088
-Author: Damien Miller <djm@mindrot.org>
-Date:   Fri Jan 29 11:09:14 2021 +1100
-
-    fuzz diffie-hellman-group-exchange-sha1 kex too
-
-commit be5f0048ea2aaeddd27be7dcca23aaad345fa16c
-Author: Damien Miller <djm@mindrot.org>
-Date:   Fri Jan 29 11:03:35 2021 +1100
-
-    support for running kex fuzzer with null cipher
-
-commit 3d59e88c0e42182c3749b446ccd9027933c84be4
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Thu Jan 28 20:55:16 2021 +1100
+    feedback and ok markus@
+    
+    tested in snaps for the last five or so days - thanks Theo and those who
+    caught bugs
+    
+    OpenBSD-Commit-ID: 9c4305631d20c2d194661504ce11e1f68b20d93e
 
-    make with -j2 to use available CPUs.
+commit ea9e45c89a4822d74a9d97fef8480707d584da4d
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Jun 8 07:07:15 2021 +0000
 
-commit 66dd9ddb5d2ea8c407908c8e8468c9d6e71db05b
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Thu Jan 28 14:31:01 2021 +1100
-
-    Add test against openssl head and libressl head.
-
-commit 237dbb34e24b6b7ea888d54bda4d17da0a0fd0fa
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Thu Jan 28 14:30:50 2021 +1100
-
-    Remove whitespace.
-
-commit d983e1732b8135d7ee8d92290d6dce35f736ab88
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Jan 27 23:49:46 2021 +0000
-
-    upstream: fix leak: was double allocating kex->session_id buffer
+    upstream: Switch ssh_config parsing to use argv_split()
     
-    OpenBSD-Commit-ID: 3765f4cc3ae1df874dba9102a3588ba7b48b8183
-
-commit 1134a48cdcef8e7363b9f6c73ebdd24405066738
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Jan 28 08:57:31 2021 +1100
-
-    correct kex name in disabled code
-
-commit 67f47f1965abafc1830a287761125c2f4790857e
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Jan 27 10:15:08 2021 +0000
-
-    upstream: this needs kex.h now
+    This fixes a couple of problems with the previous tokeniser,
+    strdelim()
     
-    OpenBSD-Commit-ID: c5a42166c5aa002197217421a971e48be7cb5d41
-
-commit 39be3dc209f28f9c1ebfeba42adde8963b01e1cd
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Jan 27 10:05:28 2021 +0000
-
-    upstream: make ssh->kex->session_id a sshbuf instead of u_char*/size_t
+    1. strdelim() is permissive wrt accepting '=' characters. This is
+      intended to allow it to tokenise "Option=value" but because it
+      cannot keep state, it will incorrectly split "Opt=val=val2".
+    2. strdelim() has rudimentry handling of quoted strings, but it
+      is incomplete and inconsistent. E.g. it doesn't handle escaped
+      quotes inside a quoted string.
+    3. It has no support for stopping on a (unquoted) comment. Because
+      of this readconf.c r1.343 added chopping of lines at '#', but
+      this caused a regression because these characters may legitimately
+      appear inside quoted strings.
     
-    and use that instead of global variables containing copies of it. feedback/ok
-    markus@
+    The new tokeniser is stricter is a number of cases, including #1 above
+    but previously it was also possible for some directives to appear
+    without arguments. AFAIK these were nonsensical in all cases, and the
+    new tokeniser refuses to accept them.
     
-    OpenBSD-Commit-ID: a4b1b1ca4afd2e37cb9f64f737b30a6a7f96af68
-
-commit 4ca6a1fac328477c642329676d6469dba59019a3
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Jan 27 09:26:53 2021 +0000
-
-    upstream: remove global variable used to stash compat flags and use the
+    The new code handles quotes much better, permitting quoted space as
+    well as escaped closing quotes. Finally, comment handling should be
+    fixed - the tokeniser will terminate only on unquoted # characters.
     
-    purpose-built ssh->compat variable instead; feedback/ok markus@
+    feedback & ok markus@
     
-    OpenBSD-Commit-ID: 7c4f200e112dae6bcf99f5bae1a5629288378a06
-
-commit bba229b6f3328171f5e3ae85de443002523c0452
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Wed Jan 27 12:34:07 2021 +1100
-
-    Install moduli file before tests.
+    tested in snaps for the last five or so days - thanks Theo and those who
+    caught bugs
     
-    Reduces warnings during test runs.
-
-commit 1b83185593a90a73860a503d753a95ca6d726c00
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Wed Jan 27 11:58:26 2021 +1100
-
-    Run one test with -Werror to catch warnings.
+    OpenBSD-Commit-ID: dc72fd12af9d5398f4d9e159d671f9269c5b14d5
 
-commit d1532d90074b212054d5fd965f833231b09982f5
+commit d786424986c04d1d375f231fda177c8408e05c3e
 Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Wed Jan 27 00:37:26 2021 +0000
+Date:   Tue Jun 8 07:02:46 2021 +0000
 
-    upstream: Logical not bitwise or. ok djm@
+    upstream: Check if IPQoS or TunnelDevice are already set before
     
-    OpenBSD-Commit-ID: d4dc855cf04951b93c45caa383e1ac9af0a3b0e5
+    overriding. Prevents values in config files from overriding values supplied
+    on the command line.  bz#3319, ok markus.
+    
+    OpenBSD-Commit-ID: f3b08b898c324debb9195e6865d8999406938f74
 
-commit 507b448a2465a53ab03a88acbc71cc51b48ca6ac
-Author: naddy@openbsd.org <naddy@openbsd.org>
-Date:   Tue Jan 26 15:40:17 2021 +0000
+commit aae4b4d3585b9f944d7dbd3c9e5ba0006c55e457
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Jun 8 06:54:40 2021 +0000
 
-    upstream: move HostbasedAcceptedAlgorithms to the right place in
+    upstream: Allow argv_split() to optionally terminate tokenisation
     
-    alphabetical order
+    when it encounters an unquoted comment.
     
-    OpenBSD-Commit-ID: d766820d33dd874d944c14b0638239adb522c7ec
-
-commit e26c980778b228bdd42b8353cc70101cf49b731b
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Tue Jan 26 11:25:01 2021 +0000
-
-    upstream: Remove unused variables leftover from refactoring. ok
+    Add some additional utility function for working with argument
+    vectors, since we'll be switching to using them to parse
+    ssh/sshd_config shortly.
     
-    djm@
+    ok markus@ as part of a larger diff; tested in snaps
     
-    OpenBSD-Commit-ID: 8b3ad58bff828fcf874e54b2fc27a4cf1d9505e8
+    OpenBSD-Commit-ID: fd9c108cef2f713f24e3bc5848861d221bb3a1ac
 
-commit e9f78d6b06fc323bba1890b2dc3b8423138fb35c
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Tue Jan 26 05:32:21 2021 +0000
+commit da9f9acaac5bab95dca642b48e0c8182b246ab69
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Mon Jun 7 19:19:23 2021 +1000
 
-    upstream: Rename HostbasedKeyTypes (ssh) and
-    
-    HostbasedAcceptedKeyTypes (sshd) to HostbasedAcceptedAlgorithms, which more
-    accurately reflects its effect. This matches a previous change to
-    PubkeyAcceptedAlgorithms.  The previous names are retained as aliases.  ok
-    djm@
-    
-    OpenBSD-Commit-ID: 49451c382adc6e69d3fa0e0663eeef2daa4b199e
+    Save logs on failure for upstream test
 
-commit 48d0d7a4dd31154c4208ec39029d60646192f978
+commit 76883c60161e5f3808787085a27a8c37f8cc4e08
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Tue Jan 26 14:48:07 2021 +1100
+Date:   Mon Jun 7 14:36:32 2021 +1000
 
-    Disable sntrup761 if compiler doesn't support VLAs.
-    
-    The sntrup761 code sourced from supercop uses variable length
-    arrays.  Although widely supported, they are not part of the ANSI
-    C89 spec so if the compiler does not support VLAs, disable the
-    sntrup761x25519-sha512@openssh.com KEX method by replacing the kex
-    functions with no-op ones similar to what we do in kexecdh.c.
-    
-    This should allow OpenSSH to build with a plain C89 compiler again.
-    Spotted by tim@, ok djm@.
+    Add obsdsnap-i386 upstream test target.
 
-commit 37c70ea8d4f3664a88141bcdf0bf7a16bd5fd1ac
+commit d45b9c63f947ec5ec314696e70281f6afddc0ac3
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Jan 26 00:54:49 2021 +0000
+Date:   Mon Jun 7 03:38:38 2021 +0000
 
-    upstream: refactor key constraint parsing in ssh-agent
-    
-    Key constraints parsing code previously existed in both the "add regular
-    key" and "add smartcard key" path. This unifies them but also introduces
-    more consistency checking: duplicated constraints and constraints that
-    are nonsensical for a particular situation (e.g. FIDO provider for a
-    smartcard key) are now banned.
+    upstream: fix debug message when finding a private key to match a
     
-    ok markus@
+    certificate being attempted for user authentication. Previously it would
+    print the certificate's path, whereas it was supposed to be showing the
+    private key's path. Patch from Alex Sherwin via GHPR247
     
-    OpenBSD-Commit-ID: 511cb1b1c021ee1d51a4c2d649b937445de7983c
+    OpenBSD-Commit-ID: d5af3be66d0f22c371dc1fe6195e774a18b2327b
 
-commit e0e8bee8024fa9e31974244d14f03d799e5c0775
+commit 530739d42f6102668aecd699be0ce59815c1eceb
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Jan 26 00:53:31 2021 +0000
+Date:   Sun Jun 6 11:34:16 2021 +0000
 
-    upstream: more ssh-agent refactoring
-    
-    Allow confirm_key() to accept an additional reason suffix
-    
-    Factor publickey userauth parsing out into its own function and allow
-    it to optionally return things it parsed out of the message to its
-    caller.
+    upstream: Match host certificates against host public keys, not private
     
-    feedback/ok markus@
+    keys. Allows use of certificates with private keys held in a ssh-agent.
+    Reported by Miles Zhou in bz3524; ok dtucker@
     
-    OpenBSD-Commit-ID: 29006515617d1aa2d8b85cd2bf667e849146477e
+    OpenBSD-Commit-ID: 25f5bf70003126d19162862d9eb380bf34bac22a
 
-commit dfe18a295542c169ffde8533b3d7fe42088e2de7
+commit 4265215d7300901fd7097061c7517688ade82f8e
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Jan 26 00:51:30 2021 +0000
+Date:   Sun Jun 6 03:40:39 2021 +0000
 
-    upstream: make struct hostkeys public; I have no idea why I made it
+    upstream: Client-side workaround for a bug in OpenSSH 7.4: this release
     
-    opaque originally.
+    allows RSA/SHA2 signatures for public key authentication but fails to
+    advertise this correctly via SSH2_MSG_EXT_INFO. This causes clients of these
+    server to incorrectly match PubkeyAcceptedAlgorithms and potentially refuse
+    to offer valid keys.
     
-    ok markus@
+    Reported by and based on patch from Gordon Messmer via bz3213, thanks
+    also for additional analysis by Jakub Jelen. ok dtucker
     
-    OpenBSD-Commit-ID: e50780b34d4bbe628d69b2405b024dd749d982f3
+    OpenBSD-Commit-ID: d6d0b7351d5d44c45f3daaa26efac65847a564f7
 
-commit 3b44f2513cae89c920e8fe927b9bc910a1c8c65a
+commit bda270d7fb8522d43c21a79a4b02a052d7c64de8
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Jan 26 00:49:30 2021 +0000
+Date:   Sun Jun 6 03:17:02 2021 +0000
 
-    upstream: move check_host_cert() from sshconnect,c to sshkey.c and
-    
-    refactor it to make it more generally usable and testable.
+    upstream: degrade gracefully if a sftp-server offers the
     
-    ok markus@
+    limits@openssh.com extension but fails when the client tries to invoke it.
+    Reported by Hector Martin via bz3318
     
-    OpenBSD-Commit-ID: 536f489f5ff38808c1fa711ba58d4579b636f9e4
+    OpenBSD-Commit-ID: bd9d1839c41811616ede4da467e25746fcd9b967
 
-commit 1fe16fd61bb53944ec510882acc0491abd66ff76
+commit d345d5811afdc2d6923019b653cdd93c4cc95f76
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Jan 26 00:47:47 2021 +0000
+Date:   Sun Jun 6 03:15:39 2021 +0000
 
-    upstream: use recallocarray to allocate the agent sockets table;
-    
-    also clear socket entries that are being marked as unused.
-    
-    spinkle in some debug2() spam to make it easier to watch an agent
-    do its thing.
+    upstream: the limits@openssh.com extension was incorrectly marked
     
-    ok markus
+    as an operation that writes to the filesystem, which made it unavailable in
+    sftp-server read-only mode. Spotted by Hector Martin via bz3318
     
-    OpenBSD-Commit-ID: 74582c8e82e96afea46f6c7b6813a429cbc75922
+    OpenBSD-Commit-ID: f054465230787e37516c4b57098fc7975e00f067
 
-commit cb7b22ea20a01332c81c0ddcb3555ad50de9cce2
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Jan 26 00:46:17 2021 +0000
+commit 2b71010d9b43d7b8c9ec1bf010beb00d98fa765a
+Author: naddy@openbsd.org <naddy@openbsd.org>
+Date:   Sat Jun 5 13:47:00 2021 +0000
 
-    upstream: factor out common code in the agent client
+    upstream: PROTOCOL.certkeys: update reference from IETF draft to
     
-    Add a ssh_request_reply_decode() function that sends a message to
-    the agent, reads and parses a success/failure reply.
-    Use it for all requests that only expect success/failure
+    RFC
     
-    ok markus@
+    Also fix some typos.
+    ok djm@
     
-    OpenBSD-Commit-ID: e0c1f4d5e6cfa525d62581e2b8de93be0cb85adb
+    OpenBSD-Commit-ID: 5e855b6c5a22b5b13f8ffa3897a868e40d349b44
 
-commit d1e578afe7cd48140ad6e92a453f9b035363fd7f
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Jan 25 06:00:17 2021 +0000
+commit aa99b2d9a3e45b943196914e8d8bf086646fdb54
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Jun 4 23:41:29 2021 +1000
 
-    upstream: make ssh hostbased authentication send the signature
+    Clear notify_pipe from readset if present.
     
-    algorithm in its SSH2_MSG_USERAUTH_REQUEST packets instead of the key type.
-    This make HostbasedAcceptedAlgorithms do what it is supposed to - filter on
-    signature algorithm and not key type.
-    
-    spotted with dtucker@ ok markus@
-    
-    OpenBSD-Commit-ID: 25bffe19f0326972f5728170f7da81d5f45c78c6
+    Prevents leaking an implementation detail to the caller.
 
-commit 95eca1e195a3b41baa1a725c2c5af8a09d885e4b
+commit 6de8dadf6b4d0627d35bca0667ca44b1d61c2c6b
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Sat Jan 23 18:26:05 2021 +1100
+Date:   Fri Jun 4 23:24:25 2021 +1000
 
-    ifdef new instance of sin6_scope_id
-    
-    Put inside HAVE_STRUCT_SOCKADDR_IN6_SIN6_SCOPE_ID similar to
-    existing instance.  Should fix error on UnixWare 7.
+    space->tabs.
 
-commit 6ffdcdda128045226dda7fbb3956407978028a1e
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Mon Jan 18 11:43:34 2021 +0000
+commit c8677065070ee34c05c7582a9c2f58d8642e552d
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Jun 4 18:39:48 2021 +1000
 
-    upstream: Fix long->int for convtime tests here too. Spotted by
+    Add pselect implementation for platforms without.
     
-    tobhe@.
+    This is basically the existing notify_pipe kludge from serverloop.c
+    moved behind a pselect interface.  It works by installing a signal
+    handler that writes to a pipe that the select is watching, then calls
+    the original handler.
     
-    OpenBSD-Regress-ID: a87094f5863312d00938afba771d25f788c849d0
+    The select call in serverloop will become pselect soon, at which point the
+    kludge will be removed from thereand will only exist in the compat layer.
+    Original code by markus, help from djm.
 
-commit b55b7565f15327d82ad7acbddafa90b658c5f0af
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Jan 22 02:46:40 2021 +0000
+commit 7cd7f302d3a072748299f362f9e241d81fcecd26
+Author: Vincent Brillault <vincent.brillault@cern.ch>
+Date:   Sun May 24 09:15:06 2020 +0200
 
-    upstream: PubkeyAcceptedKeyTypes->PubkeyAcceptedAlgorithms
-    
-    here too.
+    auth_log: dont log partial successes as failures
     
-    OpenBSD-Commit-ID: 3b64a640f8ce8c21d9314da9df7ce2420eefde3a
+    By design, 'partial' logins are successful logins, so initially with
+    authenticated set to 1, for which another authentication is required. As
+    a result, authenticated is always reset to 0 when partial is set to 1.
+    However, even if authenticated is 0, those are not failed login
+    attempts, similarly to attempts with authctxt->postponed set to 1.
 
-commit ee9c0da8035b3168e8e57c1dedc2d1b0daf00eec
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Jan 22 02:44:58 2021 +0000
+commit e7606919180661edc7f698e6a1b4ef2cfb363ebf
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Jun 4 06:19:07 2021 +0000
 
-    upstream: Rename PubkeyAcceptedKeyTypes keyword to
+    upstream: The RB_GENERATE_STATIC(3) macro expands to a series of
     
-    PubkeyAcceptedAlgorithms. While the two were originally equivalent, this
-    actually specifies the signature algorithms that are accepted.  Some key
-    types (eg RSA) can be used by multiple algorithms (eg ssh-rsa, rsa-sha2-512)
-    so the old name is becoming increasingly misleading.  The old name is
-    retained as an alias. Prompted by bz#3253, help & ok djm@, man page help jmc@
+    function definitions and not a statement, so there should be no semicolon
+    following them. Patch from Michael Forney
     
-    OpenBSD-Commit-ID: 0346b2f73f54c43d4e001089759d149bfe402ca5
+    OpenBSD-Commit-ID: c975dd180580f0bdc0a4d5b7d41ab1f5e9b7bedd
 
-commit a8e798feabe36d02de292bcfd274712cae1d8d17
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Jan 15 02:58:11 2021 +0000
+commit c298c4da574ab92df2f051561aeb3e106b0ec954
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Jun 4 05:59:18 2021 +0000
 
-    upstream: Change types in convtime() unit test to int to match change
+    upstream: rework authorized_keys example section, removing irrelevant
     
-    its new type. Add tests for boundary conditions and fix convtime to work up
-    to INT_MAX. ok djm@
+    stuff, de-wrapping the example lines and better aligning the examples with
+    common usage and FAQs; ok jmc
     
-    OpenBSD-Regress-ID: ba2b81e9a3257fff204b020affe85b604a44f97e
+    OpenBSD-Commit-ID: d59f1c9281f828148e2a2e49eb9629266803b75c
 
-commit 9bde1a420626da5007bf7ab499fa2159b9eddf72
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Jan 15 04:31:25 2021 +0000
+commit d9cb35bbec5f623589d7c58fc094817b33030f35
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Jun 4 05:10:03 2021 +0000
 
-    upstream: Make output buffer larger to prevent potential truncation
-    
-    warnings from compilers not smart enough to know the strftime calls won't
-    ever fully fill "to" and "from".  ok djm@
+    upstream: adjust SetEnv description to clarify $TERM handling
     
-    OpenBSD-Commit-ID: 83733f1b01b82da88b9dd1769475952aff10bdd7
+    OpenBSD-Commit-ID: 8b8cc0124856bc1094949d55615e5c44390bcb22
 
-commit 02da325f10b214219eae2bb1bc2d3bf0c2f13f9f
+commit 771f57a8626709f2ad207058efd68fbf30d31553
 Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Jan 15 02:58:11 2021 +0000
+Date:   Fri Jun 4 05:09:08 2021 +0000
 
-    upstream: Change types in convtime() unit test to int to match
+    upstream: Switch the listening select loop from select() to
     
-    change its new type. Add tests for boundary conditions and fix convtime to
-    work up to INT_MAX. ok djm@
+    pselect() and mask signals while checking signal flags, umasking for pselect
+    and restoring afterwards. Also restore signals before sighup_restart so they
+    don't remain blocked after restart.
     
-    OpenBSD-Commit-ID: 01dc0475f1484ac2f47facdfcf9221f9472145de
+    This prevents a race where a SIGTERM or SIGHUP can arrive between
+    checking the flag and calling select (eg if sshd is processing a
+    new connection) resulting in sshd not shutting down until the next
+    time it receives a new connection.  bz#2158, with & ok djm@
+    
+    OpenBSD-Commit-ID: bf85bf880fd78e00d7478657644fcda97b9a936f
 
-commit 5339ab369c225b40bc64d5ec3374f5c91b3ad609
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Jan 15 02:32:41 2021 +0000
+commit f64f8c00d158acc1359b8a096835849b23aa2e86
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Jun 4 05:02:40 2021 +0000
 
-    upstream: In waitfd(), when poll returns early we are subtracting
+    upstream: allow ssh_config SetEnv to override $TERM, which is otherwise
     
-    the elapsed time from the timeout each loop, so we only want to measure the
-    elapsed time the poll() in that loop, not since the start of the function.
-    Spotted by chris.xj.zhu at gmail.com, ok djm@
+    handled specially by the protocol. Useful in ~/.ssh/config to set TERM to
+    something generic (e.g. "xterm" instead of "xterm-256color") for destinations
+    that lack terminfo entries. feedback and ok dtucker@
     
-    OpenBSD-Commit-ID: 199df060978ee9aa89b8041a3dfaf1bf7ae8dd7a
+    OpenBSD-Commit-ID: 38b1ef4d5bc159c7d9d589d05e3017433e2d5758
 
-commit a164862dfa863b54b7897f66e1dd75437f086c11
-Author: rob@openbsd.org <rob@openbsd.org>
-Date:   Thu Jan 14 19:45:06 2021 +0000
+commit 60107677dc0ce1e93c61f23c433ad54687fcd9f5
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Jun 4 04:02:21 2021 +0000
 
-    upstream: Minor grammatical correction.
+    upstream: correct extension name "no-presence-required" =>
     
-    OK jmc@
+    "no-touch-required"
     
-    OpenBSD-Commit-ID: de0fad0581e212b2750751e479b79c18ff8cac02
+    document "verify-required" option
+    
+    OpenBSD-Commit-ID: 1879ff4062cf61d79b515e433aff0bf49a6c55c5
 
-commit 8635e7df7e3a3fbb4a4f6cd5a7202883b2506087
+commit ecc186e46e3e30f27539b4311366dfda502f0a08
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Wed Jan 13 18:00:57 2021 +1100
+Date:   Wed Jun 2 13:54:11 2021 +1000
 
-    Merge Mac OS X targets into a single config.
+    Retire fbsd7 test target.
+    
+    It's the slowest of the selfhosted targets (since it's 32bit but has
+    most of the crypto algos). We still have coverage for 32bit i386.
 
-commit ac112ade990585c511048ed4edaf2d9fc92b61f0
+commit 5de0867b822ec48b5eec9abde0f5f95d1d646546
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Tue Jan 12 19:22:47 2021 +1100
+Date:   Wed Jun 2 11:21:40 2021 +1000
 
-    Add Mac OS X test targets.
+    Check for $OPENSSL in md5 fallback too.
 
-commit 1050109b4b2884bf50fd1b3aa084c7fd0a42ae90
-Author: anatasluo <luolongjuna@gmail.com>
-Date:   Mon Jan 11 13:51:39 2021 +0000
+commit 1db69d1b6542f8419c04cee7fd523a4a11004be2
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Wed Jun 2 11:17:54 2021 +1000
 
-    Remove duplicated declaration in fatal.c .
+    Add dfly60 target.
 
-commit 7d0f8a3369579dfe398536eb4e3da7bc15da9599
+commit a3f2dd955f1c19cad387a139f0e719af346ca6ef
 Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Mon Jan 11 04:48:22 2021 +0000
+Date:   Wed Jun 2 00:17:45 2021 +0000
 
-    upstream: Correct spelling of persourcenetblocksize in config-dump
+    upstream: Merge back shell portability changes
     
-    mode.
+    bringing it back in sync with -portable.
     
-    OpenBSD-Commit-ID: ecdc49e2b6bde6b6b0e52163d621831f6ac7b13d
+    OpenBSD-Regress-ID: c07905ba931e66ad7d849b87b7d19648007175d1
 
-commit ba328bd7a6774f30daaf90b83f1933cc4afc866c
+commit 9d482295c9f073e84d75af46b720a1c0f7ec2867
 Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Sat Jan 9 12:31:46 2021 +0000
+Date:   Tue Jun 1 23:56:20 2021 +0000
 
-    upstream: Adjust kexfuzz to addr.c/addrmatch.c split.
+    upstream: Use a default value for $OPENSSL,
     
-    OpenBSD-Regress-ID: 1d8d23bb548078020be2fb52c4c643efb190f0eb
-
-commit b08ef25552443e94c0857d5e3806dd019ccc55d7
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Sat Jan 9 12:24:30 2021 +0000
-
-    upstream: Update unittests for addr.c/addrmatch.c split.
+    allowing it to be overridden. Do the same in the PuTTY tests since it's
+    needed there and not exported by test-exec.sh.
     
-    OpenBSD-Regress-ID: de2b415fb7af084a91c6ef147a90482d8f771eef
+    OpenBSD-Regress-ID: c49dcd6aa7602a8606b7afa192196ca1fa65de16
 
-commit 6d30673fedec2d251f4962c526fd0451f70c4d97
+commit 07660b3c99f8ea74ddf4a440e55c16c9f7fb3dd1
 Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Mon Jan 11 02:12:57 2021 +0000
+Date:   Mon May 24 10:25:18 2021 +0000
 
-    upstream: Change convtime() from returning long to returning int.
+    upstream: Find openssl binary via environment variable. This
     
-    On platforms where sizeof(int) != sizeof(long), convtime could accept values
-    >MAX_INT which subsequently truncate when stored in an int during config
-    parsing.  bz#3250, ok djm@
+    allows overriding if necessary (eg in -portable where we're testing against a
+    specific version of OpenSSL).
     
-    OpenBSD-Commit-ID: 8fc932683d6b4660d52f50911d62bd6639c5db31
+    OpenBSD-Regress-ID: 491f39cae9e762c71aa4bf045803d077139815c5
 
-commit 7a57adb8b07b2ad0aead4b2e09ee18edc04d0481
-Author: jmc@openbsd.org <jmc@openbsd.org>
-Date:   Sat Jan 9 12:51:12 2021 +0000
+commit 1a4d1da9188d7c88f646b61f0d6a3b34f47c5439
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri May 21 04:03:47 2021 +0000
 
-    upstream: add a comma to previous;
+    upstream: fix memleak in test
     
-    OpenBSD-Commit-ID: 9139433701c0aa86a0d3a6c7afe10d1c9c2e0869
+    OpenBSD-Regress-ID: 5e529d0982aa04666604936df43242e97a7a6f81
 
-commit 3a923129534b007c2e24176a8655dec74eca9c46
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Sat Jan 9 12:10:02 2021 +0000
+commit 60455a5d98065a73ec9a1f303345856bbd49aecc
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri May 21 03:59:01 2021 +0000
 
-    upstream: Add PerSourceMaxStartups and PerSourceNetBlockSize
-    
-    options which provide more fine grained MaxStartups limits.  Man page help
-    jmc@, feedback & ok djm@
+    upstream: also check contents of remaining string
     
-    OpenBSD-Commit-ID: e2f68664e3d02c0895b35aa751c48a2af622047b
+    OpenBSD-Regress-ID: d526fa07253f4eebbc7d6205a0ab3d491ec71a28
 
-commit d9a2bc71693ea27461a78110005d5a2d8b0c6a50
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Sat Jan 9 11:58:50 2021 +0000
+commit 39f6cd207851d7b67ca46903bfce4a9f615b5b1c
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri May 21 03:48:07 2021 +0000
 
-    upstream: Move address handling functions out into their own file
+    upstream: unit test for misc.c:strdelim() that mostly servces to
     
-    in order to reuse them for per-source maxstartups limiting.  Supplement with
-    some additional functions from djm's flowtools that we'll also need.  ok djm@
-    (as part of a larger diff).
+    highlight its inconsistencies
     
-    OpenBSD-Commit-ID: e3e7d9ccc6c9b82e25cfef0ec83598e8e2327cbf
+    OpenBSD-Regress-ID: 8d2bf970fcc01ccc6e36a5065f89b9c7fa934195
 
-commit b744914fcb76d70761f1b667de95841b3fc80a56
+commit 7a3a1dd2c7d4461962acbcc0ebee9445ba892be0
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Sat Jan 9 00:36:05 2021 +1100
+Date:   Thu May 27 21:23:15 2021 +1000
 
-    Add test against Graphene hardened malloc.
+    Put minix3 config in the host-specific block.
 
-commit 6cb52d5bf771f6769b630fce35a8e9b8e433044f
+commit 59a194825f12fff8a7f75d91bf751ea17645711b
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Jan 8 04:49:13 2021 +0000
+Date:   Mon May 31 06:48:42 2021 +0000
 
-    upstream: make CheckHostIP default to 'no'. It doesn't provide any
+    upstream: Hash challenge supplied by client during FIDO key enrollment
     
-    perceptible value and makes it much harder for hosts to change host keys,
-    particularly ones that use IP-based load-balancing.
+    prior to passing it to libfido2, which does expect a hash.
     
-    ok dtucker@
+    There is no effect for users who are simply generating FIDO keys using
+    ssh-keygen - by default we generate a random 256 bit challenge, but
+    people building attestation workflows around our tools should now have
+    a more consistent experience (esp. fewer failures when they fail to
+    guess the magic 32-byte challenge length requirement).
     
-    OpenBSD-Commit-ID: 0db98413e82074f78c7d46784b1286d08aee78f0
+    ok markus@
+    
+    OpenBSD-Commit-ID: b8d5363a6a7ca3b23dc28f3ca69470472959f2b5
 
-commit 309b642e1442961b5e57701f095bcd4acd2bfb5f
+commit eb68e669bc8ab968d4cca5bf1357baca7136a826
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Jan 8 15:50:41 2021 +1100
+Date:   Thu May 27 21:14:15 2021 +1000
 
-    Run tests with sudo for better coverage.
+    Include login_cap.h for login_getpwclass override.
+    
+    On minix3, login_getpwclass is __RENAME'ed to __login_getpwclass50 so
+    without this the include overriding login_getpwclass causes a compile
+    error.
 
-commit c336644351fa3c715a08b7a292e309e72792e71e
+commit 2063af71422501b65c7a92a5e14c0e6a3799ed89
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Jan 8 14:26:32 2021 +1100
+Date:   Thu May 27 21:13:38 2021 +1000
 
-    Add Ubuntu 16.04 and 20.04 test targets.
+    Add minix3 test target.
 
-commit 4c7af01f9dcc1606dec033e7665a042cb0d8ec52
+commit 2e1efcfd9f94352ca5f4b6958af8a454f8cf48cd
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Jan 8 02:57:24 2021 +0000
+Date:   Wed May 26 01:47:24 2021 +0000
 
-    upstream: If a signature operation on a FIDO key fails with a
-    
-    "incorrect PIN" reason and no PIN was initially requested from the user, then
-    request a PIN and retry the operation.
-    
-    This smoothes over a few corner cases including FIDO devices that
-    require PINs for all hosted credentials, biometric FIDO devices that
-    fall back to requiring PIN when reading the biometric failed, devices
-    that don't implement reading credProtect status for downloaded keys
-    and probably a few more cases that I haven't though of yet.
+    upstream: fix SEGV in UpdateHostkeys debug() message, triggered
     
-    ok dtucker@
+    when the update removed more host keys than remain present. Fix tested by
+    reporter James Cook, via bugs@
     
-    OpenBSD-Commit-ID: 176db8518933d6a5bbf81a2e3cf62447158dc878
+    OpenBSD-Commit-ID: 44f641f6ee02bb957f0c1d150495b60cf7b869d3
 
-commit 64ddd0fe68c4a7acf99b78624f8af45e919cd317
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Jan 8 02:44:14 2021 +0000
+commit 9acd76e6e4d2b519773e7119c33cf77f09534909
+Author: naddy@openbsd.org <naddy@openbsd.org>
+Date:   Sun May 23 18:22:57 2021 +0000
 
-    upstream: don't try to use timespeccmp(3) directly as a qsort(3)
+    upstream: ssh: The client configuration keyword is
     
-    comparison function - it returns 0/1 and not the -1/0/1 that qsort expectes.
+    "hostbasedacceptedalgorithms"
     
-    fixes sftp "ls -ltr" under some circumstances.
+    This fixes a mistake that slipped in when "HostbasedKeyTypes" was
+    renamed to "HostbasedAcceptedAlgorithms".
     
-    Based on patch by Masahiro Matsuya via bz3248.
+    Bug report by zack@philomathiclife.com
     
-    OpenBSD-Commit-ID: 65b5e9f18bb0d10573868c3516de6e5170adb163
+    OpenBSD-Commit-ID: d745a7e8e50b2589fc56877f322ea204bc784f38
 
-commit 599df78f3008cf78af21f8977be3e1dd085f8e2e
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Jan 8 02:33:13 2021 +0000
+commit 078a0e60c92700da4c536c93c007257828ccd05b
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Tue May 25 11:40:47 2021 +1000
 
-    upstream: Update the sntrup761 creation script and generated code:
-    
-    - remove unneeded header files and typedefs and rely on crypto_api.h  - add
-    defines to map types used to the crypto_api ones instead of typedefs.  This
-     prevents typedef name collisions in -portable.  - remove CRYPTO_NAMESPACE
-    entirely instead of making it a no-op  - delete unused functions and make the
-    remaining ones that aren't exported static.
-    
-    ok djm@
+    Rename README.md to ci-status.md.
     
-    OpenBSD-Commit-ID: 7b9d0cf3acd5a3c1091da8afe00c904d38cf5783
+    The original intent was to provide a status page for the CIs configured
+    in that directory, but it had the side effect of replacing the top-level
+    README.md.
 
-commit 16448ff529affda7e2a15ee7c3200793abde0759
+commit 7be4ac813662f68e89f23c50de058a49aa32f7e4
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Jan 8 02:19:24 2021 +0000
+Date:   Wed May 19 01:24:05 2021 +0000
 
-    upstream: mention that DisableForwarding is valid in a sshd_config
+    upstream: restore blocking status on stdio fds before close
     
-    Match block reported by Fredrik Eriksson in bz3239
+    ssh(1) needs to set file descriptors to non-blocking mode to operate
+    but it was not restoring the original state on exit. This could cause
+    problems with fds shared with other programs via the shell, e.g.
     
-    OpenBSD-Commit-ID: 3a71c3d84b597f5e43e4b40d5232797daf0993f6
-
-commit 91bac5e95b1b0debf9b2b4f05c20dcfa96b368b9
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Mon Jan 4 21:58:58 2021 +0000
-
-    upstream: estructure sntrup761.sh to process all files in a single
+    > $ cat > test.sh << _EOF
+    > #!/bin/sh
+    > {
+    >         ssh -Fnone -oLogLevel=verbose ::1 hostname
+    >         cat /usr/share/dict/words
+    > } | sleep 10
+    > _EOF
+    > $ ./test.sh
+    > Authenticated to ::1 ([::1]:22).
+    > Transferred: sent 2352, received 2928 bytes, in 0.1 seconds
+    > Bytes per second: sent 44338.9, received 55197.4
+    > cat: stdout: Resource temporarily unavailable
     
-    list, which will make it easier to reorder.  Re-inline int32_MINMAX.  ok
-    tobhe@
+    This restores the blocking status for fds 0,1,2 (stdio) before ssh(1)
+    abandons/closes them.
     
-    OpenBSD-Commit-ID: d145c6c19b08bb93c9e14bfaa7af589d90f144c0
+    This was reported as bz3280 and GHPR246; ok dtucker@
+    
+    OpenBSD-Commit-ID: 8cc67346f05aa85a598bddf2383fcfcc3aae61ce
 
-commit 4d96a3ebab2224f17e639a15078e03be1ad3736d
-Author: tobhe@openbsd.org <tobhe@openbsd.org>
-Date:   Sun Jan 3 18:05:21 2021 +0000
+commit c4902e1a653c67fea850ec99c7537f358904c0af
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon May 17 11:43:16 2021 +0000
 
-    upstream: Prevent redefinition of `crypto_int32' error with gcc3.
-    
-    Fixes compilation on luna88k.
+    upstream: fix breakage of -W forwaring introduced in 1.554; reported by
     
-    Feedback millert@
-    Found by and ok aoyama@
+    naddy@ and sthen@, ok sthen@
     
-    OpenBSD-Commit-ID: f305ddfe575a26cc53431af3fde3f4aeebed9ba6
+    OpenBSD-Commit-ID: f72558e643a26dc4150cff6e5097b5502f6c85fd
 
-commit a23954eeb930ccc8a66a2710153730769dba31b6
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Jan 1 22:00:49 2021 +1100
+commit afea01381ad1fcea1543b133040f75f7542257e6
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Mon May 17 07:22:45 2021 +0000
 
-    Undef int32 after sort routines.
+    upstream: Regenerate moduli.
     
-    This prevents typedef'ing crypto_int32 twice, in sntrup761.c and
-    crypto_api.h, which some compilers (at least some GCCs) don't accept.
+    OpenBSD-Commit-ID: 83c93a2a07c584c347ac6114d6329b18ce515557
 
-commit 148b8a661c3f93e4b6d049ee902de3d521261fbc
+commit be2866d6207b090615ff083c9ef212b603816a56
 Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Dec 31 12:47:22 2020 +1100
+Date:   Mon May 17 09:40:23 2021 +1000
 
-    fix: missing pieces of previous commit
+    Handle Android libc returning NULL pw->pw_passwd
+    
+    Reported by Luke Dashjr
 
-commit 3d999be7b987c848feda718cfcfcdc005ddf670d
-Author: tobhe@openbsd.org <tobhe@openbsd.org>
-Date:   Wed Dec 30 14:13:28 2020 +0000
+commit 5953c143008259d87342fb5155bd0b8835ba88e5
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri May 14 05:20:32 2021 +0000
 
-    upstream: Use int64_t for intermediate values in int32_MINMAX to
-    
-    prevent signed 32-bit integer overflow.
+    upstream: fix previous: test saved no_shell_flag, not the one that just
     
-    Found by and ok djm@
-    ok markus@
+    got clobbered
     
-    OpenBSD-Commit-ID: 4f0704768e34cf45fdd792bac4011c6971881bb3
+    OpenBSD-Commit-ID: b8deace085d9d941b2d02f810243b9c302e5355d
 
-commit 5c1953bf98732da5a76c706714ac066dbfa015ac
-Author: Damien Miller <djm@mindrot.org>
-Date:   Tue Dec 29 12:40:54 2020 +1100
+commit 1e9fa55f4dc4b334651d569d3448aaa3841f736f
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri May 14 03:09:48 2021 +0000
 
-    adapt KEX fuzzer to PQ kex change
+    upstream: Fix ssh started with ControlPersist incorrectly executing a
+    
+    shell when the -N (no shell) option was specified. bz3290 reported by Richard
+    Schwab; patch from markus@ ok me
+    
+    OpenBSD-Commit-ID: ea1ea4af16a95687302f7690bdbe36a6aabf87e1
 
-commit 659864fe81dbc57eeed3769c462679d83e026640
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Dec 29 01:02:15 2020 +0000
+commit d1320c492f655d8f5baef8c93899d79dded217a5
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Wed May 12 11:34:30 2021 +0000
 
-    upstream: Adapt to replacement of
+    upstream: Clarify language about moduli. While both ends of the
     
-    sntrup4591761x25519-sha512@tinyssh.org with
-    sntrup761x25519-sha512@openssh.com.
+    connection do need to use the same parameters (ie groups), the DH-GEX
+    protocol takes care of that and both ends do not need the same contents in
+    the moduli file, which is what the previous text suggested.  ok djm@ jmc@
     
-    Also test sntrup761x25519-sha512@openssh.com in unittests/kex
+    OpenBSD-Commit-ID: f0c18cc8e79c2fbf537a432a9070ed94e96a622a
+
+commit d3cc4d650ce3e59f3e370b101778b0e8f1c02c4d
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri May 7 04:11:51 2021 +0000
+
+    upstream: include pid in LogVerbose spam
     
-    OpenBSD-Regress-ID: cfa3506b2b077a9cac1877fb521efd2641b6030c
+    OpenBSD-Commit-ID: aacb86f96ee90c7cb84ec27452374285f89a7f00
 
-commit 2c71cec020219d69df84055c59eba5799a1233ec
+commit e3c032333be5fdbbaf2751f6f478e044922b4ec4
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Dec 29 00:59:15 2020 +0000
+Date:   Fri May 7 03:09:38 2021 +0000
 
-    upstream: Update/replace the experimental post-quantim hybrid key
+    upstream: don't sigdie() in signal handler in privsep child process;
     
-    exchange method based on Streamlined NTRU Prime (coupled with X25519).
+    this can end up causing sandbox violations per bz3286; ok dtucker@
     
-    The previous sntrup4591761x25519-sha512@tinyssh.org method is
-    replaced with sntrup761x25519-sha512@openssh.com. Per the authors,
-    sntrup4591761 was replaced almost two years ago by sntrup761.
+    OpenBSD-Commit-ID: a7f40b2141dca4287920da68ede812bff7ccfdda
+
+commit a4039724a3f2abac810735fc95cf9114a3856049
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri May 7 09:23:40 2021 +0000
+
+    upstream: Increase ConnectionAttempts from 4 to 10 as the tests
     
-    The sntrup761 implementaion, like sntrup4591761 before it, is public
-    domain code extracted from the SUPERCOP cryptography benchmark
-    suite (https://bench.cr.yp.to/supercop.html).
+    occasionally time out on heavily loaded hosts.
     
-    Thanks for Daniel J Bernstein for guidance on algorithm selection.
-    Patch from Tobias Heider; feedback & ok markus@ and myself
+    OpenBSD-Regress-ID: 29a8cdef354fc9da471a301f7f65184770434f3a
+
+commit c0d7e36e979fa3cdb60f5dcb6ac9ad3fd018543b
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri May 7 02:26:55 2021 +0000
+
+    upstream: dump out a usable private key string too; inspired by Tyson
     
-    (note this both the updated method and the one that it replaced are
-    disabled by default)
+    Whitehead
     
-    OpenBSD-Commit-ID: 2bf582b772d81ee24e911bb6f4b2aecfd39338ae
+    OpenBSD-Regress-ID: 65572d5333801cb2f650ebc778cbdc955e372058
 
-commit 09d070ccc3574ae0d7947d212ed53c7268ef7e1f
-Author: jmc@openbsd.org <jmc@openbsd.org>
-Date:   Tue Dec 22 07:40:26 2020 +0000
+commit 24fee8973abdf1c521cd2c0047d89e86d9c3fc38
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri May 7 02:29:40 2021 +0000
 
-    upstream: tweak the description of KnownHostsCommand in ssh_conf.5,
-    
-    and add entries for it to the -O list in scp.1 and sftp.1;
+    upstream: correct mistake in spec - the private key blobs are encoded
     
-    ok djm
+    verbatim and not as strings (i.e. no 4-byte length header)
     
-    OpenBSD-Commit-ID: aba31ebea03f38f8d218857f7ce16a500c3e4aff
+    OpenBSD-Commit-ID: 3606b5d443d72118c5b76c4af6dd87a5d5a4f837
 
-commit 931c93389a80e32272712459b1102d303844453d
-Author: Damien Miller <djm@mindrot.org>
-Date:   Tue Dec 22 19:43:55 2020 +1100
-
-    whitespace at EOL
-
-commit 397b1c4d393f97427283a4717e9015a2bd31b8a5
-Author: Damien Miller <djm@mindrot.org>
-Date:   Tue Dec 22 19:42:37 2020 +1100
-
-    whitespace at EOL
-
-commit 33fa3ac547e5349ca34681cce6727b2f933dff0a
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Tue Dec 22 19:21:26 2020 +1100
-
-    Improve AIX text.
-
-commit 0f2e21c9dca89598b694932b5b05848380a23ec0
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Tue Dec 22 18:56:54 2020 +1100
+commit f43859159cc62396ad5d080f0b1f2635a67dac02
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Tue May 4 22:53:52 2021 +0000
 
-    Include stdio.h for FILE in misc.h.
+    upstream: Don't pass NULL as a string in debugging as it does not work
     
-    Fixes build on at least OpenBSD.
-
-commit 3e9811e57b57ee66b0f70d99d7258da3153b0e8a
-Author: Damien Miller <djm@mindrot.org>
-Date:   Tue Dec 22 18:31:50 2020 +1100
-
-    ensure $LOGNAME is set in tests
-
-commit 3eb647cbb34d87a063aa7714256c6e56103fffda
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Dec 22 06:47:24 2020 +0000
-
-    upstream: more detail for failing tests
+    on some platforms in -portable.  ok djm@
     
-    OpenBSD-Regress-ID: c68c0e5a521cad7e7f68e54c54ebf86d6c10ee1d
+    OpenBSD-Commit-ID: 937c892c99aa3c9c272a8ed78fa7c2aba3a44fc9
 
-commit 2873f19570d4d8758be24dbf78332be9a779009b
+commit ac31aa3c6341905935e75f0539cf4a61bbe99779
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Dec 22 06:03:36 2020 +0000
+Date:   Mon May 3 00:16:45 2021 +0000
 
-    upstream: regress test for KnownHostsCommand
+    upstream: more debugging for UpdateHostKeys signature failures
     
-    OpenBSD-Regress-ID: ffc77464320b6dabdcfa0a72e0df02659233a38a
+    OpenBSD-Commit-ID: 1ee95f03875e1725df15d5e4bea3e73493d57d36
 
-commit 0121aa87bab9ad2365de2d07f2832b56d5ff9871
-Author: tb@openbsd.org <tb@openbsd.org>
-Date:   Tue Dec 22 03:05:31 2020 +0000
+commit 8e32e97e788e0676ce83018a742203614df6a2b3
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Sat May 1 20:07:47 2021 +1000
 
-    upstream: Remove lines accidentally left behind in the ProxyJump
-    
-    parsing fix r1.345.
-    
-    ok djm
-    
-    OpenBSD-Commit-ID: fe767c108c8117bea33767b080ff62eef2c55f5c
+    Add obsd69 test target.
 
-commit da4bf0db942b5f0278f33238b86235e5813d7a5a
+commit f06893063597c5bb9d9e93f851c4070e77d2fba9
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Dec 22 00:15:22 2020 +0000
+Date:   Fri Apr 30 04:29:53 2021 +0000
 
-    upstream: add a ssh_config KnownHostsCommand that allows the client
-    
-    to obtain known_hosts data from a command in addition to the usual files.
-    
-    The command accepts bunch of %-expansions, including details of the
-    connection and the offered server host key. Note that the command may
-    be invoked up to three times per connection (see the manpage for
-    details).
+    upstream: a little debugging in the main mux process for status
     
-    ok markus@
+    confirmation failures in multiplexed sessions
     
-    OpenBSD-Commit-ID: 2433cff4fb323918ae968da6ff38feb99b4d33d0
+    OpenBSD-Commit-ID: 6e27b87c95176107597035424e1439c3232bcb49
 
-commit a34e14a5a0071de2036826a00197ce38c8b4ba8b
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Dec 22 00:12:22 2020 +0000
+commit e65cf00da6bc31e5f54603b7feb7252dc018c033
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Apr 30 04:02:52 2021 +0000
 
-    upstream: move subprocess() from auth.c to misc.c
-    
-    make privilege dropping optional but allow it via callbacks (to avoid
-    need to link uidswap.c everywhere)
-    
-    add some other flags (keep environment, disable strict path safety check)
-    that make this more useful for client-side use.
+    upstream: Remove now-unused skey function prototypes leftover from
     
-    feedback & ok markus@
+    skey removal.
     
-    OpenBSD-Commit-ID: a80ea9fdcc156f1a18e9c166122c759fae1637bf
+    OpenBSD-Commit-ID: 2fc36d519fd37c6f10ce74854c628561555a94c3
 
-commit 649205fe388b56acb3481a1b2461f6b5b7c6efa6
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Mon Dec 21 22:48:41 2020 +0000
+commit ae5f9b0d5c8126214244ee6b35aae29c21028133
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Thu Apr 29 13:01:50 2021 +1000
 
-    upstream: Remove explicit rijndael-cbc@lysator.liu.se test since the
-    
-    cipher was removed.
+    Wrap sntrup761x25519 inside ifdef.
     
-    OpenBSD-Regress-ID: aa93cddb4ecd9bc21446a79008a1a53050e64f17
+    From balu.gajjala at gmail.com via bz#3306.
 
-commit 03e93c753d7c223063ad8acaf9a30aa511e5f931
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Mon Dec 21 11:09:32 2020 +0000
+commit 70a8dc138a6480f85065cdb239915ad4b7f928cf
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Wed Apr 28 14:44:07 2021 +1000
 
-    upstream: Remove the pre-standardization cipher
-    
-    rijndael-cbc@lysator.liu.se. It is an alias for aes256-cbc which was
-    standardized in RFC4253 (2006), has been deprecated and disabled by default
-    since OpenSSH 7.2 (2016) and was only briefly documented in ssh.1 in 2001.
-    
-    This will reduce the amount of work the cipher/kex regression tests need
-    to do by a little bit.  ok markus@ djm@
-    
-    OpenBSD-Commit-ID: fb460acc18290a998fd70910b19c29b4e4f199ad
+    Add status badges for Actions-based tests.
 
-commit a11ca015879eab941add8c6bdaaec7d41107c6f5
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Dec 21 09:19:53 2020 +0000
+commit 40b59024cc3365815381474cdf4fe423102e391b
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Wed Apr 28 12:22:11 2021 +1000
 
-    upstream: properly fix ProxyJump parsing; Thanks to tb@ for
-    
-    pointing out my error (parse_ssh_uri() can return -1/0/1, that I missed).
-    Reported by Raf Czlonka via bugs@
-    
-    ok tb@
-    
-    OpenBSD-Commit-ID: a2991a3794bcaf1ca2b025212cce11cdb5f6b7d6
+    Add obsdsnap (OpenBSD snapshot) test target.
 
-commit d97fb879724f1670bf55d9adfea7278a93c33ae2
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Dec 21 01:31:06 2020 +0000
+commit e627067ec8ef9ae8e7a638f4dbac91d52dee3e6d
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Wed Apr 28 11:35:28 2021 +1000
 
-    upstream: adapt to API change in hostkeys_foreach()/load_hostkeys()
-    
-    OpenBSD-Regress-ID: dcb468514f32da49a446372453497dc6eeafdbf3
+    Add test building upstream OpenBSD source.
 
-commit bf7eb3c266b7fd4ddda108fcf72b860af2af6406
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Oct 16 14:02:24 2020 +0000
+commit 1b8108ebd12fc4ed0fb39ef94c5ba122558ac373
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Tue Apr 27 14:22:20 2021 +1000
 
-    upstream: few more things needs match.c and addrmatch.c now that
-    
-    log.c calls match_pattern_list()
+    Test against OpenSSL 1.1.0h instead of 1.1.0g.
     
-    OpenBSD-Regress-ID: f7c95c76b150d0aeb00a67858b9579b7d1b2db74
+    1.1.0g requires a perl glob module that's not installed by default.
 
-commit 2c64f24e27a5e72a7f59e515fc4f4985355237ae
+commit 9bc20efd39ce8525be33df3ee009f5a4564224f1
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Mon Dec 21 14:02:56 2020 +1100
+Date:   Tue Apr 27 12:37:59 2021 +1000
 
-    Pull in missing rev 1.2.
+    Use the default VM type for libcrypto ver tests.
 
-commit 0f504f592d15d8047e466eb7453067a6880992a8
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sun Dec 20 23:40:19 2020 +0000
+commit 9f79e80dc40965c2e73164531250b83b176c1eea
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Tue Apr 27 12:24:10 2021 +1000
 
-    upstream: plumb ssh_conn_info through to sshconnect.c; feedback/ok
-    
-    markus@
+    Always build OpenSSL shared.
     
-    OpenBSD-Commit-ID: e8d14a09cda3f1dc55df08f8a4889beff74e68b0
+    This is the default for current versions but we need it to test against
+    earlier versions.
 
-commit 729b05f59ded35483acef90a6f88aa03eae33b29
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sun Dec 20 23:38:00 2020 +0000
+commit b3cc9fbdff2782eca79e33e02ac22450dc63bce9
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Tue Apr 27 09:18:02 2021 +1000
 
-    upstream: allow UserKnownHostsFile=none; feedback and ok markus@
+    Fix custom OpenSSL tests.
     
-    OpenBSD-Commit-ID: c46d515eac94a35a1d50d5fd71c4b1ca53334b48
+    Check out specified OpenSSL version.  Install custom libcrypto where
+    configure expects to find it.  Remove unneeded OpenSSL config time
+    options.  Older OpenSSL versions were not make -j safe so remove it.
 
-commit b4c7cd1185c5dc0593d47eafcc1a34fda569dd1d
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sun Dec 20 23:36:51 2020 +0000
+commit 77532609874a99a19e3e2eb2d1b7fa93aef963bb
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Mon Apr 26 17:18:25 2021 +1000
 
-    upstream: load_hostkeys()/hostkeys_foreach() variants for FILE*
-    
-    Add load_hostkeys_file() and hostkeys_foreach_file() that accept a
-    FILE* argument instead of opening the file directly.
-    
-    Original load_hostkeys() and hostkeys_foreach() are implemented using
-    these new interfaces.
-    
-    Add a u_int note field to the hostkey_entry and hostkey_foreach_line
-    structs that is passed directly from the load_hostkeys() and
-    hostkeys_foreach() call. This is a lightweight way to annotate results
-    between different invocations of load_hostkeys().
-    
-    ok markus@
-    
-    OpenBSD-Commit-ID: 6ff6db13ec9ee4edfa658b2c38baad0f505d8c20
+    Export CC and CFLAGS for c89 test.
 
-commit 06fbb386bed666581095cb9cbc7a900e02bfe1b7
-Author: tobhe@openbsd.org <tobhe@openbsd.org>
-Date:   Sat Dec 19 22:09:21 2020 +0000
+commit 33f62dfbe865f4de77980ab88774bf1eb5e4e040
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Mon Apr 26 17:13:44 2021 +1000
 
-    upstream: Print client kem key with correct length.
-    
-    ok markus@
-    
-    OpenBSD-Commit-ID: 91689e14a4fc6c270e265a32d1c8faba63a45755
+    Add c89 here too.
 
-commit 0ebead6593e2441e4af2735bbe2cd097607cd0d3
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Thu Dec 17 23:28:50 2020 +0000
+commit da9d59f526fce58e11cba49cd8eb011dc0bf5677
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Mon Apr 26 15:34:23 2021 +1000
 
-    upstream: fix possible error("%s", NULL) on error paths
-    
-    OpenBSD-Commit-ID: 0b3833c2cb985453ecca1d76803ebb8f3b736a11
+    Add test against OpenSSL w/out ECC.
 
-commit d060bc7f6e6244f001e658208f53e3e2ecbbd382
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Thu Dec 17 23:26:11 2020 +0000
+commit 29e194a752359ebf85bf7fce100f23a0477fc4de
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Mon Apr 26 14:49:59 2021 +1000
 
-    upstream: refactor client percent_expand() argument passing;
-    
-    consolidate the common arguments into a single struct and pass that around
-    instead of using a bunch of globals. ok markus@
-    
-    OpenBSD-Commit-ID: 035e6d7ca9145ad504f6af5a021943f1958cd19b
+    Ensure we can still build with C89.
 
-commit 43026da035cd266db37df1f723d5575056150744
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Thu Dec 17 23:10:27 2020 +0000
+commit a38016d369d21df5d35f761f2b67e175e132ba22
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Mon Apr 26 14:29:03 2021 +1000
 
-    upstream: prepare readconf.c for fuzzing; remove fatal calls and
-    
-    fix some (one-off) memory leaks; ok markus@
-    
-    OpenBSD-Commit-ID: 91c6aec57b0e7aae9190de188e9fe8933aad5ec5
+    Interop test agains PuTTY.
 
-commit bef92346c4a808f33216e54d6f4948f9df2ad7c1
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Dec 14 03:13:12 2020 +0000
+commit 095b0307a77be8803768857cc6c0963fa52ed85b
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Mon Apr 26 14:02:03 2021 +1000
 
-    upstream: use _PATH_SSH_USER_DIR instead of hardcoded .ssh in path
+    Support testing against arbitary libcrytpo vers.
     
-    OpenBSD-Commit-ID: 5c1048468813107baa872f5ee33ba51623630e01
-
-commit a5ab499bd2644b4026596fc2cb24a744fa310666
-Author: Damien Miller <djm@mindrot.org>
-Date:   Fri Dec 4 14:01:27 2020 +1100
-
-    basic KEX fuzzer; adapted from Markus' unittest
+    Add tests against various LibreSSL and OpenSSL versions.
 
-commit 021ff33e383c77b11badd60cec5b141a3e3fa532
-Author: Damien Miller <djm@mindrot.org>
-Date:   Fri Dec 4 13:57:43 2020 +1100
+commit b16082aa110fa7128ece2a9037ff420c4a285317
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Mon Apr 26 13:35:44 2021 +1000
 
-    use options that work with recent clang
+    Add fbsd10 test target.
 
-commit e4d1a0b40add800b6e9352b40c2223e44acc3a45
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Dec 4 02:41:10 2020 +0000
+commit 2c805f16b24ea37cc051c6018fcb05defab6e57a
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Sun Apr 25 14:15:02 2021 +1000
 
-    upstream: shuffle a few utility functions into sftp-client.c; from
-    
-    Jakub Jelen
+    Disable compiler hardening on nbsd4.
     
-    OpenBSD-Commit-ID: fdeb1aae1f6149b193f12cd2af158f948c514a2a
+    The system compiler supports -fstack-protector-all, but using it will
+    result in an internal compiler error on some files.
 
-commit ace12dc64f8e3a2496ca48d36b53cb3c0a090755
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Dec 4 02:29:56 2020 +0000
+commit 6a5d39305649da5dff1934ee54292ee0cebd579d
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Sun Apr 25 13:01:34 2021 +1000
 
-    upstream: make ssh_free(NULL) a no-op
-    
-    OpenBSD-Commit-ID: 42cb285d94789cefe6608db89c63040ab0a80fa0
+    Add nbsd3, nbsd4 and nbsd9 test targets.
 
-commit 3b98b6e27f8a122dbfda9966b1afeb3e371cce91
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Dec 4 02:29:25 2020 +0000
+commit d1aed05bd2e4ae70f359a394dc60a2d96b88f78c
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Sat Apr 24 22:03:46 2021 +1000
 
-    upstream: memleak of DH public bignum; found with libfuzzer
-    
-    OpenBSD-Commit-ID: 0e913b542c3764b100b1571fdb0d0e5cc086fe97
+    Comment out nbsd2 test target for now.
 
-commit 553b90feedd7da5b90901d73005f86705456d686
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Dec 4 02:27:57 2020 +0000
+commit a6b4ec94e5bd5a8a18cd2c9942d829d2e5698837
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Sat Apr 24 17:52:24 2021 +1000
 
-    upstream: fix minor memleak of kex->hostkey_alg on rekex
-    
-    OpenBSD-Commit-ID: 2c3969c74966d4ccdfeff5e5f0df0791919aef50
+    Add OPENBSD ORIGINAL marker.
 
-commit ac0364b85e66eb53da2f9618f699ba6bd195ceea
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Dec 4 02:27:08 2020 +0000
+commit 3737c9f66ee590255546c4b637b6d2be669a11eb
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Apr 23 19:49:46 2021 +1000
 
-    upstream: typos: s/hex/kex/ in error messages
-    
-    OpenBSD-Commit-ID: 43a026c9571dd779ec148de1829cf5a6b6651905
+    Replace "==" (a bashism) with "=".
 
-commit ee22db7c5885a1d90219202c0695bc621aa0409b
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Dec 4 02:25:13 2020 +0000
+commit a116b6f5be17a1dd345b7d54bf8aa3779a28a0df
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Apr 23 16:34:48 2021 +1000
 
-    upstream: make program name be const
-    
-    OpenBSD-Commit-ID: ece25680ec637fdf20502721ccb0276691df5384
+    Add nbsd2 test target.
 
-commit 2bcbf679de838bb77a8bd7fa18e100df471a679c
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Mon Nov 30 05:36:39 2020 +0000
+commit 196bf2a9bb771f45d9b0429cee7d325962233c44
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Apr 23 14:54:10 2021 +1000
 
-    upstream: Ignore comments at the end of config lines in ssh_config,
-    
-    similar to what we already do for sshd_config.  bz#2320, with & ok djm@
-    
-    OpenBSD-Commit-ID: bdbf9fc5bc72b1a14266f5f61723ed57307a6db4
+    Add obsd68 test target.
 
-commit b755264e7d3cdf1de34e18df1af4efaa76a3c015
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Sat Nov 28 12:52:32 2020 +0000
+commit e3ba6574ed69e8b7af725cf5e8a9edaac04ff077
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Apr 23 14:53:32 2021 +1000
 
-    upstream: Include cipher.h for declaration of cipher_by_name.
-    
-    OpenBSD-Commit-ID: ddfebbca03ca0e14e00bbad9d35f94b99655d032
+    Remove dependency on bash.
 
-commit 022def7bd16c3426a95e25f57cb259d54468341c
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sat Nov 28 03:27:59 2020 +0000
+commit db1f9ab8feb838aee9f5b99c6fd3f211355dfdcf
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Apr 23 14:41:13 2021 +1000
 
-    upstream: check result of strchr() against NULL rather than
-    
-    searched-for characters; from zhongjubin@huawei.com
-    
-    OpenBSD-Commit-ID: e6f57de1d4a4d25f8db2d44e8d58d847e247a4fe
+    Add obsd67 test target.
 
-commit 57bf03f0217554afb8980f6697a7a0b88658d0a9
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Nov 27 10:12:30 2020 +0000
+commit c039a6bf79192fe1daa9ddcc7c87dd98e258ae7c
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Apr 23 11:08:23 2021 +1000
 
-    upstream: Document ssh-keygen -Z, sanity check its argument earlier and
-    
-    provide a better error message if it's not correct.  Prompted by bz#2879, ok
-    djm@ jmc@
-    
-    OpenBSD-Commit-ID: 484178a173e92230fb1803fb4f206d61f7b58005
+    Re-add macos-11.0 test target.
 
-commit 33313ebc1c7135085676db62189e3520341d6b73
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Nov 27 00:49:58 2020 +0000
+commit a6db3a47b56adb76870d59225ffb90a65bc4daf2
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Apr 23 10:28:28 2021 +1000
 
-    upstream: Set the specified TOS/DSCP for interactive use prior to
-    
-    TCP connect. The connection phase of the SSH session is time-sensitive (due
-    to server side login grace periods) and is frequently interactive (e.g.
-    entering passwords). The ultimate interactive/bulk TOS/DSCP will be set after
-    authentication completes.
-    
-    ok dtucker@
-    
-    OpenBSD-Commit-ID: f31ab10d9233363a6d2c9996007083ba43a093f1
+    Add openindiana test target.
 
-commit b2bcec13f17ce9174238a704e91d52203e916432
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Nov 27 00:37:10 2020 +0000
+commit 3fe7e73b025c07eda46d78049f1da8ed7dfc0c69
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Apr 23 10:26:35 2021 +1000
 
-    upstream: clean up passing of struct passwd from monitor to preauth
-    
-    privsep process. No longer copy entire struct w/ pointer addresses, but pass
-    remaining scalar fields explicitly,
-    
-    Prompted by Yuichiro NAITO, feedback Thorsten Glaser; ok dtucker@
-    
-    OpenBSD-Commit-ID: 9925df75a56732c43f3663e70dd15ff413ab3e53
+    Test krb5 on Solaris 11 too.
 
-commit 19af04e2231155d513e24fdc81fbec2217ae36a6
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sun Nov 22 22:38:26 2020 +0000
+commit f57fbfe5eb02df1a91f1a237c4d27165afd87c13
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Thu Apr 22 22:27:26 2021 +1000
 
-    upstream: when loading PKCS#11 keys, include the key fingerprints
-    
-    and provider/slot information in debug output.
+    Don't always set SUDO.
     
-    OpenBSD-Commit-ID: 969a089575d0166a9a364a9901bb6a8d9b8a1431
+    Rely on sourcing configs to set as appropriate.
 
-commit 9b9465ea856e15b9e9890b4ecb4110d7106e7766
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sun Nov 22 22:37:11 2020 +0000
+commit e428f29402fb6ac140b52f8f12e06ece7bb104a0
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Thu Apr 22 22:26:08 2021 +1000
 
-    upstream: when mentioning that the host key has changed, don't
-    
-    report the type because it is ambiguous as to whether it referred to the
-    known or new host key. bz3216; ok dtucker@
-    
-    OpenBSD-Commit-ID: 2d5ce4a83dbcf44e340a572e361decad8aab7bad
+    Remove now-unused 2nd arg to configs.
 
-commit 637017a7dd3281d3f2df804993cc27c30dbfda47
+commit cb4ff640d79b3c736879582139778f016bbb2cd7
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Wed Nov 25 17:38:46 2020 +1100
+Date:   Wed Apr 21 01:08:04 2021 +1000
 
-    Use "=" not "==" in string test.
-    
-    POSIX says "=" is string comparison and some shells (eg HP-UX) will
-    complain about "==".
+    Add win10 test target.
 
-commit 9880f3480f9768897f3b8e714d5317fb993bc5b3
+commit 4457837238072836b2fa3107d603aac809624983
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Nov 20 17:16:51 2020 +1100
+Date:   Tue Apr 20 23:31:29 2021 +1000
 
-    Restore correct flags during localtime_r check.
-    
-    We were restoring the wrong thing CPPFLAGS (we used CFLAGS) for any
-    platform that doesn't have localtime_r.
+    Add nbsd8 test target.
 
-commit 41935882f4e82de60dbd6e033eabe79e1b963518
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Nov 20 03:16:56 2020 +0000
+commit bd4fba22e14da2fa196009010aabec5a8ba9dd42
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Sat Apr 17 09:55:47 2021 +1000
 
-    upstream: When doing an sftp recursive upload or download of a
-    
-    read-only directory, ensure that the directory is created with write and
-    execute permissions in the interim so that we can actually complete the
-    transfer, then set the directory permission as the final step.  (The execute
-    bit is only likely to be an issue with a non-POSIX server).  bz#3222, ok djm@
-    
-    OpenBSD-Commit-ID: a82606212f2796e31f0e1af94a63355a7ad5d903
+    Add obsd51 target.
 
-commit 0f90440ca70abab947acbd77795e9f130967956c
+commit 9403d0e805c77a5741ea8c3281bbe92558c2f125
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Nov 20 13:37:54 2020 +1100
+Date:   Fri Apr 16 18:14:25 2021 +1000
 
-    Add new pselect6_time64 syscall on ARM.
-    
-    This is apparently needed on armhfp/armv7hl.  bz#3232, patch from
-    jjelen at redhat.com.
+    Add fbsd13 target.
 
-commit 3a7c46c72b6a1f643b1fc3589cd20d8320c3d9e1
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Nov 20 02:14:16 2020 +0000
+commit e86968280e358e62649d268d41f698d64d0dc9fa
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Apr 16 13:55:25 2021 +1000
 
-    upstream: Explicitly initialize all members of the
-    
-    find_by_key_ctx struct.  Initializing a single member should be enough
-    (the spec says the remainder should be initialized as per the static
-    rules) but some GCCs warn on this which prevents us testing with -Werror
-    on those.  ok deraadt@ djm@
-    
-    OpenBSD-Commit-ID: 687126e60a27d30f02614760ef3c3ae4e8d6af28
-
-commit 076cb616b87d1ea1d292973fcd0ba38c08ea6832
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Thu Nov 19 23:05:05 2020 +0000
-
-    upstream: draft-ietf-secsh-architecture is now RFC4251.
-    
-    OpenBSD-Commit-ID: cb0bb58c2711fb5ed519507659be1dcf179ed403
-
-commit 85cceda21f1471548e04111aefe2c4943131c1c8
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Tue Nov 17 11:23:58 2020 +0000
-
-    upstream: Specify that the KDF function is bcrypt. Based on github
-    
-    PR#214 from rafork, ok markus@, mdoc correction jmc@
-    
-    OpenBSD-Commit-ID: d8f2853e7edbcd483f31b50da77ab80ffa18b4ef
-
-commit 5b9720f9adbd70ba5a994f407fe07a7d016d8d65
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sun Nov 15 22:34:58 2020 +0000
-
-    upstream: revert r1.341; it breaks ProxyJump; reported by sthen@
-    
-    OpenBSD-Commit-ID: 6ac2f945b26cb86d936eed338f77861d6da8356a
-
-commit 04088725ec9c44880c01799b588cd4ba47b3e8bc
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Nov 13 07:30:44 2020 +0000
-
-    upstream: scrub keyboard-interactive authentication prompts coming
-    
-    from the server through asmprintf() prior to display; suggested by and ok
-    dtucker@
-    
-    OpenBSD-Commit-ID: 31fe93367645c37fbfe4691596bf6cf1e3972a58
-
-commit 5442b491d0ee4bb82f6341ad0ee620ef3947f8c5
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Nov 13 04:53:12 2020 +0000
-
-    upstream: prefix keyboard interactive prompts with (user@host) to
-    
-    make it easier to determine which connection they are associated with in
-    cases like scp -3, ProxyJump, etc. bz#3224 ok dtucker
-    
-    OpenBSD-Commit-ID: 67e6189b04b46c867662f8a6759cf3ecb5f59170
-
-commit 2992e4e7014ac1047062acfdbbf6feb156fef616
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Nov 13 17:56:11 2020 +1100
-
-    Remove use of TIME_WITH_SYS_TIME.
-    
-    It was only set by the recently removed AC_HEADER_TIME macro, replace
-    with simple inclusions of both sys/time.h and time.h.  Should prevent
-    mis-detection of struct timespec.
-
-commit e3f27006f15abacb7e89fda3f5e9a0bd420b7e38
-Author: Damien Miller <djm@mindrot.org>
-Date:   Fri Nov 13 14:20:43 2020 +1100
-
-    Revert "detect Linux/X32 systems"
-    
-    This reverts commit 5b56bd0affea7b02b540bdbc4d1d271b0e4fc885.
-    
-    The approach used was incorrect; discussion in bz#3085
-
-commit e51dc7fab61df36e43f3bc64b673f88d388cab91
-Author: Damien Miller <djm@mindrot.org>
-Date:   Fri Nov 13 13:22:15 2020 +1100
-
-    SELinux has deprecated security_context_t
-    
-    (it was only ever a char* anyway)
-
-commit b79add37d118276d67f3899987b9f0629c9449c3
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Nov 13 13:43:30 2020 +1100
-
-    Remove obsolete AC_HEADER_TIME macro.
-    
-    AC_HEADER_TIME is marked as obsolete in autoconf-2.70 and as far as I
-    can tell everything we have that might be old enough to need it doesn't.
-
-commit d5d05cdb3d4efd4a618aa52caab5bec73097c163
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Thu Nov 12 22:56:00 2020 +0000
-
-    upstream: when prompting the user to accept a new hostkey, display
-    
-    any other host names/addresses already associated with the key. E.g.
-    
-    > The authenticity of host 'test (10.0.0.1)' can't be established.
-    > ECDSA key fingerprint is SHA256:milU4MODXm8iJQI18wlsbPG7Yup+34fuNNmV08qDnax.
-    > This host key is known by the following other names/addresses:
-    >     ~/.ssh/known_hosts:1: host.example.org,10.0.0.1
-    >     ~/.ssh/known_hosts:2: [hashed name]
-    >     ~/.ssh/known_hosts:3: [hashed name]
-    >     ~/.ssh/known_hosts:4: host
-    >     ~/.ssh/known_hosts:5: [host]:2222
-    > Are you sure you want to continue connecting (yes/no/[fingerprint])?
-    
-    feedback and ok markus@
-    
-    OpenBSD-Commit-ID: f6f58a77b49f1368b5883b3a1f776447cfcc7ef4
-
-commit 819b44e8b9af6ce18d3ec7505b9f461bf7991a1f
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Thu Nov 12 22:38:57 2020 +0000
-
-    upstream: Prevent integer overflow when ridiculously large
-    
-    ConnectTimeout is specified, capping the effective value (for most platforms)
-    at 24 days. bz#3229, ok djm@
-    
-    OpenBSD-Commit-ID: 62d4c4b7b87d111045f8e9f28b5b532d17ac5bc0
-
-commit add926dd1bbe3c4db06e27cab8ab0f9a3d00a0c2
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Nov 11 05:22:32 2020 +0000
-
-    upstream: fix logic error that broke URI parsing in ProxyJump
-    
-    directives; ok dtucker@
-    
-    OpenBSD-Commit-ID: 96d48839b1704882a0e9a77898f5e14b2d222705
-
-commit 4340dd43928dfe746cb7e75fe920b63c0d909a9a
-Author: claudio@openbsd.org <claudio@openbsd.org>
-Date:   Tue Nov 10 07:46:20 2020 +0000
-
-    upstream: Free the previously allocated msg buffer after writing it
-    
-    out. OK djm@
-    
-    OpenBSD-Commit-ID: 18c055870fc75e4cb9f926c86c7543e2e21d7fa4
-
-commit fcf429a4c69d30d8725612a55b37181594da8ddf
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Wed Nov 11 12:30:46 2020 +1100
-
-    Prevent excessively long username going to PAM.
-    
-    This is a mitigation for a buffer overflow in Solaris' PAM username
-    handling (CVE-2020-14871), and is only enabled for Sun-derived PAM
-    implementations.  This is not a problem in sshd itself, it only
-    prevents sshd from being used as a vector to attack Solaris' PAM.
-    It does not prevent the bug in PAM from being exploited via some other
-    PAM application.
-    
-    Based on github PR#212 from Mike Scott but implemented slightly
-    differently.  ok tim@ djm@
-
-commit 10dce8ff68ef615362cfcab0c0cc33ce524e7682
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sun Nov 8 23:19:03 2020 +0000
-
-    upstream: unbreak; missing NULL check
-    
-    OpenBSD-Commit-ID: 6613dfab488123f454d348ef496824476b8c11c0
-
-commit d5a0cd4fc430c8eda213a4010a612d4778867cd9
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sun Nov 8 22:37:24 2020 +0000
-
-    upstream: when requesting a security key touch on stderr, inform the
-    
-    user once the touch has been recorded; requested by claudio@ ok markus@
-    
-    OpenBSD-Commit-ID: 3b76ee444490e546b9ea7f879e4092ee0d256233
-
-commit 292bcb2479deb27204e3ff796539c003975a5f7a
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Mon Nov 9 00:33:35 2020 +1100
-
-    Remove preprocessor directive from log macro calls.
-    
-    Preprocessor directives inside macro calls, such as the new log macros,
-    are undefined behaviour and do not work with, eg old GCCs.  Put the
-    entire log call inside the ifdef for OPENSSL_HAS_NISTP521.
-
-commit 71693251b7cbb7dd89aaac18815147124732d0d3
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Sun Nov 8 12:10:20 2020 +0000
-
-    upstream: Add a comment documenting the source of the moduli group
-    
-    sizes.
-    
-    OpenBSD-Commit-ID: aec0725ce607630caaa62682624c6763b350391c
-
-commit 4d94b031ff88b015f0db57e140f481bff7ae1a91
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Sun Nov 8 11:46:12 2020 +0000
-
-    upstream: Replace WITH_OPENSSL ifdefs in log calls with a macro.
-    
-    The log calls are themselves now macros, and preprocessor directives inside
-    macro arguments are undefined behaviour which some compilers (eg old GCCs)
-    choke on.  It also makes the code tidier.  ok deraadt@
-    
-    OpenBSD-Commit-ID: cc12a9029833d222043aecd252d654965c351a69
-
-commit 6d2564b94e51184eb0b73b97d13a36ad50b4f810
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Nov 6 17:11:16 2020 +1100
-
-    Fix function body for variadic macro test.
-    
-    AC_LANG_PROGRAM puts its second argument inside main() so we don't need
-    to do it ourselves.
-
-commit 586f9bd2f5980e12f8cf0d3c2a761fa63175da52
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Nov 6 16:53:24 2020 +1100
-
-    Remove AC_PROC_CC_C99 obsoleted in autoconf 2.70.
-    
-    Since we only use it to make sure we can handle variadic macros,
-    explicitly check only for that.  with & ok djm@
-
-commit a019e353df04de1b2ca78d91b39c393256044ad7
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Nov 6 13:56:41 2020 +1100
-
-    Replace AC_TRY_COMPILE obsoleted in autoconf 2.70.
-    
-    Replace with the equivalent AC_COMPILE_IFELSE.
-
-commit 771b7795c0ef6a2fb43b4c6c66b615c2085cb9cd
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Nov 6 13:55:33 2020 +1100
-
-    Move AC_PROG_CC_C99 to immediately afer AC_PROG_CC.
-    
-    This puts the related C version selection output in the same place.
-
-commit e5591161f21ab493c6284a85ac3c0710ad94998f
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Nov 6 13:54:17 2020 +1100
-
-    AC_CHECK_HEADER() is obsoleted in autoconf 2.70.
-    
-    Replace with the non-obsoleted AC_CHECK_HEADERS().
-
-commit 05bcd0cadf160fd4826a2284afa7cba6ec432633
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Nov 3 22:53:12 2020 +0000
-
-    upstream: fold consecutive '*' wildcards to mitigate combinatorial
-    
-    explosion of recursive searches; ok dtucker
-    
-    OpenBSD-Commit-ID: d18bcb39c40fb8a1ab61153db987e7d11dd3792b
-
-commit 7d680448db5858dc76307663f78d0b8d3c2b4a3d
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Oct 30 01:50:07 2020 +0000
-
-    upstream: print reason in fatal error message when
-    
-    kex_assemble_namelist() fails
-    
-    OpenBSD-Commit-ID: a9975ee8db6c98d6f32233d88051b2077ca63dab
-
-commit 95d1109fec7e89ad21f2a97e92bde1305d32a353
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Thu Oct 29 03:13:06 2020 +0000
-
-    upstream: fix sshd_config SetEnv directive inside Match blocks; part of
-    
-    github PR#201 from github user manuelm
-    
-    OpenBSD-Commit-ID: 9772e3748abff3ad65ae8fc43d026ed569b1d2bc
-
-commit b12b835dc022ba161afe68348e05a83dfbcb1515
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Thu Oct 29 03:01:18 2020 +0000
-
-    upstream: fix type of nid in type_bits_valid(); github PR#202 from
-    
-    github user thingsconnected
-    
-    OpenBSD-Commit-ID: 769d2b040dec7ab32d323daf54b854dd5dcb5485
-
-commit 1a14c13147618144d1798c36a588397ba9008fcc
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Thu Oct 29 02:52:43 2020 +0000
-
-    upstream: whitespace; no code change
-    
-    OpenBSD-Commit-ID: efefc1c47e880887bdee8cd2127ca93177eaad79
-
-commit 815209abfdd2991fb92ad7d2e33374916cdcbcf4
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Thu Oct 29 02:47:23 2020 +0000
-
-    upstream: UpdateHostkeys: fixed/better detection of host keys that
-    
-    exist under other names and addresses; spotted by and debugged with lots of
-    help from jca@
-    
-    OpenBSD-Commit-ID: 5113d7f550bbd48243db1705afbf16b63792d4b7
-
-commit a575cf44e59a65506c67bddb62a712208a7a279c
-Author: Duncan Eastoe <duncan.eastoe@att.com>
-Date:   Wed Oct 21 10:11:10 2020 +0100
-
-    session.c: use "denylist" terminology
-    
-    Follow upstream (6d755706a0059eb9e2d63517f288b75cbc3b4701) language
-    improvements in this portable-specific code.
-
-commit 33267feaffd5d98aa56d2f0b3a99ec352effe938
-Author: Damien Miller <djm@mindrot.org>
-Date:   Tue Oct 27 16:46:31 2020 +1100
-
-    Remove checks for strict POSIX mkdtemp()
-    
-    We needed a mkdtemp() that accepted template paths that did not
-    end in XXXXXX a long time ago for KRB4, but that code is long
-    deprecated. We no longer need to replace mkdtemp() for strictly
-    following POSIX. ok dtucker@
-
-commit 492d70e18bad5a8c97d05f5eddac817171e88d2c
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Mon Oct 26 00:39:04 2020 +0000
-
-    upstream: Minor man page fixes (capitalization, commas) identified by
-    
-    the manpage-l10n project via bz#3223.  feedback deraadt@, ok jmc@
-    
-    OpenBSD-Commit-ID: ab83af0daf18369244a72daaec6c4a58a9eb7e2c
-
-commit eab2888cfc6cc4e2ef24bd017da9835a0f365f3f
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Mon Oct 19 22:49:23 2020 +0000
-
-    upstream: Adapt XMSS to new logging infrastructure. With markus@, ok
-    
-    djm@.
-    
-    OpenBSD-Commit-ID: 9c35ec3aa0f710e4e3325187ceff4fa3791686de
-
-commit f7bd11e4941620991f3e727cd0131b01f0311a58
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Oct 19 08:07:08 2020 +0000
-
-    upstream: fix SEGV on fatal() errors spotted by dtucker@
-    
-    OpenBSD-Commit-ID: 75f155a1ac61e364ed00dc379e2c42df81067ce2
-
-commit 7715a3b171049afa1feffb1d5a1245dfac36ce99
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Mon Oct 19 10:54:41 2020 +1100
-
-    Use fatal_fr not fatal_r when passing r.
-    
-    Caught by the PAM -Werror tinderbox build.
-
-commit 816036f142ecd284c12bb3685ae316a68d2ef190
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sun Oct 18 11:32:01 2020 +0000
-
-    upstream: use the new variant log macros instead of prepending
-    
-    __func__ and appending ssh_err(r) manually; ok markus@
-    
-    OpenBSD-Commit-ID: 1f14b80bcfa85414b2a1a6ff714fb5362687ace8
-
-commit 9e2c4f64224f68fb84c49b5182e449f94b0dc985
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sun Oct 18 11:21:59 2020 +0000
-
-    upstream: variants of the log methods that append a ssherr.h string
-    
-    from a supplied error code; ok markus@
-    
-    OpenBSD-Commit-ID: aed98c4435d48d036ae6740300f6a8357b7cc0bf
-
-commit 28cb0a4b03940d1ee576eb767a81a4113bdc917e
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sun Oct 18 11:14:27 2020 +0000
-
-    upstream: remove a level of macro indirection; ok markus@
-    
-    OpenBSD-Commit-ID: 0c529d06e902c5d1a6b231e1bec6157f76dc67c9
-
-commit 9cac1db52e6c4961c447910fe02cd68a3b2f9460
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sun Oct 18 11:13:45 2020 +0000
-
-    upstream: add some variant log.h calls that prepend the calling
-    
-    function name; ok markus@
-    
-    OpenBSD-Commit-ID: 4be1b2e2455b271ddb7457bc195c5367644f4e48
-
-commit d55dfed34ef6ef1f028d552a90d5f3dba8dd6f7b
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sat Oct 17 22:55:24 2020 +1100
-
-    missing header
-
-commit 999d7cb79a3a73d92a6dfbf174c33da0d984c7a2
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sat Oct 17 22:47:52 2020 +1100
-
-    sync regress/misc/sk-dummy/fatal.c
-
-commit 3554b4afa38b3483a3302f1be18eaa6f843bb260
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sat Oct 17 01:28:20 2020 +0000
-
-    upstream: make the log functions that exit (sshlogdie(),
-    
-    sshfatal(), etc) have identical signatures. Makes things a bit more
-    consistent...
-    
-    OpenBSD-Commit-ID: bd0ae124733389d7c0042e135c71ee9091362eb9
-
-commit 616029a85ad7529b24bb8c4631d9607c0d6e7afe
-Author: jmc@openbsd.org <jmc@openbsd.org>
-Date:   Fri Oct 16 14:34:33 2020 +0000
-
-    upstream: add space between macro arg and punctuation;
-    
-    OpenBSD-Commit-ID: bb81e2ed5a77832fe62ab30a915ae67cda57633e
-
-commit f812a36cee5727147bc897d34ab9af068dd4561e
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sat Oct 17 12:03:34 2020 +1100
-
-    check for and require a C99 capable compiler
-    
-    recent logging changes use __VA_ARGS__.
-
-commit f9ea6515202b59a1e2d5b885cafc1b12eff33016
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sat Oct 17 11:51:20 2020 +1100
-
-    logging is now macros, remove function pointers
-
-commit 0f938f998626e8359324f803157cd7c9f8f403e2
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sat Oct 17 11:42:26 2020 +1100
-
-    adapt sk-dummy's fatal implementation to changes
-
-commit afbd9ec9e2dbad04834ce7ce53e58740434f32a5
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sat Oct 17 11:33:13 2020 +1100
-
-    fix netcat build problem
-
-commit 793b583d097381730adaf6f68bed3c343139a013
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Oct 16 13:26:13 2020 +0000
-
-    upstream: LogVerbose keyword for ssh and sshd
-    
-    Allows forcing maximum debug logging by file/function/line pattern-
-    lists.
-    
-    ok markus@
-    
-    OpenBSD-Commit-ID: c294c25732d1b4fe7e345cb3e044df00531a6356
-
-commit 752250caabda3dd24635503c4cd689b32a650794
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Oct 16 13:24:45 2020 +0000
-
-    upstream: revised log infrastructure for OpenSSH
-    
-    log functions receive function, filename and line number of caller.
-    We can use this to selectively enable logging via pattern-lists.
-    
-    ok markus@
-    
-    OpenBSD-Commit-ID: 51a472610cbe37834ce6ce4a3f0e0b1ccc95a349
-
-commit acadbb3402b70f72f14d9a6930ad41be97c2f9dc
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Oct 16 02:37:12 2020 +0000
-
-    upstream: use do_log2 instead of function pointers to different log
-    
-    functions
-    
-    OpenBSD-Commit-ID: 88077b826d348c58352a6b394755520f4e484480
-
-commit 95b0bcfd1531d59e056ae8af27bb741391f26ab0
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Oct 14 00:55:17 2020 +0000
-
-    upstream: make UpdateHostkeys still more conservative: refuse to
-    
-    proceed if one of the keys offered by the server is already in known_hosts
-    under another name. This avoid collisions between address entries for
-    different host aliases when CheckHostIP=yes
-    
-    Also, do not attempt to fix known_hosts with incomplete host/ip matches
-    when there are no new or deprecated hostkeys.
-    
-    OpenBSD-Commit-ID: 95c19842f7c41f9bd9c92aa6441a278c0fd0c4a3
-
-commit a336ce8c2c55547cc00e0070a18c55f30bb53fb6
-Author: kn@openbsd.org <kn@openbsd.org>
-Date:   Mon Oct 12 08:36:36 2020 +0000
-
-    upstream: Zap unused family parameter from ssh_connect_direct()
-    
-    sshconnect.c r1.241 from 2013 made it unused;  found while reading code.
-    
-    OK djm
-    
-    OpenBSD-Commit-ID: 219ba6d7f9925d0b7992918612680399d86712b5
-
-commit e545d94b713effab8e6c7dfabbfb76c1d84d7498
-Author: Philip Hands <phil@hands.com>
-Date:   Sun Oct 4 00:15:46 2020 +0200
-
-    shift contents of long $() into filter_ids()
-    
-    This was prompted by the fact that posh does not deal with $()
-    that contains comments where the comment includes an odd number
-    of single-quotes. It seems to get befuddled into trying to find
-    the matching quote.
-    Regardless, making a function for filtering the unneeded ids
-    seems much neater than avoiding apostrophes,
-    so that's what I've done.
-    
-    SSH-Copy-ID-Upstream: 3dab3366a584427045c8a690a93282f02c09cf24
-
-commit fd360174596047b52aa1cddda74d85012a03ca4b
-Author: Philip Hands <phil@hands.com>
-Date:   Sat Oct 3 23:15:16 2020 +0200
-
-    combine if/elif to avoid duplication of the action
-    
-    SSH-Copy-ID-Upstream: 42aeb1cc53d3f7f6e78edc210fb121fda0834914
-
-commit f7c3a39b016dd77709ecbf18da8282f967b86cd7
-Author: Philip Hands <phil@hands.com>
-Date:   Sat Oct 3 21:45:16 2020 +0200
-
-    shellcheck tidyage
-    
-    SSH-Copy-ID-Upstream: 5b08f840e78ac544288b3983010a1b0585e966fd
-
-commit 108676c3f26be6c873db0dd8754063699908727b
-Author: Philip Hands <phil@hands.com>
-Date:   Sat Oct 3 21:10:03 2020 +0200
-
-    tidy up test of $SCRATCH_DIR creation
-    
-    SSH-Copy-ID-Upstream: 2d8b22d96c105d87743ffe8874887b06f8989b93
-
-commit a9c9e91a82bc1a2cf801b4e3ef27a941dbd27717
-Author: Philip Hands <phil@hands.com>
-Date:   Wed Sep 16 16:13:30 2020 +0200
-
-    add -s flag: to install keys via SFTP
-    
-    This is prompted by:
-    
-     https://bugzilla.mindrot.org/show_bug.cgi?id=3201
-    
-    Thanks go to Matthias Blümel for the idea, and the helpful patch, from
-    which this patch grew.
-    
-    SSH-Copy-ID-Upstream: f7c76dc64427cd20287a6868f672423b62057614
-
-commit f92424970c02b78852ff149378c7f2616ada4ccf
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sun Oct 11 22:14:38 2020 +0000
-
-    upstream: UpdateHostkeys: check for keys under other names
-    
-    Stop UpdateHostkeys from automatically removing deprecated keys from
-    known_hosts files if the same keys exist under a different name or
-    address to the host that is being connected to.
-    
-    This avoids UpdateHostkeys from making known_hosts inconsistent in
-    some cases. For example, multiple host aliases sharing address-based
-    known_hosts on different lines, or hosts that resolves to multiple
-    addresses.
-    
-    ok markus@
-    
-    OpenBSD-Commit-ID: 6444a705ba504c3c8ccddccd8d1b94aa33bd11c1
-
-commit d98f14b5328922ae3085e07007d820c4f655b57a
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sun Oct 11 22:13:37 2020 +0000
-
-    upstream: UpdateHostkeys: better CheckHostIP handling
-    
-    When preparing to update the known_hosts file, fully check both
-    entries for both the host and the address (if CheckHostIP enabled)
-    and ensure that, at the end of the operation, entries for both are
-    recorded.
-    
-    Make sure this works with HashKnownHosts too, which requires maintaining
-    a list of entry-types seen across the whole file for each key.
-    
-    ok markus@
-    
-    OpenBSD-Commit-ID: 374dc263103f6b343d9671f87dbf81ffd0d6abdd
-
-commit af5941ae9b013aac12585e84c4cf494f3728982f
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sun Oct 11 22:12:44 2020 +0000
-
-    upstream: UpdateHostkeys: better detect manual host entries
-    
-    Disable UpdateHostkeys if the known_hosts line has more than two
-    entries in the pattern-list. ssh(1) only writes "host" or "host,ip"
-    lines so anything else was added by a different tool or by a human.
-    
-    ok markus@
-    
-    OpenBSD-Commit-ID: e434828191fb5f3877d4887c218682825aa59820
-
-commit 6247812c76f70b2245f3c23f5074665b3d436cae
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Thu Oct 8 01:15:16 2020 +0000
-
-    upstream: don't misdetect comma-separated hostkey names as wildcards;
-    
-    spotted by naddy@
-    
-    OpenBSD-Commit-ID: 4b874edfec7fc324a21b130bdb42f912177739ce
-
-commit 67146c7d022a170be3cdad2f5f40259a663fb266
-Author: wangxp006 <wangxiaopeng7@huawei.com>
-Date:   Thu Oct 8 17:49:59 2020 +0800
-
-    fix TEST_MALLOC_OPTIONS var
-
-commit 3205eaa3f8883a34fa4559ddef6c90d1067c5cce
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Thu Oct 8 00:31:05 2020 +0000
-
-    upstream: clarify conditions for UpdateHostkeys
-    
-    OpenBSD-Commit-ID: 9cba714cf6aeed769f998ccbe8c483077a618e27
-
-commit e8dfca9bfeff05de87160407fb3e6a5717fa3dcb
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Oct 7 06:38:16 2020 +0000
-
-    upstream: remove GlobalKnownHostsFile for this test after
-    
-    UpdateHostkeys change
-    
-    OpenBSD-Regress-ID: a940ad79d59343319613ba8fc46b6ef24aa3f8e1
-
-commit 4aa2717d7517cff4bc423a6cfba3a2defb055aea
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Oct 7 02:26:28 2020 +0000
-
-    upstream: Disable UpdateHostkeys when hostkey checking fails
-    
-    If host key checking fails (i.e. a wrong host key is recorded for the
-    server) and the user elects to continue (via StrictHostKeyChecking=no),
-    then disable UpdateHostkeys for the session.
-    
-    reminded by Mark D. Baushke; ok markus@
-    
-    OpenBSD-Commit-ID: 98b524f121f4252309dd21becd8c4cacb0c6042a
-
-commit 04c06d04475f1f673e9d9743710d194453fe3888
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Oct 7 02:25:43 2020 +0000
-
-    upstream: Fix UpdateHostkeys/HashKnownHosts/CheckHostIP bug
-    
-    When all of UpdateHostkeys, HashKnownHosts and ChechHostIP
-    were enabled and new host keys were learned, known_hosts IP
-    entries were not being recorded for new host keys.
-    
-    reported by matthieu@ ok markus@
-    
-    OpenBSD-Commit-ID: a654a8290bd1c930aac509e8158cf85e42e49cb7
-
-commit b70e33711291f3081702133175a41cccafc0212a
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Oct 7 02:24:51 2020 +0000
-
-    upstream: don't UpdateHostkeys when the hostkey is verified by the
-    
-    GlobalKnownHostsFile file, support only UserKnownHostsFile matches
-    
-    suggested by Mark D. Baushke; feedback and ok markus@
-    
-    OpenBSD-Commit-ID: eabb771a6add676c398d38a143a1aff5f04abbb9
-
-commit aa623142e426ca1ab9db77b06dcc9b1b70bd102b
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Oct 7 02:22:23 2020 +0000
-
-    upstream: revert kex->flags cert hostkey downgrade back to a plain
-    
-    key (commitid VtF8vozGOF8DMKVg). We now do this a simpler way that needs less
-    plumbing.
-    
-    ok markus@
-    
-    OpenBSD-Commit-ID: fb92d25b216bff8c136da818ac2221efaadf18ed
-
-commit f4f14e023cafee1cd9ebe4bb0db4029e6e1fafac
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Oct 7 02:20:35 2020 +0000
-
-    upstream: simply disable UpdateHostkeys when a certificate
-    
-    successfully authenticated the host; simpler than the complicated plumbing
-    via kex->flags we have now.
-    
-    ok markus@
-    
-    OpenBSD-Commit-ID: 80e39644eed75717d563a7f177e8117a0e14f42c
-
-commit e79957e877db42c4c68fabcf6ecff2268e53acb5
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Oct 7 02:18:45 2020 +0000
-
-    upstream: disable UpdateHostkeys by default if VerifyHostKeyDNS is
-    
-    enabled; suggested by Mark D. Baushke
-    
-    OpenBSD-Commit-ID: 85a1b88592c81bc85df7ee7787dbbe721a0542bf
-
-commit 3d4c2016bae1a6f14b48c1150a4c79ca4c9968bd
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Tue Oct 6 07:12:04 2020 +0000
-
-    upstream: Agent protocol draft is now at rev 4. ok djm@
-    
-    OpenBSD-Commit-ID: 8c01ea3aae48aab45e01b7421b0fca2dad5e7837
-
-commit af889a40ffc113af9105c03d7b32131eb4372d50
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sun Oct 4 09:45:01 2020 +0000
-
-    upstream: when ordering host key algorithms in the client, consider
-    
-    the ECDSA key subtype; ok markus@
-    
-    OpenBSD-Commit-ID: 3097686f853c61ff61772ea35f8b699931392ece
-
-commit 2d39fc9f7e039351daa3d6aead1538ac29258add
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Sun Oct 4 03:04:02 2020 +0000
-
-    upstream: Allow full range of UIDs and GIDs for sftp chown and
-    
-    chgrp on 32bit platforms instead of being limited by LONG_MAX.  bz#3206,
-    found by booking00 at sina.cn, ok markus@
-    
-    OpenBSD-Commit-ID: 373b7bbf1f15ae482d39567ce30d18b51c9229b5
-
-commit 396d32f3a1a16e54df2a76b2a9b237868580dcbe
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sat Oct 3 09:22:26 2020 +0000
-
-    upstream: There are lots of place where we want to redirect stdin,
-    
-    stdout and/or stderr to /dev/null. Factor all these out to a single
-    stdfd_devnull() function that allows selection of which of these to redirect.
-    ok markus@
-    
-    OpenBSD-Commit-ID: 3033ba5a4c47cacfd5def020d42cabc52fad3099
-
-commit 1286981d08b8429a64613215ce8bff3f6b32488a
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sat Oct 3 08:30:47 2020 +0000
-
-    upstream: enable UpdateHostkeys by default when the configuration
-    
-    has not overridden UserKnownHostsFile; ok markus@ "The timing is perfect"
-    deraadt@
-    
-    OpenBSD-Commit-ID: 62df71c9c5242da5763cb473c2a2deefbd0cef60
-
-commit 332f21537293d66508f7342dc643bc7fe45f0f69
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sat Oct 3 08:12:59 2020 +0000
-
-    upstream: disable UpdateHostkeys when a wildcard hostname pattern
-    
-    is encountered or when a certificate host key is in use. feedback/ok markus@
-    
-    OpenBSD-Commit-ID: b6e5575af7e6732322be82ec299e09051a5413bd
-
-commit 13cee44ef907824083d89cb9395adbbd552e46c1
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sat Oct 3 08:11:28 2020 +0000
-
-    upstream: record when the host key checking code downgrades a
-    
-    certificate host key to a plain key. This occurs when the user connects to a
-    host with a certificate host key but no corresponding CA key configured in
-    known_hosts; feedback and ok markus@
-    
-    OpenBSD-Commit-ID: 2ada81853ff9ee7824c62f440bcf4ad62030c901
-
-commit 12ae8f95e2e0c273e9e7ef930b01a028ef796a3f
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sat Oct 3 04:15:06 2020 +0000
-
-    upstream: prefer ed25519 signature algorithm variants to ECDSA; ok
-    
-    markus@
-    
-    OpenBSD-Commit-ID: 82187926fca96d35a5b5afbc091afa84e0966e5b
-
-commit e5ed753add7aa8eed6b167e44db6240a76404db2
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sat Oct 3 03:40:38 2020 +0000
-
-    upstream: want time.h here too
-    
-    OpenBSD-Commit-ID: fafee8f1108c64ad8b282f9a1ed5ea830d8c58a7
-
-commit 66bd9fdf8b7762eb6a85cabbb1ae4ed955679f60
-Author: deraadt@openbsd.org <deraadt@openbsd.org>
-Date:   Sat Oct 3 02:18:33 2020 +0000
-
-    upstream: split introductory paragraph, and insert ominous words about
-    
-    the glob issue, which cannot be fully fixed and really requires completely
-    replacing scp with a completely different subsystem. team effort to find the
-    right words..
-    
-    OpenBSD-Commit-ID: 58e1f72d292687f63eb357183036ee242513691c
-
-commit 86cc8ce002ea10e88a4c5d622a8fdfab8a7d261f
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sat Oct 3 13:38:55 2020 +1000
-
-    use relative rather than system include here
-
-commit 922cfac5ed5ead9f796f7d39f012dd653dc5c173
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sat Oct 3 13:38:41 2020 +1000
-
-    add some openbsd-compat licenses we missed
-
-commit ce941c75ea9cd6c358508a5b206809846c8d9240
-Author: Philip Hands <phil@hands.com>
-Date:   Sat Oct 3 00:20:07 2020 +0200
-
-    un-nest $() to make ksh cheerful
-
-commit 18ea5f4b88e303677d2003b95e5cb864b439e442
-Author: Philip Hands <phil@hands.com>
-Date:   Fri Oct 2 21:30:10 2020 +0200
-
-    ksh doesn't grok 'local'
-    
-    and AFAICT it's not actually doing anything useful in the code, so let's
-    see how things go without it.
-
-commit d9e727dcc04a52caaac87543ea1d230e9e6b5604
-Author: Oleg <Fallmay@users.noreply.github.com>
-Date:   Thu Oct 1 12:09:08 2020 +0300
-
-    Fix `EOF: command not found` error in ssh-copy-id
-
-commit a1a856d50c89be3206f320baa4bfb32fff4e826f
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Wed Sep 30 09:11:39 2020 +0000
-
-    upstream: Regen moduli.
-    
-    OpenBSD-Commit-ID: 04967f8c43e9854ac34b917bcd6f5ac96c53a693
-
-commit fa1fe3ead7069d90d3c67d62137ad66acfcc9f48
-Author: HARUYAMA Seigo <haruyama@unixuser.org>
-Date:   Sun Sep 27 20:06:20 2020 +0900
-
-    Restore first section title of INSTALL
-
-commit 279261e1ea8150c7c64ab5fe7cb4a4ea17acbb29
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sun Sep 27 17:25:01 2020 +1000
-
-    update version numbers
-
-commit 58ca6ab6ff035ed12b5078e3e9c7199fe72c8587
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sun Sep 27 07:22:05 2020 +0000
-
-    upstream: openssh 8.4
-    
-    OpenBSD-Commit-ID: a29e5b372d2c00e297da8a35a3b87c9beb3b4a58
-
-commit 9bb8a303ce05ff13fb421de991b495930be103c3
-Author: Damien Miller <djm@mindrot.org>
-Date:   Tue Sep 22 10:07:43 2020 +1000
-
-    sync with upstream ssh-copy-id rev f0da1a1b7
-
-commit 0a4a5571ada76b1b012bec9cf6ad1203fc19ec8d
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Sep 21 07:29:09 2020 +0000
-
-    upstream: close stdin when forking after authentication too; ok markus
-    
-    OpenBSD-Commit-ID: 43db17e4abc3e6b4a7b033aa8cdab326a7cb6c24
-
-commit d14fe25e6c3b89f8af17e2894046164ac3b45688
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sun Sep 20 23:31:46 2020 +0000
-
-    upstream: close stdout/stderr after "ssh -f ..." forking
-    
-    bz#3137, ok markus
-    
-    OpenBSD-Commit-ID: e2d83cc4dea1665651a7aa924ad1ed6bcaaab3e2
-
-commit 53a33a0d745179c02108589e1722457ca8ae4372
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sun Sep 20 15:57:09 2020 +1000
-
-    .depend
-
-commit 107eb3eeafcd390e1fa7cc7672a05e994d14013e
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sun Sep 20 05:47:25 2020 +0000
-
-    upstream: cap channel input buffer size at 16MB; avoids high memory use
-    
-    when peer advertises a large window but is slow to consume the data we send
-    (e.g. because of a slow network)
-    
-    reported by Pierre-Yves David
-    
-    fix with & ok markus@
-    
-    OpenBSD-Commit-ID: 1452771f5e5e768876d3bfe2544e3866d6ade216
-
-commit acfe2ac5fe033e227ad3a56624fbbe4af8b5da04
-Author: Damien Miller <djm@mindrot.org>
-Date:   Fri Sep 18 22:02:53 2020 +1000
-
-    libfido2 1.5.0 is recommended
-
-commit 52a03e9fca2d74eef953ddd4709250f365ca3975
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Sep 18 08:16:38 2020 +0000
-
-    upstream: handle multiple messages in a single read()
-    
-    PR#183 by Dennis Kaarsemaker; feedback and ok markus@
-    
-    OpenBSD-Commit-ID: 8570bb4d02d00cf70b98590716ea6a7d1cce68d1
-
-commit dc098405b2939146e17567a25b08fc6122893cdf
-Author: pedro martelletto <pedro@ambientworks.net>
-Date:   Fri Sep 18 08:57:29 2020 +0200
-
-    configure.ac: add missing includes
-    
-    when testing, make sure to include the relevant header files that
-    declare the types of the functions used by the test:
-    
-    - stdio.h for printf();
-    - stdlib.h for exit();
-    - string.h for strcmp();
-    - unistd.h for unlink(), _exit(), fork(), getppid(), sleep().
-
-commit b3855ff053f5078ec3d3c653cdaedefaa5fc362d
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Sep 18 05:23:03 2020 +0000
-
-    upstream: tweak the client hostkey preference ordering algorithm to
-    
-    prefer the default ordering if the user has a key that matches the
-    best-preference default algorithm.
-    
-    feedback and ok markus@
-    
-    OpenBSD-Commit-ID: a92dd7d7520ddd95c0a16786a7519e6d0167d35f
-
-commit f93b187ab900c7d12875952cc63350fe4de8a0a8
-Author: Damien Miller <djm@mindrot.org>
-Date:   Fri Sep 18 14:55:48 2020 +1000
-
-    control over the colours in gnome-ssh-askpass[23]
-    
-    Optionally set the textarea colours via $GNOME_SSH_ASKPASS_FG_COLOR and
-    $GNOME_SSH_ASKPASS_BG_COLOR. These accept the usual three or six digit
-    hex colours.
-
-commit 9d3d36bdb10b66abd1af42e8655502487b6ba1fa
-Author: Damien Miller <djm@mindrot.org>
-Date:   Fri Sep 18 14:50:38 2020 +1000
-
-    focus improvement for gnome-ssh-askpass[23]
-    
-    When serving a SSH_ASKPASS_PROMPT=none information dialog, ensure
-    then <enter> doesn't immediately close the dialog. Instead, require an
-    explicit <tab> to reach the close button, or <esc>.
-
-commit d6f507f37e6c75a899db0ef8224e72797c5563b6
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Wed Sep 16 03:07:31 2020 +0000
-
-    upstream: Remove unused buf, last user was removed when switching
-    
-    to the sshbuf API. Patch from Sebastian Andrzej Siewior.
-    
-    OpenBSD-Commit-ID: 250fa17f0cec01039cc4abd95917d9746e24c889
-
-commit c3c786c3a0973331ee0922b2c51832a3b8d7f20f
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Sep 9 21:57:27 2020 +0000
-
-    upstream: For the hostkey confirmation message:
-    
-    > Are you sure you want to continue connecting (yes/no/[fingerprint])?
-    
-    compare the fingerprint case sensitively; spotted Patrik Lundin
-    ok dtucker
-    
-    OpenBSD-Commit-ID: 73097afee1b3a5929324e345ba4a4a42347409f2
-
-commit f2950baf0bafe6aa20dfe2e8d1ca4b23528df617
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Sep 11 14:45:23 2020 +1000
-
-    New config-build-time dependency on automake.
-
-commit 600c1c27abd496372bd0cf83d21a1c119dfdf9a5
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Sun Sep 6 21:56:36 2020 +1000
-
-    Add aclocal.m4 and config.h.in~ to .gitignore.
-    
-    aclocal.m4 is now generated by autoreconf.
-
-commit 4bf7e1d00b1dcd3a6b3239f77465c019e61c6715
-Author: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
-Date:   Sat Sep 5 17:50:03 2020 +0200
-
-    Quote the definition of OSSH_CHECK_HEADER_FOR_FIELD
-    
-    autoreconf complains about underquoted definition of
-    OSSH_CHECK_HEADER_FOR_FIELD after aclocal.m4 has been and now is beeing
-    recreated.
-    
-    Quote OSSH_CHECK_HEADER_FOR_FIELD as suggested.
-    
-    Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
-
-commit a2f3ae386b5f7938ed3c565ad71f30c4f7f010f1
-Author: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
-Date:   Sat Sep 5 17:50:02 2020 +0200
-
-    Move the local m4 macros
-    
-    The `aclocal' step is skipped during `autoreconf' because aclocal.m4 is
-    present.
-    Move the current aclocal.m4 which contains local macros into the m4/
-    folder. With this change the aclocal.m4 will be re-created during
-    changes to the m4/ macro.
-    This is needed so the `aclocal' can fetch m4 macros from the system if
-    they are references in the configure script. This is a prerequisite to
-    use PKG_CHECK_MODULES.
-    
-    Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
-
-commit 8372bff3a895b84fd78a81dc39da10928b662f5a
-Author: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
-Date:   Sat Sep 5 17:50:01 2020 +0200
-
-    Remove HAVE_MMAP and BROKEN_MMAP
-    
-    BROKEN_MMAP is no longer defined since commit
-       1cfd5c06efb12 ("Remove portability support for mmap")
-    
-    this commit also removed other HAVE_MMAP user. I didn't find anything
-    that defines HAVE_MMAP. The check does not trigger because compression
-    on server side is by default COMP_DELAYED (2) so it never triggers.
-    
-    Remove remaining HAVE_MMAP and BROKEN_MMAP bits.
-    
-    Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
-
-commit bbf20ac8065905f9cb9aeb8f1df57fcab52ee2fb
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Sep 9 03:10:21 2020 +0000
-
-    upstream: adapt to SSH_SK_VERSION_MAJOR crank
-    
-    OpenBSD-Regress-ID: 0f3e76bdc8f9dbd9d22707c7bdd86051d5112ab8
-
-commit 9afe2a150893b20bdf9eab764978d817b9a7b783
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Aug 28 03:17:13 2020 +0000
-
-    upstream: Ensure that address/mask mismatches are flagged at
-    
-    config-check time. ok djm@
-    
-    OpenBSD-Regress-ID: 8f5f4c2c0bf00e6ceae7a1755a444666de0ea5c2
-
-commit c76773524179cb654ff838dd43ba1ddb155bafaa
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Sep 9 03:08:01 2020 +0000
-
-    upstream: when writing an attestation blob for a FIDO key, record all
-    
-    the data needed to verify the attestation. Previously we were missing the
-    "authenticator data" that is included in the signature.
-    
-    spotted by Ian Haken
-    feedback Pedro Martelletto and Ian Haken; ok markus@
-    
-    OpenBSD-Commit-ID: 8439896e63792b2db99c6065dd9a45eabbdb7e0a
-
-commit c1c44eeecddf093a7983bd91e70b446de789b363
-Author: pedro martelletto <pedro@ambientworks.net>
-Date:   Tue Sep 1 17:01:55 2020 +0200
-
-    configure.ac: fix libfido2 back-compat
-    
-    - HAVE_FIDO_CRED_PROD -> HAVE_FIDO_CRED_PROT;
-    - check for fido_dev_get_touch_begin(), so that
-      HAVE_FIDO_DEV_GET_TOUCH_BEGIN gets defined.
-
-commit 785f0f315bf7ac5909e988bb1ac3e019fb5e1594
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Aug 31 04:33:17 2020 +0000
-
-    upstream: refuse to add verify-required (PINful) FIDO keys to
-    
-    ssh-agent until the agent supports them properly
-    
-    OpenBSD-Commit-ID: 125bd55a8df32c87c3ec33c6ebe437673a3d037e
-
-commit 39e88aeff9c7cb6862b37ad1a87a03ebbb38c233
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Aug 31 00:17:41 2020 +0000
-
-    upstream: Add RCS IDs to the few files that are missing them; from
-    
-    Pedro Martelletto
-    
-    OpenBSD-Commit-ID: 39aa37a43d0c75ec87f1659f573d3b5867e4a3b3
-
-commit 72730249b38a676da94a1366b54a6e96e6928bcb
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Aug 28 03:15:52 2020 +0000
-
-    upstream: Check that the addresses supplied to Match Address and
-    
-    Match LocalAddress are valid when parsing in config-test mode.  This will
-    catch address/mask mismatches before they cause problems at runtime. Found by
-    Daniel Stocker, ok djm@
-    
-    OpenBSD-Commit-ID: 2d0b10c69fad5d8fda4c703e7c6804935289378b
-
-commit 2a3a9822311a565a9df48ed3b6a3c972f462bd7d
-Author: jmc@openbsd.org <jmc@openbsd.org>
-Date:   Thu Aug 27 12:34:00 2020 +0000
-
-    upstream: sentence fix; from pedro martelletto
-    
-    OpenBSD-Commit-ID: f95b84a1e94e9913173229f3787448eea2f8a575
+    depend
 
-commit ce178be0d954b210c958bc2b9e998cd6a7aa73a9
+commit 2fb25ca11e8b281363a2a2a4dec4c497a1475d9a
 Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Aug 27 20:01:52 2020 +1000
-
-    tweak back-compat for older libfido2
-
-commit d6f45cdde031acdf434bbb27235a1055621915f4
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Thu Aug 27 09:46:04 2020 +0000
+Date:   Fri Apr 16 13:53:02 2021 +1000
 
-    upstream: debug()-print a little info about FIDO-specific key
-    
-    fields via "ssh-keygen -vyf /path/key"
-    
-    OpenBSD-Commit-ID: cf315c4fe77db43947d111b00155165cb6b577cf
+    crank version in README and RPM spec files
 
-commit b969072cc3d62d05cb41bc6d6f3c22c764ed932f
+commit b2b60ebab0cb77b5bc02d364d72e13db882f33ae
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Thu Aug 27 09:43:28 2020 +0000
+Date:   Fri Apr 16 03:42:00 2021 +0000
 
-    upstream: skip a bit more FIDO token selection logic when only a
-    
-    single token is attached.
-    
-    with Pedro Martelletto
+    upstream: openssh-8.6
     
-    OpenBSD-Commit-ID: e4a324bd9814227ec1faa8cb619580e661cca9ac
+    OpenBSD-Commit-ID: b5f3e133c846127ec114812248bc17eff07c3e19
 
-commit 744df42a129d7d7db26947b7561be32edac89f88
-Author: jmc@openbsd.org <jmc@openbsd.org>
-Date:   Thu Aug 27 06:15:22 2020 +0000
+commit faf2b86a46c9281d237bcdec18c99e94a4eb820a
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Thu Apr 15 16:24:31 2021 +0000
 
-    upstream: tweak previous;
+    upstream: do not pass file/func to monitor; noted by Ilja van Sprundel;
     
-    OpenBSD-Commit-ID: 92714b6531e244e4da401b2defaa376374e24be7
-
-commit e32479645ce649b444ba5c6e7151304306a09654
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Thu Aug 27 03:55:22 2020 +0000
-
-    upstream: adapt to API changes
+    ok djm@
     
-    OpenBSD-Regress-ID: 5f147990cb67094fe554333782ab268a572bb2dd
+    OpenBSD-Commit-ID: 85ae5c063845c410283cbdce685515dcd19479fa
 
-commit bbcc858ded3fbc46abfa7760e40389e3ca93884c
+commit 2dc328023f60212cd29504fc05d849133ae47355
 Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Aug 27 12:37:12 2020 +1000
-
-    degrade semi-gracefully when libfido2 is too old
-
-commit 9cbbdc12cb6a2ab1e9ffe9974cca91d213c185c2
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Thu Aug 27 01:15:36 2020 +0000
-
-    upstream: dummy firmware needs to match API version numner crank (for
-    
-    verify-required resident keys) even though it doesn't implement this feature
-    
-    OpenBSD-Regress-ID: 86579ea2891e18e822e204413d011b2ae0e59657
-
-commit c1e76c64956b424ba260fd4eec9970e5b5859039
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Thu Aug 27 02:11:09 2020 +0000
-
-    upstream: remove unreachable code I forgot to delete in r1.334
-    
-    OpenBSD-Commit-ID: 9ed6078251a0959ee8deda443b9ae42484fd8b18
-
-commit 0caff05350bd5fc635674c9e051a0322faba5ae3
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Thu Aug 27 01:08:45 2020 +0000
-
-    upstream: Request PIN ahead of time for certain FIDO actions
-    
-    When we know that a particular action will require a PIN, such as
-    downloading resident keys or generating a verify-required key, request
-    the PIN before attempting it.
-    
-    joint work with Pedro Martelletto; ok markus@
-    
-    OpenBSD-Commit-ID: 863182d38ef075bad1f7d20ca485752a05edb727
-
-commit b649b3daa6d4b8ebe1bd6de69b3db5d2c03c9af0
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Thu Aug 27 01:08:19 2020 +0000
-
-    upstream: preserve verify-required for resident FIDO keys
-    
-    When downloading a resident, verify-required key from a FIDO token,
-    preserve the verify-required in the private key that is written to
-    disk. Previously we weren't doing that because of lack of support
-    in the middleware API.
-    
-    from Pedro Martelletto; ok markus@ and myself
-    
-    OpenBSD-Commit-ID: 201c46ccdd227cddba3d64e1bdbd082afa956517
-
-commit 642e06d0df983fa2af85126cf4b23440bb2985bf
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Thu Aug 27 01:07:51 2020 +0000
-
-    upstream: major rework of FIDO token selection logic
-    
-    When PINs are in use and multiple FIDO tokens are attached to a host, we
-    cannot just blast requests at all attached tokens with the PIN specified
-    as this will cause the per-token PIN failure counter to increment. If
-    this retry counter hits the token's limit (usually 3 attempts), then the
-    token will lock itself and render all (web and SSH) of its keys invalid.
-    We don't want this.
-    
-    So this reworks the key selection logic for the specific case of
-    multiple keys being attached. When multiple keys are attached and the
-    operation requires a PIN, then the user must touch the key that they
-    wish to use first in order to identify it.
-    
-    This may require multiple touches, but only if there are multiple keys
-    attached AND (usually) the operation requires a PIN. The usual case of a
-    single key attached should be unaffected.
-    
-    Work by Pedro Martelletto; ok myself and markus@
-    
-    OpenBSD-Commit-ID: 637d3049ced61b7a9ee796914bbc4843d999a864
-
-commit 801c9f095e6d8b7b91aefd98f5001c652ea13488
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Thu Aug 27 01:07:09 2020 +0000
-
-    upstream: support for requiring user verified FIDO keys in sshd
-    
-    This adds a "verify-required" authorized_keys flag and a corresponding
-    sshd_config option that tells sshd to require that FIDO keys verify the
-    user identity before completing the signing/authentication attempt.
-    Whether or not user verification was performed is already baked into the
-    signature made on the FIDO token, so this is just plumbing that flag
-    through and adding ways to require it.
-    
-    feedback and ok markus@
-    
-    OpenBSD-Commit-ID: 3a2313aae153e043d57763d766bb6d55c4e276e6
-
-commit 9b8ad93824c682ce841f53f3b5762cef4e7cc4dc
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Thu Aug 27 01:06:18 2020 +0000
+Date:   Wed Apr 14 11:42:55 2021 +1000
 
-    upstream: support for user-verified FIDO keys
-    
-    FIDO2 supports a notion of "user verification" where the user is
-    required to demonstrate their identity to the token before particular
-    operations (e.g. signing). Typically this is done by authenticating
-    themselves using a PIN that has been set on the token.
-    
-    This adds support for generating and using user verified keys where
-    the verification happens via PIN (other options might be added in the
-    future, but none are in common use now). Practically, this adds
-    another key generation option "verify-required" that yields a key that
-    requires a PIN before each authentication.
-    
-    feedback markus@ and Pedro Martelletto; ok markus@
+    sshd don't exit on transient read errors
     
-    OpenBSD-Commit-ID: 57fd461e4366f87c47502c5614ec08573e6d6a15
+    openssh-8.5 introduced a regression that would cause sshd to exit
+    because of transient read errors on the network socket (e.g. EINTR,
+    EAGAIN). Reported by balu.gajjala AT gmail.com via bz3297
 
-commit 1196d7f49d4fbc90f37e550de3056561613b0960
-Author: cheloha@openbsd.org <cheloha@openbsd.org>
-Date:   Wed Aug 12 01:23:45 2020 +0000
+commit d5d6b7d76d171a2e6861609dcd92e714ee62ad88
+Author: Damien Miller <djm@mindrot.org>
+Date:   Sat Apr 10 18:45:00 2021 +1000
 
-    upstream: ssh-keyscan(1): simplify conloop() with timercmp(3),
-    
-    timersub(3); ok djm@
-    
-    OpenBSD-Commit-ID: a102acb544f840d33ad73d40088adab4a687fa27
+    perform report_failed_grab() inline
 
-commit d0a195c89e26766d3eb8f3e4e2a00ebc98b57795
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Aug 11 09:49:57 2020 +0000
+commit ea996ce2d023aa3c6d31125e2c3ebda1cb42db8c
+Author: Damien Miller <djm@mindrot.org>
+Date:   Sat Apr 10 18:22:57 2021 +1000
 
-    upstream: let ssh_config(5)'s AddKeysToAgent keyword accept a time
-    
-    limit for keys in addition to its current flag options. Time-limited keys
-    will automatically be removed from ssh-agent after their expiry time has
-    passed; ok markus@
+    dedicated gnome-ssk-askpass3 source
     
-    OpenBSD-Commit-ID: 792e71cacbbc25faab5424cf80bee4a006119f94
-
-commit e9c2002891a7b8e66f4140557a982978f372e5a3
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Aug 11 09:45:54 2020 +0000
-
-    upstream: let the "Confirm user presence for key ..." ssh-askpass
+    Compatibility with Wayland requires that we use the gdk_seat_grab()
+    API for grabbing mouse/keyboard, however these API don't exist in
+    Gtk+2.
     
-    notification respect $SSH_ASKPASS_REQUIRE; ok markus@
+    This branches gnome-ssk-askpass2.c => gnome-ssk-askpass3.c and
+    makes the changes to use the gdk_seat_grab() instead of grabbing
+    mouse/focus separately via GDK.
     
-    OpenBSD-Commit-ID: 7c1a616b348779bda3b9ad46bf592741f8e206c1
+    In the future, we can also use the branched file to avoid some
+    API that has been soft-deprecated in GTK+3, e.g. gtk_widget_modify_fg
 
-commit eaf8672b1b52db2815a229745f4e4b08681bed6d
+commit bfa5405da05d906ffd58216eb77c4375b62d64c2
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Aug 21 00:04:13 2020 +1000
+Date:   Thu Apr 8 15:18:15 2021 +1000
 
-    Remove check for 'ent' command.
+    Ensure valgrind-out exists.
     
-    It was added in 8d1fd57a9 for measuring entropy of ssh_prng_cmds which
-    has long since been removed and there are no other references to it.
-
-commit 05c215de8d224e094a872d97d45f37f60c06206b
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Mon Aug 17 21:34:32 2020 +1000
-
-    Wrap stdint.h include in ifdef HAVE_STDINT_H.
-
-commit eaf2765efe8bc74feba85c34295d067637fc6635
-Author: Damien Miller <djm@mindrot.org>
-Date:   Mon Aug 10 13:24:09 2020 +1000
-
-    sync memmem.c with OpenBSD
+    Normally the regress tests would create it, but running the unit tests
+    on their own would fail because the directory did not exist.
 
-commit ed6bef77f5bb5b8f9ca2914478949e29f2f0a780
+commit 1f189181f3ea09a9b08aa866f78843fec800874f
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Aug 7 17:12:16 2020 +1000
+Date:   Thu Apr 8 15:17:19 2021 +1000
 
-    Always send any PAM account messages.
+    Pass OBJ to unit test make invocation.
     
-    If the PAM account stack reaturns any messages, send them to the user
-    not just if the check succeeds.  bz#2049, ok djm@
+    At least the Valgrind unit tests uses $OBJ.
 
-commit a09e98dcae1e26f026029b7142b0e0d10130056f
+commit f42b550c281d28bd19e9dd6ce65069164f3482b0
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Aug 7 15:37:37 2020 +1000
+Date:   Thu Apr 8 14:20:12 2021 +1000
 
-    Output test debug logs on failure.
+    Add pattern for valgrind-unit.
 
-commit eb122b1eebe58b29a83a507ee814cbcf8aeded1b
+commit 19e534462710e98737478fd9c44768b50c27c4c6
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Aug 7 15:11:42 2020 +1000
+Date:   Thu Apr 8 13:31:08 2021 +1000
 
-    Add ability to specify exact test target.
+    Run unit tests under valgrind.
+    
+    Run a separate build for the unit tests under Valgrind.  They take long
+    enough that running in parallel with the other Valgrind tests helps.
 
-commit c2ec7a07f8caabb4d8e00c66e7cd46bf2cd1e922
+commit 80032102d05e866dc2a48a5caf760cf42c2e090e
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Aug 7 14:21:15 2020 +1000
+Date:   Thu Apr 8 13:25:57 2021 +1000
 
-    Document --without-openssl and --without-zlib.
+    ifdef out MIN and MAX.
+    
+    In -portable, defines.h ensures that these are defined, so redefining
+    potentially causes a warning.  We don't just delete it to make any
+    future code syncs a little but easier.  bz#3293.
 
-commit 651bb3a31949bbdc3a78b2ede95a77bce0c72984
+commit d1bd184046bc310c405f45da3614a1dc5b3e521a
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Aug 7 14:15:11 2020 +1000
+Date:   Wed Apr 7 10:23:51 2021 +1000
 
-    Add without-openssl without-zlib test target.
+    Remove only use of warn().
+    
+    The warn() function is only used in one place in portable and does not
+    exist upstream.  Upgrade the only instance it's used to fail()
+    (the privsep/sandbox+proxyconnect, from back when that was new) and
+    remove the now-unused function.
 
-commit 9499f2bb01dc1032ae155999b2d7764b9491341f
-Author: Stefan Schindler <dns2utf8@estada.ch>
-Date:   Wed Aug 5 19:00:52 2020 +0200
+commit fea8f4b1aa85026ad5aee5ad8e1599a8d5141fe0
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Wed Apr 7 10:18:32 2021 +1000
 
-    Add CI with prepare script
+    Move make_tmpdir() into portable-specific area.
     
-    * Only use heimdal kerberos implementation
-    * Fetch yubico/libfido2 (see: https://github.com/Yubico/libfido2)
-    * Add one target for
-        * all features
-        * each feature alone
-        * no features
+    Reduces diff vs OpenBSD and makes it more likely diffs will apply
+    cleanly.
 
-commit ea1f649046546a860f68b97ddc3015b7e44346ca
-Author: Damien Miller <djm@mindrot.org>
-Date:   Wed Aug 5 08:58:57 2020 +1000
+commit 13e5fa2acffd26e754c6ee1d070d0afd035d4cb7
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Tue Apr 6 23:57:56 2021 +0000
 
-    support NetBSD's utmpx.ut_ss address field
+    upstream: Add TEST_SSH_ELAPSED_TIMES environment variable to print the
     
-    bz#960, ok dtucker
+    elapsed time in seconds of each test.  This depends on "date +%s" which is
+    not specified by POSIX but is commonly implemented.
+    
+    OpenBSD-Regress-ID: ec3c8c19ff49b2192116a0a646ee7c9b944e8a9c
 
-commit 32c63e75a70a0ed9d6887a55fcb0e4531a6ad617
-Author: Damien Miller <djm@mindrot.org>
-Date:   Tue Aug 4 14:59:21 2020 +1000
+commit ef4f46ab4387bb863b471bad124d46e8d911a79a
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Wed Apr 7 09:59:15 2021 +1000
 
-    wrap a declaration in the same ifdefs as its use
+    Move the TEST_SSH_PORT section down a bit.
     
-    avoids warnings on NetBSD
+    This groups the portable-specific changes together and makes it a
+    little more likely that patches will apply cleanly.
 
-commit c9e3be9f4b41fda32a2a0138d54c7a6b563bc94d
-Author: Damien Miller <djm@mindrot.org>
-Date:   Tue Aug 4 14:58:46 2020 +1000
+commit 3674e33fa70dfa1fe69b345bf576113af7b7be11
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Wed Apr 7 10:05:10 2021 +1000
 
-    undef TAILQ_CONCAT and friends
+    Further split Valgrind tests.
     
-    Needed for NetBSD. etc that supply these macros
+    Even split in two, the Valgrind tests take by far the longest to run,
+    so split them four ways to further increase parallelism.
 
-commit 2d8a3b7e8b0408dfeb933ac5cfd3a58f5bac49af
+commit 961af266b861e30fce1e26170ee0dbb5bf591f29
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Aug 3 02:53:51 2020 +0000
+Date:   Tue Apr 6 23:24:30 2021 +0000
 
-    upstream: ensure that certificate extensions are lexically sorted.
+    upstream: include "ssherr.h" not <ssherr.h>; from Balu Gajjala via
     
-    Previously if the user specified a custom extension then the everything would
-    be in order except the custom ones. bz3198 ok dtucker markus
+    bz#3292
     
-    OpenBSD-Commit-ID: d97deb90587b06cb227c66ffebb2d9667bf886f0
+    OpenBSD-Commit-ID: e9535cd9966eb2e69e73d1ede1f44905c30310bd
 
-commit a8732d74cb8e72f0c6366015687f1e649f60be87
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Aug 3 02:43:41 2020 +0000
+commit e7d0a285dbdd65d8df16123ad90f15e91862f959
+Author: Damien Miller <djm@mindrot.org>
+Date:   Wed Apr 7 08:50:38 2021 +1000
 
-    upstream: allow -A to explicitly enable agent forwarding in scp and
-    
-    sftp. The default remains to not forward an agent, even when ssh_config
-    enables it. ok jmc dtucker markus
-    
-    OpenBSD-Commit-ID: 36cc526aa3b0f94e4704b8d7b969dd63e8576822
+    wrap struct rlimit in HAVE_GETRLIMIT too
 
-commit ab9105470a83ed5d8197959a1b1f367399958ba1
-Author: deraadt@openbsd.org <deraadt@openbsd.org>
-Date:   Mon Aug 3 02:42:49 2020 +0000
+commit f283a6c2e0a9bd9369e18462acd00be56fbe5b0d
+Author: Damien Miller <djm@mindrot.org>
+Date:   Wed Apr 7 08:20:35 2021 +1000
 
-    upstream: clang -Wimplicit-fallthrough does not recognise /*
-    
-    FALLTHROUGH */ comments, which is the style we currently use, and gives too
-    many boring warnings. ok djm
-    
-    OpenBSD-Commit-ID: 07b5031e9f49f2b69ac5e85b8da4fc9e393992a0
+    wrap getrlimit call in HAVE_GETRLIMIT; bz3291
 
-commit ced327b9fb78c94d143879ef4b2a02cbc5d38690
+commit 679bdc4a5c9244f427a7aee9c14b0a0ed086da1f
 Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Jul 31 04:19:37 2020 +0000
+Date:   Tue Apr 6 09:07:33 2021 +0000
 
-    upstream: Also compare username when checking for JumpHost loops.
+    upstream: Don't check return value of unsetenv(). It's part of the
     
-    bz#3057, ok djm@
+    environment setup and not part of the actual test, and some platforms
+    -portable runs on declare it as returning void, which prevents the test from
+    compiling.
     
-    OpenBSD-Commit-ID: 9bbc1d138adb34c54f3c03a15a91f75dbf418782
+    OpenBSD-Regress-ID: 24f08543ee3cdebc404f2951f3e388cc82b844a1
 
-commit ae7527010c44b3376b85d036a498f136597b2099
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Jul 31 15:19:04 2020 +1000
+commit 320af2f3de6333aa123f1b088eca146a245e968a
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Sun Apr 4 11:36:56 2021 +0000
 
-    Remove AC_REVISION.
+    upstream: remove stray inserts; from matthias schmidt
     
-    It hasn't been useful since we switched to git in 2014.  ok djm@
+    OpenBSD-Commit-ID: 2c36ebdc54e14bbf1daad70c6a05479a073d5c63
 
-commit 89fc3f414be0ce4e8008332a9739a7d721269e50
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Tue Jul 28 19:40:30 2020 +1000
+commit 801f710953b24dd2f21939171c622eac77c7484d
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Sun Apr 4 06:11:24 2021 +0000
 
-    Use argv in OSSH_CHECK_CFLAG_COMPILE test.
+    upstream: missing comma; from kawashima james
     
-    configure.ac is not detecting -Wextra in compilers that implement the
-    option. The problem is that -Wextra implies -Wunused-parameter, and the
-    C excerpt used by aclocal.m4 does not use argv.  Patch from pedro at
-    ambientworks.net, ok djm@
+    OpenBSD-Commit-ID: 31cec6bf26c6db4ffefc8a070715ebef274e68ea
 
-commit 62c81ef531b0cc7ff655455dd34f5f0c94f48e82
+commit b3ca08cb174266884d44ec710a84cd64c12414ea
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Mon Jul 20 22:12:07 2020 +1000
+Date:   Mon Apr 5 23:46:42 2021 +1000
 
-    Skip ECDSA-SK webauthn test when built w/out ECC
+    Install libcbor with libfido2.
 
-commit 3ec9a6d7317236a9994887d8bd5d246af403a00d
+commit f3ca8af87a4c32ada660da12ae95cf03d190c083
 Author: Damien Miller <djm@mindrot.org>
-Date:   Mon Jul 20 13:09:25 2020 +1000
+Date:   Sat Apr 3 18:21:08 2021 +1100
 
-    Add ssh-sk-helper and manpage to RPM spec file
+    enable authopt and misc unit tests
     
-    Based on patch from Fabio Pedretti
+    Neither were wired into the build, both required some build
+    adaptations for -portable
 
-commit a2855c048b3f4b17d8787bd3f24232ec0cd79abe
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Jul 17 07:09:24 2020 +0000
+commit dc1b45841fb97e3d7f655ddbcfef3839735cae5f
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Apr 3 06:58:30 2021 +0000
 
-    upstream: Add %k to the TOKENs for Match Exec for consistency with
+    upstream: typos in comments; GHPR#180 from Vill
     
-    the other keywords that recently got %k.
+    =?UTF-8?q?e=20Skytt=C3=A4?=
+    MIME-Version: 1.0
+    Content-Type: text/plain; charset=UTF-8
+    Content-Transfer-Encoding: 8bit
     
-    OpenBSD-Commit-ID: 1857d1c40f270cbc254fca91e66110641dddcfdb
+    OpenBSD-Commit-ID: 93c732381ae0e2b680c79e67c40c1814b7ceed2c
 
-commit 69860769fa9f4529d8612ec055ae11912f7344cf
-Author: jmc@openbsd.org <jmc@openbsd.org>
-Date:   Fri Jul 17 05:59:05 2020 +0000
+commit 53ea05e09b04fd7b6dea66b42b34d65fe61b9636
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Apr 3 06:55:52 2021 +0000
 
-    upstream: fix macro slip in previous;
+    upstream: sync CASignatureAlgorithms lists with reality. GHPR#174 from
     
-    OpenBSD-Commit-ID: 624e47ab209450ad9ad5c69f54fa69244de5ed9a
+    Matt Hazinski
+    
+    OpenBSD-Commit-ID: f05e4ca54d7e67b90fe58fe1bdb1d2a37e0e2696
 
-commit 40649bd0822883b684183854b16d0b8461d5697b
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Jul 17 07:10:24 2020 +0000
+commit 57ed647ee07bb883a2f2264231bcd1df6a5b9392
+Author: Damien Miller <djm@mindrot.org>
+Date:   Sat Apr 3 17:47:37 2021 +1100
 
-    upstream: Add test for '%k' (HostKeyAlias) TOKEN.
+    polish whitespace for portable files
+
+commit 31d8d231eb9377df474746a822d380c5d68d7ad6
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Apr 3 06:18:40 2021 +0000
+
+    upstream: highly polished whitespace, mostly fixing spaces-for-tab
     
-    OpenBSD-Regress-ID: 8ed1ba1a811790031aad3fcea860a34ad7910456
+    and bad indentation on continuation lines. Prompted by GHPR#185
+    
+    OpenBSD-Commit-ID: e5c81f0cbdcc6144df1ce468ec1bac366d8ad6e9
 
-commit 6736fe680704a3518cb4f3f8f6723b00433bd3dd
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Jul 17 03:26:58 2020 +0000
+commit 34afde5c73b5570d6f8cce9b49993b23b77bfb86
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Apr 3 05:54:14 2021 +0000
 
-    upstream: Add tests for expansions on UserKnownHostsFile.
+    upstream: whitespace (tab after space)
     
-    OpenBSD-Regress-ID: bccf8060306c841bbcceb1392644f906a4d6ca51
+    OpenBSD-Commit-ID: 0e2b3f7674e985d3f7c27ff5028e690ba1c2efd4
 
-commit 287dc6396e0f9cb2393f901816dbd7f2a7dfbb5f
+commit 7cd262c1c5a08cc7f4f30e3cab108ef089d0a57b
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Sat Apr 3 16:59:10 2021 +1100
+
+    Save config.h and config.log on failure too.
+
+commit 460aee9298f365357e9fd26851c22e0dca51fd6a
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Jul 17 03:51:32 2020 +0000
+Date:   Sat Apr 3 05:46:41 2021 +0000
 
-    upstream: log error message for process_write() write failures
+    upstream: fix incorrect plural; from Ville Skyt
     
-    OpenBSD-Commit-ID: f733d7b3b05e3c68967dc18dfe39b9e8fad29851
+    =?UTF-8?q?t=C3=A4=20via=20GHPR#181?=
+    MIME-Version: 1.0
+    Content-Type: text/plain; charset=UTF-8
+    Content-Transfer-Encoding: 8bit
+    
+    OpenBSD-Commit-ID: 92f31754c6296d8f403d7c293e09dc27292d22c9
 
-commit 8df5774a42d2eaffe057bd7f293fc6a4b1aa411c
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Jul 17 03:43:42 2020 +0000
+commit 082804c14e548cada75c81003a3c68ee098138ee
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Apr 3 05:40:39 2021 +0000
 
-    upstream: Add a '%k' TOKEN that expands to the effective HostKey of
+    upstream: ensure that pkcs11_del_provider() is called before exit -
     
-    the destination.  This allows, eg, keeping host keys in individual files
-    using "UserKnownHostsFile ~/.ssh/known_hosts.d/%k". bz#1654, ok djm@, jmc@
-    (man page bits)
+    some PKCS#11 providers get upset if C_Initialize is not matched with
+    C_Finalize.
     
-    OpenBSD-Commit-ID: 7084d723c9cc987a5c47194219efd099af5beadc
+    From Adithya Baglody via GHPR#234; ok markus
+    
+    OpenBSD-Commit-ID: f8e770e03b416ee9a58f9762e162add900f832b6
 
-commit c4f239944a4351810fd317edf408bdcd5c0102d9
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Jul 17 03:23:10 2020 +0000
+commit 464ebc82aa926dd132ec75a0b064574ef375675e
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Apr 3 05:28:43 2021 +0000
 
-    upstream: Add %-TOKEN, environment variable and tilde expansion to
-    
-    UserKnownHostsFile, allowing the file to be automagically split up in the
-    configuration (eg bz#1654).  ok djm@, man page parts jmc@
+    upstream: unused variable
     
-    OpenBSD-Commit-ID: 7e1b406caf147638bb51558836a72d6cc0bd1b18
+    OpenBSD-Commit-ID: 85f6a394c8e0f60d15ecddda75176f112007b205
 
-commit dbaaa01daedb423c38124a72c471982fb08a16fb
-Author: solene@openbsd.org <solene@openbsd.org>
-Date:   Wed Jul 15 07:50:46 2020 +0000
+commit dc3c0be8208c488e64a8bcb7d9efad98514e0ffb
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Apr 3 05:21:46 2021 +0000
 
-    upstream: - Add [-a rounds] in ssh-keygen man page and usage() -
+    upstream: Fix two problems in string->argv conversion: 1) multiple
     
-    Reorder parameters list in the first usage() case - Sentence rewording
+    backslashes were not being dequoted correctly and 2) quoted space in the
+    middle of a string was being incorrectly split.
+    MIME-Version: 1.0
+    Content-Type: text/plain; charset=UTF-8
+    Content-Transfer-Encoding: 8bit
     
-    ok dtucker@
-    jmc@ noticed usage() missed -a flag too
+    A unit test for these cases has already been committed
     
-    OpenBSD-Commit-ID: f06b9afe91cc96f260b929a56e9930caecbde246
-
-commit 69924a92c3af7b99a7541aa544a2334ec0fb092c
-Author: jmc@openbsd.org <jmc@openbsd.org>
-Date:   Wed Jul 15 05:40:05 2020 +0000
-
-    upstream: start sentence with capital letter;
+    prompted by and based on GHPR#223 by Eero Häkkinen; ok markus@
     
-    OpenBSD-Commit-ID: ab06581d51b2b4cc1b4aab781f7f3cfa56cad973
+    OpenBSD-Commit-ID: d7ef27abb4eeeaf6e167e9312e4abe9e89faf1e4
 
-commit 5b56bd0affea7b02b540bdbc4d1d271b0e4fc885
+commit f75bcbba58a08c670727ece5e3f8812125969799
 Author: Damien Miller <djm@mindrot.org>
-Date:   Fri Jul 17 13:15:50 2020 +1000
+Date:   Sat Apr 3 16:22:48 2021 +1100
 
-    detect Linux/X32 systems
-    
-    This is a frankenstein monster of AMD64 instructions/calling conventions
-    but with a 4GB address space. Allegedly deprecated but people still run
-    into it causing weird sandbox failures, e.g. bz#3085
+    missing bits from 259d648e
 
-commit 9c9ddc1391d6af8d09580a2424ab467d0a5df3c7
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Wed Jul 15 06:43:16 2020 +0000
+commit 4cbc4a722873d9b68cb5496304dc050d7168df78
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Mar 31 21:59:26 2021 +0000
 
-    upstream: Fix previous by calling the correct function.
+    upstream: cannot effectively test posix-rename extension after
     
-    OpenBSD-Regress-ID: 821cdd1dff9c502cceff4518b6afcb81767cad5a
+    changes in feature advertisment.
+    
+    OpenBSD-Regress-ID: 5e390bf88d379162aaa81b60ed86b34cb0c54d29
 
-commit f1a4798941b4372bfe5e46f1c0f8672fe692d9e4
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Wed Jul 15 05:36:50 2020 +0000
+commit 259d648e63e82ade4fe2c2c73c8b67fe57d9d049
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Mar 19 04:23:50 2021 +0000
 
-    upstream: Update test to match recent change in match.c
+    upstream: add a test for misc.c:argv_split(), currently fails
     
-    OpenBSD-Regress-ID: 965bda1f95f09a765050707340c73ad755f41167
+    OpenBSD-Regress-ID: ad6b96d6ebeb9643b698b3575bdd6f78bb144200
 
-commit d7e71be4fd57b7c7e620d733cdf2333b27bfa924
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Wed Jul 15 15:30:43 2020 +1000
+commit 473ddfc2d6b602cb2d1d897e0e5c204de145cd9a
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Mar 19 03:25:01 2021 +0000
 
-    Adjust portable code to match changes in 939d787d,
+    upstream: split
+    
+    OpenBSD-Regress-ID: f6c03c0e4c58b3b9e04b161757b8c10dc8378c34
 
-commit fec89f32a84fd0aa1afc81deec80a460cbaf451a
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Wed Jul 15 04:27:34 2020 +0000
+commit 1339800fef8d0dfbfeabff71b34670105bcfddd2
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Mar 31 22:16:34 2021 +0000
 
-    upstream: Add default for number of rounds (-a). ok djm@
+    upstream: Use new limits@openssh.com protocol extension to let the
     
-    OpenBSD-Commit-ID: cb7e9aa04ace01a98e63e4bd77f34a42ab169b15
+    client select good limits based on what the server supports. Split the
+    download and upload buffer sizes to allow them to be chosen independently.
+    
+    In practice (and assuming upgraded sftp/sftp-server at each end), this
+    increases the download buffer 32->64KiB and the upload buffer
+    32->255KiB.
+    
+    Patches from Mike Frysinger; ok dtucker@
+    
+    OpenBSD-Commit-ID: ebd61c80d85b951b794164acc4b2f2fd8e88606c
 
-commit aaa8b609a7b332be836cd9a3b782422254972777
+commit 6653c61202d104e59c8e741329fcc567f7bc36b8
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Jul 14 23:57:01 2020 +0000
+Date:   Wed Mar 31 21:58:07 2021 +0000
 
-    upstream: allow some additional control over the use of ssh-askpass
+    upstream: do not advertise protocol extensions that have been
     
-    via $SSH_ASKPASS_REQUIRE, including force-enable/disable. bz#69 ok markus@
+    disallowed by the command-line options (e.g. -p/-P/-R); ok dtucker@
     
-    OpenBSD-Commit-ID: 3a1e6cbbf6241ddc4405c4246caa2c249f149eb2
+    OpenBSD-Commit-ID: 3a8a76b3f5131741aca4b41bfab8d101c9926205
 
-commit 6368022cd4dd508671c4999a59ec5826df098530
-Author: deraadt@openbsd.org <deraadt@openbsd.org>
-Date:   Tue Jul 7 02:47:21 2020 +0000
+commit 71241fc05db4bbb11bb29340b44b92e2575373d8
+Author: Damien Miller <djm@mindrot.org>
+Date:   Mon Mar 29 15:14:25 2021 +1100
 
-    upstream: correct recently broken comments
-    
-    OpenBSD-Commit-ID: 964d9a88f7de1d0eedd3f8070b43fb6e426351f1
+    gnome-ssh-askpass3 is a valid target here
 
-commit 6d755706a0059eb9e2d63517f288b75cbc3b4701
+commit 8a9520836e71830f4fccca066dba73fea3d16bda
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sun Jul 5 23:59:45 2020 +0000
+Date:   Fri Mar 19 02:22:34 2021 +0000
 
-    upstream: some language improvements; ok markus
+    upstream: return non-zero exit status when killed by signal; bz#3281 ok
     
-    OpenBSD-Commit-ID: 939d787d571b4d5da50b3b721fd0b2ac236acaa8
+    dtucker@
+    
+    OpenBSD-Commit-ID: 117b31cf3c807993077b596bd730c24da9e9b816
 
-commit b0c1e8384d5e136ebdf895d1434aea7dd8661a1c
-Author: markus@openbsd.org <markus@openbsd.org>
-Date:   Fri Jul 3 10:12:26 2020 +0000
+commit 1269b8a686bf1254b03cd38af78167a04aa6ec88
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Mar 19 02:18:28 2021 +0000
 
-    upstream: update setproctitle after re-exec; ok djm
+    upstream: increase maximum SSH2_FXP_READ to match the maximum
     
-    OpenBSD-Commit-ID: bc92d122f9184ec2a9471ade754b80edd034ce8b
+    packet size. Also handle zero-length reads that are borderline nonsensical
+    but not explicitly banned by the spec. Based on patch from Mike Frysinger,
+    feedback deraadt@ ok dtucker@
+    
+    OpenBSD-Commit-ID: 4e67d60d81bde7b84a742b4ee5a34001bdf80d9c
 
-commit cd119a5ec2bf0ed5df4daff3bd14f8f7566dafd3
-Author: markus@openbsd.org <markus@openbsd.org>
-Date:   Fri Jul 3 10:11:33 2020 +0000
+commit 860b67604416640e8db14f365adc3f840aebcb1f
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Mar 16 06:15:43 2021 +0000
 
-    upstream: keep ignoring HUP after fork+exec; ok djm
+    upstream: don't let logging clobber errno before use
     
-    OpenBSD-Commit-ID: 7679985a84ee5ceb09839905bb6f3ddd568749a2
+    OpenBSD-Commit-ID: ce6cca370005c270c277c51c111bb6911e1680ec
 
-commit 8af4a743693ccbea3e15fc9e93edbeb610fa94f4
-Author: markus@openbsd.org <markus@openbsd.org>
-Date:   Fri Jul 3 10:10:17 2020 +0000
+commit 5ca8a9216559349c56e09039c4335636fd85c241
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Sat Mar 13 14:40:43 2021 +1100
 
-    upstream: don't exit the listener on send_rexec_state errors; ok
-    
-    djm
+    Only call dh_set_moduli_file if using OpenSSL.
     
-    OpenBSD-Commit-ID: 57cbd757d130d3f45b7d41310b3a15eeec137d5c
+    Fixes link failure when configuring --without-openssl since dh.c is not
+    linked in.
 
-commit 03da4c2b70468f04ed1c08518ea0a70e67232739
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Wed Jul 15 04:55:47 2020 +0000
+commit 867a7dcf003c51d5a83f83565771a35f0d9530ac
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Sat Mar 13 13:52:53 2021 +1100
 
-    upstream: Use $OBJ to find key files. Fixes test when run on an obj
-    
-    directory (on OpenBSD) or out of tree (in Portable).
+    Don't install moduli during tests.
     
-    OpenBSD-Regress-ID: 938fa8ac86adaa527d64a305bd2135cfbb1c0a17
+    Now that we have TEST_SSH_MODULI_FILE pointing to the moduli in the
+    soure directory we don't need to install the file to prevent warnings
+    about it being missing.
 
-commit 73f20f195ad18f1cf633eb7d8be95dc1b6111eea
+commit 0c054538fccf92b4a028008321d3711107bee6d5
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Sat Jul 4 23:11:23 2020 +1000
+Date:   Sat Mar 13 13:51:26 2021 +1100
 
-    Wrap stdint.h in ifdef HAVE_STDINT_H.
+    Point TEST_SSH_MODULI_FILE at our own moduli.
+    
+    This will allow the test to run without requiring a moduli file
+    installed at the configured default path.
 
-commit aa6fa4bf3023fa0e5761cd8f4b2cd015d2de74dd
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Jul 3 07:25:18 2020 +0000
+commit 4d48219c72ab0c71238806f057f0e9630b7dd25c
+Author: jsg@openbsd.org <jsg@openbsd.org>
+Date:   Fri Mar 12 05:18:01 2021 +0000
 
-    upstream: put back the mux_ctx memleak fix, but only for channels of
-    
-    type SSH_CHANNEL_MUX_LISTENER; Specifically SSH_CHANNEL_MUX_PROXY channels
-    should not have this structure freed.
+    upstream: spelling
     
-    OpenBSD-Commit-ID: f3b213ae60405f77439e2b06262f054760c9d325
+    OpenBSD-Commit-ID: 478bc3db04f62f1048ed6e1765400f3ab325e60f
 
-commit d8195914eb43b20b13381f4e5a74f9f8a14f0ded
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Jul 3 07:17:35 2020 +0000
+commit 88057eb6df912abf2678ea5c846d9d9cbc92752c
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Mar 12 04:08:19 2021 +0000
 
-    upstream: revert r1.399 - the lifetime of c->mux_ctx is more complex;
+    upstream: Add ModuliFile keyword to sshd_config to specify the
     
-    simply freeing it here causes other problems
+    location of the "moduli" file containing the groups for DH-GEX.  This will
+    allow us to run tests against arbitrary moduli files without having to
+    install them. ok djm@
     
-    OpenBSD-Commit-ID: c6fee8ca94e2485faa783839541962be2834c5ed
+    OpenBSD-Commit-ID: 8df99d60b14ecaaa28f3469d01fc7f56bff49f66
 
-commit 20b5fab9f773b3d3c7f06cb15b8f69a2c081ee80
+commit f07519a2af96109325b5a48b1af18b57601074ca
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Jul 3 07:02:37 2020 +0000
+Date:   Fri Mar 12 03:43:40 2021 +0000
 
-    upstream: avoid tilde_expand_filename() in expanding ~/.ssh/rc - if
+    upstream: pwcopy() struct passwd that we're going to reuse across a
     
-    sshd is in chroot mode, the likely absence of a password database will cause
-    tilde_expand_filename() to fatal; ok dtucker@
+    bunch of library calls; bz3273 ok dtucker@
     
-    OpenBSD-Commit-ID: e20aee6159e8b79190d18dba1513fc1b7c8b7ee1
+    OpenBSD-Commit-ID: b6eafa977b2e44607b1b121f5de855107809b762
 
-commit c8935081db35d73ee6355999142fa0776a2af912
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Jul 3 06:46:41 2020 +0000
+commit 69d6d4b0c8a88d3d1288415605f36e2df61a2f12
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Wed Mar 10 06:32:27 2021 +0000
 
-    upstream: when redirecting sshd's log output to a file, undo this
-    
-    redirection after the session child process is forked(); ok dtucker@
+    upstream: Import regenerated moduli file.
     
-    OpenBSD-Commit-ID: 6df86dd653c91f5bc8ac1916e7680d9d24690865
+    OpenBSD-Commit-ID: 7ac6c252d2a5be8fbad4c66d9d35db507c9dac5b
 
-commit 183c4aaef944af3a1a909ffa01058c65bac55748
+commit e5895e8ecfac65086ea6b34d0d168409a66a15e1
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Jul 3 06:29:57 2020 +0000
+Date:   Wed Mar 10 04:58:45 2021 +0000
 
-    upstream: start ClientAliveInterval bookkeeping before first pass
+    upstream: no need to reset buffer after send_msg() as that is done
     
-    through select() loop; fixed theoretical case where busy sshd may ignore
-    timeouts from client; inspired by and ok dtucker
+    for us; patch from Mike Frysinger
     
-    OpenBSD-Commit-ID: 96bfc4b1f86c7da313882a84755b2b47eb31957f
-
-commit 6fcfd303d67f16695198cf23d109a988e40eefb6
-Author: Damien Miller <djm@mindrot.org>
-Date:   Fri Jul 3 15:28:27 2020 +1000
-
-    add check for fido_cred_set_prot() to configure
+    OpenBSD-Commit-ID: 565516495ff8362a38231e0f1a087b8ae66da59c
 
-commit f11b23346309e4d5138e733a49321aedd6eeaa2f
+commit 721948e67488767df0fa0db71ff2578ee2bb9210
 Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Jul 3 05:09:06 2020 +0000
+Date:   Sat Mar 13 01:52:16 2021 +0000
 
-    upstream: Only reset the serveralive check when we receive traffic from
+    upstream: Add TEST_SSH_MODULI_FILE variable to allow overriding of the
     
-    the server and ignore traffic from a port forwarding client, preventing a
-    client from keeping a connection alive when it should be terminated.  Based
-    on a patch from jxraynor at gmail.com via openssh-unix-dev and bz#2265, ok
-    djm@
+    moduli file used during the test run.
     
-    OpenBSD-Commit-ID: a941a575a5cbc244c0ef5d7abd0422bbf02c2dcd
+    OpenBSD-Regress-ID: be10f785263120edb64fc87db0e0d6570a10220a
 
-commit adfdbf1211914b631c038f0867a447db7b519937
-Author: Damien Miller <djm@mindrot.org>
-Date:   Fri Jul 3 15:15:15 2020 +1000
+commit 82fef71e20ffef425b932bec26f5bc46aa1ed41c
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Mar 12 15:58:57 2021 +1100
 
-    sync sys-queue.h with OpenBSD upstream
+    Allow (but return EACCES) fstatat64 in sandbox.
     
-    needed for TAILQ_CONCAT
+    This is apparently used in some configurations of OpenSSL when glibc
+    has getrandom().  bz#3276, patch from Kris Karas, ok djm@
 
-commit 1b90ddde49e2ff377204082b6eb130a096411dc1
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Jul 3 05:08:41 2020 +0000
+commit 1cd67ee15ce3d192ab51be22bc4872a6a7a4b6d9
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Mar 12 13:16:10 2021 +1100
 
-    upstream: fix memory leak of mux_ctx; patch from Sergiy Lozovsky
-    
-    via bz3189 ok dtucker
+    Move generic includes outside of ifdef.
     
-    OpenBSD-Commit-ID: db249bd4526fd42d0f4f43f72f7b8b7705253bde
+    This ensures that the macros in log.h are defined in the case where
+    either of --with-solaris-projects or --with-solaris-privs are used
+    without --with-solaris-contracts.  bz#3278.
 
-commit 55ef3e9cbd5b336bd0f89205716924886fcf86de
-Author: markus@openbsd.org <markus@openbsd.org>
-Date:   Wed Jul 1 16:28:31 2020 +0000
+commit 2421a567a8862fe5102a4e7d60003ebffd1313dd
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Wed Mar 10 17:41:21 2021 +1100
 
-    upstream: free kex in ssh_packet_close; ok djm semarie
-    
-    OpenBSD-Commit-ID: dbc181e90d3d32fd97b10d75e68e374270e070a2
+    Import regenerated moduli file.
 
-commit e1c401109b61f7dbc199b5099933d579e7fc5dc9
-Author: bket@openbsd.org <bket@openbsd.org>
-Date:   Sat Jun 27 13:39:09 2020 +0000
+commit e99080c05d9d48dbbdb022538533d53ae1bd567d
+Author: millert@openbsd.org <millert@openbsd.org>
+Date:   Sat Mar 6 20:36:31 2021 +0000
 
-    upstream: Replace TAILQ concatenation loops with TAILQ_CONCAT
+    upstream: Fix PRINT macro, the suffix param to sshlog() was missing.
     
-    OK djm@
+    Also remove redundant __func__ prefix from PRINT calls as the macro already
+    adds __FILE__, __func__ and __LINE__.  From Christos Zoulas. OK dtucker@
     
-    OpenBSD-Commit-ID: 454b40e09a117ddb833794358970a65b14c431ef
+    OpenBSD-Commit-ID: 01fdfa9c5541151b5461d9d7d6ca186a3413d949
 
-commit 14beca57ac92d62830c42444c26ba861812dc837
-Author: semarie@openbsd.org <semarie@openbsd.org>
-Date:   Fri Jun 26 11:26:01 2020 +0000
+commit 160db17fc678ceb5e3fd4a7e006cc73866f484aa
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Mar 3 22:41:49 2021 +0000
 
-    upstream: backout 1.293 fix kex mem-leak in ssh_packet_close at markus
-    
-    request
+    upstream: don't sshbuf_get_u32() into an enum; reported by goetze
     
-    the change introduced a NULL deref in sshpkt_vfatal() (uses of ssh->kex after
-    calling ssh_packet_clear_keys())
+    AT dovetail.com via bz3269
     
-    OpenBSD-Commit-ID: 9c9a6721411461b0b1c28dc00930d7251a798484
+    OpenBSD-Commit-ID: 99a30a8f1df9bd72be54e21eee5c56a0f050921a
 
-commit 598c3a5e3885080ced0d7c40fde00f1d5cdbb32b
-Author: Damien Miller <djm@mindrot.org>
-Date:   Fri Jun 26 16:07:12 2020 +1000
+commit cffd033817a5aa388764b6661855dcdaabab0588
+Author: sthen@openbsd.org <sthen@openbsd.org>
+Date:   Wed Mar 3 21:40:16 2021 +0000
 
-    document a PAM spec problem in a frustrated comment
+    upstream: typo in other_hostkeys_message() display output, ok djm
+    
+    OpenBSD-Commit-ID: 276f58afc97b6f5826e0be58380b737603dbf5f5
 
-commit 976c4f86286d52a0cb2aadf4a095d379c0da752e
+commit 7fe141b96b13bd7dc67ca985e14d55b9bd8a03fd
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Jun 26 05:42:16 2020 +0000
+Date:   Wed Mar 3 08:42:52 2021 +0000
 
-    upstream: avoid spurious error message when ssh-keygen creates files
-    
-    outside ~/.ssh; with dtucker@
+    upstream: needs FILE*; from Mike Frysinger
     
-    OpenBSD-Commit-ID: ac0c662d44607e00ec78c266ee60752beb1c7e08
+    OpenBSD-Commit-ID: dddb3aa9cb5792eeeaa37a1af67b5a3f25ded41d
 
-commit 32b2502a9dfdfded1ccdc1fd6dc2b3fe41bfc205
+commit d2afd717e62d76bb41ab5f3ab4ce6f885c8edc98
 Author: Damien Miller <djm@mindrot.org>
-Date:   Fri Jun 26 15:30:06 2020 +1000
+Date:   Tue Mar 2 21:31:47 2021 +1100
 
-    missing ifdef SELINUX; spotted by dtucker
+    update depend
 
-commit e073106f370cdd2679e41f6f55a37b491f0e82fe
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Jun 26 05:12:21 2020 +0000
+commit f0c4eddf7cf224ebcac1f07ac8afdb30c6e9fe0a
+Author: Damien Miller <djm@mindrot.org>
+Date:   Tue Mar 2 21:30:14 2021 +1100
 
-    upstream: regress test for ssh-add -d; ok dtucker@
-    
-    OpenBSD-Regress-ID: 3a2e044be616afc7dd4f56c100179e83b33d8abf
+    update relnotes URL
 
-commit c809daaa1bad6b1c305b0e0b5440360f32546c84
-Author: markus@openbsd.org <markus@openbsd.org>
-Date:   Wed Jun 24 15:16:23 2020 +0000
+commit 67a8bb7fe62a381634db4c261720092e7d514a3d
+Author: Damien Miller <djm@mindrot.org>
+Date:   Tue Mar 2 21:29:54 2021 +1100
 
-    upstream: add test for mux w/-Oproxy; ok djm
-    
-    OpenBSD-Regress-ID: 764d5c696e2a259f1316a056e225e50023abb027
+    update RPM spec version numbers
 
-commit 3d06ff4bbd3dca8054c238d2a94c0da563ef7eee
+commit 0a4b23b11b9a4e6eec332dd5c6ab2ac6f62aa164
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Jun 26 05:16:38 2020 +0000
+Date:   Tue Mar 2 01:48:18 2021 +0000
 
-    upstream: handle EINTR in waitfd() and timeout_connect() helpers;
-    
-    bz#3071; ok dtucker@
+    upstream: openssh-8.5
     
-    OpenBSD-Commit-ID: 08fa87be50070bd8b754d9b1ebb1138d7bc9d8ee
+    OpenBSD-Commit-ID: 185e85d60fe042b8f8fa1ef29d4ef637bdf397d6
 
-commit fe2ec0b9c19adeab0cd9f04b8152dc17f31c31e5
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Jun 26 05:04:07 2020 +0000
+commit de3866383b6720ad4cad83be76fe4c8aa111a249
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Mon Mar 1 21:13:24 2021 +1100
 
-    upstream: allow "ssh-add -d -" to read keys to be deleted from
-    
-    stdin bz#3180; ok dtucker@
-    
-    OpenBSD-Commit-ID: 15c7f10289511eb19fce7905c9cae8954e3857ff
+    Only upload config logs if configure fails.
 
-commit a3e0c376ffc11862fa3568b28188bd12965973e1
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Jun 26 05:03:36 2020 +0000
+commit 85ff2a564ce838f8690050081176c1de1fb33116
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Sun Feb 28 22:56:30 2021 +0000
 
-    upstream: constify a few things; ok dtucker (as part of another
+    upstream: Add %k to list of keywords. From
     
-    diff)
+    =?UTF-8?q?=20Eero=20H=C3=A4kkinenvia=20bz#3267?=
+    MIME-Version: 1.0
+    Content-Type: text/plain; charset=UTF-8
+    Content-Transfer-Encoding: 8bit
     
-    OpenBSD-Commit-ID: 7c17fc987085994d752304bd20b1ae267a9bcdf6
+    OpenBSD-Commit-ID: 9c87f39a048cee2a7d1c8bab951b2f716256865e
 
-commit 74344c3ca42c3f53b00b025daf09ae7f6aa38076
+commit e774bac35933e71f924f4301786e7fb5bbe1422f
 Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Jun 26 05:02:03 2020 +0000
+Date:   Sun Feb 28 01:50:47 2021 +0000
 
-    upstream: Defer creation of ~/.ssh by ssh(1) until we attempt to
+    upstream: Do not try to reset signal handler for signal 0 in
     
-    write to it so we don't leave an empty .ssh directory when it's not needed.
-    Use the same function to replace the code in ssh-keygen that does the same
-    thing. bz#3156, ok djm@
+    subprocess. Prevents spurious debug message.  ok djm@
     
-    OpenBSD-Commit-ID: 59c073b569be1a60f4de36f491a4339bc4ae870f
+    OpenBSD-Commit-ID: 7f9785e292dcf304457566ad4637effd27ad1d46
 
-commit c9e24daac6324fcbdba171392c325bf9ccc3c768
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Jun 26 04:45:11 2020 +0000
+commit 351c5dbbd74ce300c4f058112f9731c867c6e225
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Feb 27 23:42:37 2021 +0000
 
-    upstream: Expand path to ~/.ssh/rc rather than relying on it
-    
-    being relative to the current directory, so that it'll still be found if the
-    shell startup changes its directory.  Since the path is potentially longer,
-    make the cmd buffer that uses it dynamically sized.  bz#3185, with & ok djm@
+    upstream: fix alphabetic ordering of options; spotted by Iain Morgan
     
-    OpenBSD-Commit-ID: 36e33ff01497af3dc8226d0c4c1526fc3a1e46bf
+    OpenBSD-Commit-ID: f955fec617d74af0feb5b275831a9fee813d7ad5
 
-commit 07f5f369a25e228a7357ef6c57205f191f073d99
-Author: markus@openbsd.org <markus@openbsd.org>
-Date:   Wed Jun 24 15:12:09 2020 +0000
+commit 0d1c9dbe578597f8d45d3ac7690df10d32d743e5
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Sat Feb 27 12:25:25 2021 +1100
 
-    upstream: fix kex mem-leak in ssh_packet_close; ok djm
+    zlib is now optional.
+
+commit b7c6ee7b437d9adfd19ef49d6c0f19f13f26f9b3
+Author: Jeffrey H. Johnson <61629094+johnsonjh@users.noreply.github.com>
+Date:   Sat Feb 27 01:04:58 2021 +0000
+
+    Fix punctuatio and typo in README.md.
     
-    OpenBSD-Commit-ID: e2e9533f393620383afd0b68ef435de8d5e8abe4
+    Some very minor fixes, missing 's' and punctuation.
 
-commit e35995088cd6691a712bfd586bae8084a3a922ba
-Author: markus@openbsd.org <markus@openbsd.org>
-Date:   Wed Jun 24 15:10:38 2020 +0000
+commit 6248b86074804983e8f7a2058856a516dbfe2924
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Feb 26 16:45:50 2021 +1100
 
-    upstream: fix ssh -O proxy w/mux which got broken by no longer
+    Revert "ssh: optional bind interface if bind address specified."
     
-    making ssh->kex optional in packet.c revision 1.278 ok djm@
+    This reverts commit 5a878a71a3528c2626aa1d331934fd964782d41c.
     
-    OpenBSD-Commit-ID: 2b65df04a064c2c6277359921d2320c90ab7d917
+    Apologies - I accidentally pushed this.
 
-commit 250246fef22b87a54a63211c60a2def9be431fbd
-Author: markus@openbsd.org <markus@openbsd.org>
-Date:   Wed Jun 24 15:09:53 2020 +0000
+commit 493339a940b13be6071629c3c2dd5a3b6fc17023
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Feb 26 15:45:38 2021 +1100
 
-    upstream: support loading big sshd_config files w/o realloc; ok
+    detech BSD libc hash functions in libbsd / libmd
     
-    djm
+    Some Linux distributions are shipping the BSD-style hashing functions
+    (e.g. SHA256Update) in libbsd and/or libmd. Detect this situation to
+    avoid header/replacement clashes later. ok dtucker@
+
+commit 5a878a71a3528c2626aa1d331934fd964782d41c
+Author: Dmitrii Turlupov <dturlupov@factor-ts.ru>
+Date:   Thu Feb 4 16:27:31 2021 +0300
+
+    ssh: optional bind interface if bind address specified.
     
-    OpenBSD-Commit-ID: ba9238e810074ac907f0cf8cee1737ac04983171
+    Allows the -b and -B options to be used together.
+    For example, when the interface is in the VRF.
 
-commit 89b54900ac61986760452f132bbe3fb7249cfdac
-Author: markus@openbsd.org <markus@openbsd.org>
-Date:   Wed Jun 24 15:08:53 2020 +0000
+commit 1fe4d70df94d3bcc2b35fd57cad6b5fc4b2d7b16
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Feb 26 04:18:42 2021 +0000
 
-    upstream: allow sshd_config longer than 256k; ok djm
+    upstream: remove this KEX fuzzer; it's awkward to use and doesn't play
+    
+    nice with popular fuzzing drivers like libfuzzer. AFAIK nobody has used it
+    but me.
     
-    OpenBSD-Commit-ID: 83f40dd5457a64c1d3928eb4364461b22766beb3
+    OpenBSD-Regress-ID: cad919522b3ce90c147c95abaf81b0492ac296c9
 
-commit e3fa6249e6d9ceb57c14b04dd4c0cfab12fa7cd5
-Author: markus@openbsd.org <markus@openbsd.org>
-Date:   Wed Jun 24 15:07:33 2020 +0000
+commit 24a3a67bd7421740d08803b84bd784e764107928
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Feb 26 11:49:19 2021 +1100
 
-    upstream: only call sshkey_xmss_init() once for KEY_XMSS_CERT; ok
-    
-    djm
+    Remove macos-11.00 PAM test target too.
     
-    OpenBSD-Commit-ID: d0002ffb7f20f538b014d1d0735facd5a81ff096
+    These are failing apparently due to some kind of infrastructure problem,
+    making it look like every commit is busted.
 
-commit 37f2da069c0619f2947fb92785051d82882876d7
+commit 473201783f732ca8b0ec528b56aa55fa0d8cf717
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Jun 22 23:44:27 2020 +0000
+Date:   Fri Feb 26 00:16:58 2021 +0000
 
-    upstream: some clarifying comments
+    upstream: a bit more debugging behind #ifdef DEBUG_SK
     
-    OpenBSD-Commit-ID: 5268479000fd97bfa30ab819f3517139daa054a2
+    OpenBSD-Commit-ID: d9fbce14945721061cb322f0084c2165d33d1993
 
-commit b659319a5bc9e8adf3c4facc51f37b670d2a7426
-Author: jmc@openbsd.org <jmc@openbsd.org>
-Date:   Mon Jun 22 06:37:38 2020 +0000
+commit fd9fa76a344118fe1ef10b9a6c9e85d39599e9a8
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Feb 26 01:15:10 2021 +1100
 
-    upstream: updated argument name for -P in first synopsis was
-    
-    missed in previous;
+    Remove macos-11.0 from the test target list.
     
-    OpenBSD-Commit-ID: 8d84dc3050469884ea91e29ee06a371713f2d0b7
+    It has been consistently failing for the past few days with a github
+    actions internal error.
 
-commit 02a9222cbce7131d639984c2f6c71d1551fc3333
-Author: jmc@openbsd.org <jmc@openbsd.org>
-Date:   Mon Jun 22 06:36:40 2020 +0000
+commit 476ac8e9d33dbf96ef97aab812b8d7089d0cdc24
+Author: Philip Hands <phil@hands.com>
+Date:   Wed Feb 24 23:43:16 2021 +0100
 
-    upstream: supply word missing in previous;
+    tidy the $INSTALLKEY_SH code layout a little
     
-    OpenBSD-Commit-ID: 16a38b049f216108f66c8b699aa046063381bd23
+    SSH-Copy-ID-Upstream: 78178aa5017222773e4c23d9001391eeaeca8983
 
-commit 5098b3b6230852a80ac6cef5d53a785c789a5a56
-Author: Damien Miller <djm@mindrot.org>
-Date:   Mon Jun 22 16:54:02 2020 +1000
+commit 983e05ef3b81329d76d6a802b39ad0d1f637c06c
+Author: Jakub Jelen <jjelen@redhat.com>
+Date:   Tue Sep 29 10:02:45 2020 +0000
 
-    missing files for webauthn/sshsig unit test
+    if unable to add a missing newline, fail
+    
+    SSH-Copy-ID-Upstream: 76b25e18f55499ea9edb4c4d6dc4a80bebc36d95
 
-commit 354535ff79380237924ac8fdc98f8cdf83e67da6
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Jun 22 06:00:06 2020 +0000
+commit 3594b3b015f6014591da88ba71bf6ff010be7411
+Author: Philip Hands <phil@hands.com>
+Date:   Tue Oct 13 14:12:58 2020 +0200
 
-    upstream: add support for verification of webauthn sshsig signature,
+    use $AUTH_KEY_DIR, now that we have it
     
-    and example HTML/JS to generate webauthn signatures in SSH formats (also used
-    to generate the testdata/* for the test).
+    since that was a change made since jjelen's commit was written
     
-    OpenBSD-Regress-ID: dc575be5bb1796fdf4b8aaee0ef52a6671a0f6fb
+    also, quote the variables
+    
+    SSH-Copy-ID-Upstream: 588cd8e5cbf95f3443d92b9ab27c5d73ceaf6616
 
-commit bb52e70fa5330070ec9a23069c311d9e277bbd6f
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Jun 22 05:58:35 2020 +0000
+commit 333e25f7bc43cee6e36f766e39dad6f9918b318c
+Author: Jakub Jelen <jjelen@redhat.com>
+Date:   Tue Sep 29 10:00:01 2020 +0000
 
-    upstream: Add support for FIDO webauthn (verification only).
+    restorecon the correct directory
     
-    webauthn is a standard for using FIDO keys in web browsers. webauthn
-    signatures are a slightly different format to plain FIDO signatures - this
-    support allows verification of these. Feedback and ok markus@
+    if using different path for authorized_keys file
     
-    OpenBSD-Commit-ID: ab7e3a9fb5782d99d574f408614d833379e564ad
+    SSH-Copy-ID-Upstream: 791a3df47b48412c726bff6f7b1d190721e65d51
 
-commit 64bc121097f377142f1387ffb2df7592c49935af
+commit 9beeab8a37a49a9e3ffb1972fff6621ee5bd7a71
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Jun 22 05:56:23 2020 +0000
+Date:   Thu Feb 25 03:27:34 2021 +0000
 
-    upstream: refactor ECDSA-SK verification a little ahead of adding
-    
-    support for FIDO webauthn signature verification support; ok markus@
+    upstream: s/PubkeyAcceptedKeyTypes/PubkeyAcceptedAlgorithms/
     
-    OpenBSD-Commit-ID: c9f478fd8e0c1bd17e511ce8694f010d8e32043e
+    OpenBSD-Regress-ID: 3dbc005fa29f69dc23d97e433b6dffed6fe7cb69
 
-commit 12848191f8fe725af4485d3600e0842d92f8637f
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Jun 22 05:54:10 2020 +0000
+commit 2dd9870c16ddbd83740adeead5030d6840288c8f
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Wed Feb 24 23:12:35 2021 +0000
 
-    upstream: support for RFC4648 base64url encoding; ok markus
+    upstream: Rename pubkeyacceptedkeytypes to pubkeyacceptedalgorithms in
     
-    OpenBSD-Commit-ID: 0ef22c55e772dda05c112c88412c0797fec66eb4
+    test to match change to config-dump output.
+    
+    OpenBSD-Regress-ID: 74c9a4ad50306be873d032819d5e55c24eb74d5d
 
-commit 473b4af43db12127137c7fc1a10928313f5a16d2
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Jun 22 05:53:26 2020 +0000
+commit b9225c3a1c3f5827e31d5d64a71b8e0504a25619
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Wed Feb 24 01:18:08 2021 +0000
 
-    upstream: better terminology for permissions; feedback & ok markus@
+    upstream: Put obsolete aliases for hostbasedalgorithms and
     
-    OpenBSD-Commit-ID: ff2a71803b5ea57b83cc3fa9b3be42b70e462fb9
+    pubkeyacceptedalgorithms after their current names so that the config-dump
+    mode finds and uses the current names.  Spotted by Phil Pennock.
+    
+    OpenBSD-Commit-ID: 5dd10e93cccfaff3aaaa09060c917adff04a9b15
 
-commit fc270baf264248c3ee3050b13a6c8c0919e6559f
+commit 8b8b60542d6652b2c91e0ef9e9cc81bcb65e6b42
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Jun 22 05:52:05 2020 +0000
+Date:   Tue Feb 23 21:55:08 2021 +0000
 
-    upstream: better terminology for permissions; feedback & ok markus@
+    upstream: lots more s/key types/signature algorithms/ mostly in
     
-    OpenBSD-Commit-ID: ffb220b435610741dcb4de0e7fc68cbbdc876d2c
+    HostbasedAcceptedAlgorithms and HostKeyAlgorithms; prompted by Jakub Jelen
+    
+    OpenBSD-Commit-ID: 3f719de4385b1a89e4323b2549c66aae050129cb
 
-commit 00531bb42f1af17ddabea59c3d9c4b0629000d27
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Jun 19 07:21:42 2020 +0000
+commit 0aeb508aaabc4818970c90831e3d21843c3c6d09
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Feb 23 21:50:18 2021 +0000
 
-    upstream: Correct synopsis and usage for the options accepted when
+    upstream: Correct reference to signature algorithms as keys; from
     
-    passing a command to ssh-agent.  ok jmc@
+    Jakub Jelen
     
-    OpenBSD-Commit-ID: b36f0679cb0cac0e33b361051b3406ade82ea846
+    OpenBSD-Commit-ID: 36f7ecee86fc811aa0f8e21e7a872eee044b4be5
 
-commit b4556c8ad7177e379f0b60305a0cd70f12180e7c
+commit f186a020f2ba5f9c462a23293750e29ba0a746b1
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Jun 19 19:22:00 2020 +1000
+Date:   Tue Feb 23 16:05:22 2021 +1100
 
-    Add OPENBSD ORIGINAL marker to bcrypt_pbkdf.
+    Add a couple more test VMs.
 
-commit 1babb8bb14c423011ca34c2f563bb1c51c8fbf1d
+commit ffcdd3d90e74176b3bb22937ad1f65a6c1cd3f9d
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Jun 19 19:10:47 2020 +1000
+Date:   Mon Feb 22 08:09:27 2021 +1100
 
-    Extra brackets around sizeof() in bcrypt.
+    Valgrind test: split and move up list.
     
-    Prevents following warning from clang 10:
-    bcrypt_pbkdf.c:94:40: error: expression does not compute the number of
-      elements in this array; element type is ´uint32_tÂ[...]
-      place parentheses around the ´sizeof(uint64_t)´ expression to
-      silence this warning
+    Since the valgrind test takes so long it approaches the limit allowed by
+    github, move it to the head of the list so it's the first one started and
+    split the longest tests out into a second instance that runs concurrently
+    with the first.
 
-commit 9e065729592633290e5ddb6852792913b2286545
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Jun 19 18:47:56 2020 +1000
+commit c3b1636770785cc2830dedd0f22ef7d3d3491d6d
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Feb 23 00:05:31 2021 +0000
 
-    Add includes.h to new test.
+    upstream: warn when the user specifies a ForwardAgent path that does
     
-    Fixes warnings eg "´bounded´ attribute directive ignor" from gcc.
+    not exist and exit if ExitOnForwardFailure is set; bz3264
+    
+    OpenBSD-Commit-ID: 72f7875865e723e464c71bf8692e83110699bf26
 
-commit e684b1ea365e070433f282a3c1dabc3e2311ce49
+commit 5fcb0514949d61aadaf4a89cf16eb78fb47491ec
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Jun 19 18:38:39 2020 +1000
+Date:   Sat Feb 20 13:34:02 2021 +1100
 
-    Skip OpenSSL specific tests w/out OpenSSL.
+    Disable rlimit sandbox, doesn't work with valgrind
     
-    Allows unit tests to pass when configure'ed --without-openssl.
+    Only run regress tests, runing unit tests as well makes it run longer
+    than allowed y github.
 
-commit 80610e97a76407ca982e62fd051c9be03622fe7b
+commit bb0b9bf45396c19486080d3eb0a159f94de7e6ba
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Jun 19 17:15:27 2020 +1000
-
-    Hook sshsig tests up to Portable Makefiles.
-
-commit 5dba1fcabacaab46693338ec829b42a1293d1f52
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Jun 19 05:07:09 2020 +0000
+Date:   Sat Feb 20 13:06:25 2021 +1100
 
-    upstream: Test that ssh-agent exits when running as as subprocess
-    
-    of a specified command (ie "ssh-agent command").  Would have caught bz#3181.
-    
-    OpenBSD-Regress-ID: 895b4765ba5153eefaea3160a7fe08ac0b6db8b3
+    Upload valgrind logs on failure.
 
-commit 68e8294f6b04f9590ea227e63d3e129398a49e27
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Jun 19 04:34:21 2020 +0000
+commit ebb3b75e974cb241c6b9b9f5881b09c7bd32b651
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Feb 19 22:18:50 2021 +1100
 
-    upstream: run sshsig unit tests
+    Rename "vm" to "os" in selfhosted to match c-cpp.
     
-    OpenBSD-Regress-ID: 706ef17e2b545b64873626e0e35553da7c06052a
+    Should make it easier to share code or maybe merge at some point.
 
-commit 5edfa1690e9a75048971fd8775f7c16d153779db
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Jun 19 04:32:09 2020 +0000
+commit 76c0be0fe0465cb2b975dbd409f8d38b55e55bcb
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Feb 19 22:15:22 2021 +1100
 
-    upstream: basic unit test for sshsig.[ch], including FIDO keys
-    
-    verification only so far
-    
-    OpenBSD-Regress-ID: fb1f946c8fc59206bc6a6666e577b5d5d7e45896
+    Upload regress failure logs in c-cpp too.
 
-commit e95c0a0e964827722d29b4bc00d5c0ff4afe0ed2
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Jun 19 03:48:49 2020 +0000
+commit 8751b6c3136f5225c40f41bbf29aa29e15795f6e
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Feb 19 22:13:36 2021 +1100
 
-    upstream: basic unit test for FIDO kep parsing
+    Comment out Solaris 64bit PAM build...
     
-    OpenBSD-Regress-ID: 8089b88393dd916d7c95422b442a6fd4cfe00c82
+    until I can figure out why it's failing.
 
-commit 7775819c6de3e9547ac57b87c7dd2bfd28cefcc5
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Thu Jun 18 23:34:19 2020 +0000
+commit e9f6d563c06886b277c6b9abafa99fa80726dc48
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Feb 19 10:20:17 2021 +1100
 
-    upstream: check public host key matches private; ok markus@ (as
-    
-    part of previous diff)
-    
-    OpenBSD-Commit-ID: 65a4f66436028748b59fb88b264cb8c94ce2ba63
+    Actually run Valgrind tests.
 
-commit c514f3c0522855b4d548286eaa113e209051a6d2
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Thu Jun 18 23:33:38 2020 +0000
+commit 41d232e226624f1a81c17091c36b44c9010aae62
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Feb 19 10:16:56 2021 +1100
 
-    upstream: avoid spurious "Unable to load host key" message when
-    
-    sshd can load a private key but no public counterpart; with & ok markus@
-    
-    OpenBSD-Commit-ID: 0713cbdf9aa1ff8ac7b1f78b09ac911af510f81b
+    Add test against Valgrind.
 
-commit 7fafaeb5da365f4a408fec355dac04a774f27193
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Jun 12 05:26:37 2020 +0000
+commit e6528d91f12fba05f0ea64224091c9d0f38bdf1d
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Thu Feb 18 16:30:01 2021 +1100
 
-    upstream: correct RFC number; from HARUYAMA Seigo via GH PR191
-    
-    OpenBSD-Commit-ID: 8d03b6c96ca98bfbc23d3754c3c33e1fe0852e10
+    Add fbsd12 test target.
 
-commit 3a7f654d5bcb20df24a134b6581b0d235da4564a
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Jun 5 06:18:07 2020 +0000
+commit 6506cb2798d98ff03a7cc06567c392a81f540680
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Thu Feb 18 15:21:13 2021 +1100
 
-    upstream: unbreak "sshd -ddd" - close of config passing fd happened too
-    
-    early. ok markus@
-    
-    OpenBSD-Commit-ID: 49346e945c6447aca3e904e65fc400128d2f8ed0
+    Remove unused arg.
 
-commit 3de02be39e5c0c2208d9682a3844991651620fcc
-Author: Andreas Schwab <schwab@suse.de>
-Date:   Mon May 25 11:10:44 2020 +0200
+commit 93c31a623973b0fad508214593aab6ca94b11dcb
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Thu Feb 18 14:54:07 2021 +1100
 
-    Add support for AUDIT_ARCH_RISCV64
+    Add DEBUG_SK to kitchensink builds.
 
-commit ea547eb0329c2f8da77a4ac05f6c330bd49bdaab
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Jun 5 03:25:35 2020 +0000
+commit 65085740d3574eeb3289d592f042df62c2689bb0
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Thu Feb 18 14:53:14 2021 +1100
 
-    upstream: make sshbuf_putb(b, NULL) a no-op
-    
-    OpenBSD-Commit-ID: 976fdc99b500e347023d430df372f31c1dd128f7
+    Add bbone test target (arm32).
 
-commit 69796297c812640415c6cea074ea61afc899cbaa
+commit 63238f5aed66148b8d6ca7bd5fb347d624200155
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Jun 5 03:24:36 2020 +0000
+Date:   Thu Feb 18 02:49:35 2021 +0000
 
-    upstream: make sshbuf_dump() args const
+    upstream: Fix the hostkeys rotation extension documentation
     
-    OpenBSD-Commit-ID: b4a5accae750875d665b862504169769bcf663bd
+    The documentation was lacking the needed want-reply field in the initial
+    global request.
+    
+    https://github.com/openssh/openssh-portable/pull/218 by dbussink
+    
+    OpenBSD-Commit-ID: 051824fd78edf6d647a0b9ac011bf88e28775054
 
-commit 670428895739d1f79894bdb2457891c3afa60a59
+commit 34c5ef6e2d06d9f0e20cb04a9aebf67a6f96609a
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Jun 5 03:24:16 2020 +0000
+Date:   Thu Feb 18 02:15:07 2021 +0000
 
-    upstream: wrap long line
+    upstream: make names in function prototypes match those in
     
-    OpenBSD-Commit-ID: ed405a12bd27bdc9c52e169bc5ff3529b4ebbbb2
+    definition from https://github.com/openssh/openssh-portable/pull/225 by
+    ZenithalHourlyRate
+    
+    OpenBSD-Commit-ID: 7c736307bf3f2c7cb24d6f82f244eee959485acd
 
-commit 2f648cf222882719040906722b3593b01df4ad1a
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Jun 5 03:15:26 2020 +0000
+commit 88e3d4de31ab4f14cac658e9e0c512043b15b146
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Feb 18 02:13:58 2021 +0000
 
-    upstream: Correct historical comment: provos@ modified OpenSSH to
+    upstream: unbreak SK_DEBUG builds
     
-    work with SSLeay (very quickly replaced by OpenSSL) not SSL in general.  ok
-    deraadt, historical context markus@
+    from https://github.com/openssh/openssh-portable/pull/225 by
+    ZenithalHourlyRate
     
-    OpenBSD-Commit-ID: 7209e07a2984b50411ed8ca5a4932da5030d2b90
+    OpenBSD-Commit-ID: 28d7259ce1b04d025411464decfa2f1a097b43eb
 
-commit 56548e4efcc3e3e8093c2eba30c75b23e561b172
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Wed Jun 3 08:23:18 2020 +0000
+commit 788cbc5b74a53956ba9fff11e1ca506271a3597f
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Feb 18 00:30:17 2021 +0000
 
-    upstream: Import regenerated moduli file.
+    upstream: sftp-server: implement limits@openssh.com extension
     
-    OpenBSD-Commit-ID: 52ff0e3205036147b2499889353ac082e505ea54
-
-commit 8da801f585dd9c534c0cbe487a3b1648036bf2fb
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Jun 5 13:20:10 2020 +1000
-
-    Test fallthrough in OSSH_CHECK_CFLAG_COMPILE.
+    This is a simple extension that allows the server to clearly
+    communicate transfer limits it is imposing so the client doesn't
+    have to guess, or force the user to manually tune.  This is
+    particularly useful when an attempt to use too large of a value
+    causes the server to abort the connection.
     
-    clang 10's -Wimplicit-fallthrough does not understand /* FALLTHROUGH */
-    comments and we don't use the __attribute__((fallthrough)) that it's
-    looking for.  This has the effect of turning off -Wimplicit-fallthrough
-    where it does not currently help (particularly with -Werror).  ok djm@
-
-commit 049297de975b92adcc2db77e3fb7046c0e3c695d
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Wed Jun 3 08:23:18 2020 +0000
-
-    upstream: Import regenerated moduli file.
+    Patch from Mike Frysinger; ok dtucker@
     
-    OpenBSD-Commit-ID: 52ff0e3205036147b2499889353ac082e505ea54
+    OpenBSD-Commit-ID: f96293221e5aa24102d9bf30e4f4ef04d5f4fb51
 
-commit b458423a38a3140ac022ffcffcb332609faccfe3
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Mon Jun 1 07:11:38 2020 +0000
+commit 324449a68d510720d0e4dfcc8e9e5a702fe6a48f
+Author: Damien Miller <djm@mindrot.org>
+Date:   Thu Feb 18 12:06:25 2021 +1100
 
-    upstream: Remove now-unused proto_spec and associated definitions.
+    support OpenSSL 3.x cipher IV API change
     
-    ok djm@
+    OpenSSL renamed the "get current CIPHER_CTX" IV operation in 3.x.
+    This uses the new name if available.
     
-    OpenBSD-Commit-ID: 2e2b18e3aa6ee22a7b69c39f2d3bd679ec35c362
+    https://github.com/openssl/openssl/issues/13411
+    
+    bz#3238 ok dtucker@
 
-commit 5ad3c3a33ef038b55a14ebd31faeeec46073db2c
-Author: millert@openbsd.org <millert@openbsd.org>
-Date:   Fri May 29 21:22:02 2020 +0000
+commit 845fe9811c047063d935eca89188ed55c993626b
+Author: Damien Miller <djm@mindrot.org>
+Date:   Thu Feb 18 11:25:38 2021 +1100
 
-    upstream: Fix error message on close(2) and add printf format
+    prefer login_getpwclass() to login_getclass()
     
-    attributes. From Christos Zoulas, OK markus@
+    FreeBSD has login_getpwclass() that does some special magic for
+    UID=0. Prefer this to login_getclass() as its easier to emulate
+    the former with the latter.
     
-    OpenBSD-Commit-ID: 41523c999a9e3561fcc7082fd38ea2e0629ee07e
+    Based on FreeBSD PR 37416 via Ed Maste; ok dtucker@
 
-commit 712ac1efb687a945a89db6aa3e998c1a17b38653
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri May 29 11:17:56 2020 +0000
+commit d0763c8d566119cce84d9806e419badf20444b02
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Thu Feb 18 10:45:27 2021 +1100
 
-    upstream: Make dollar_expand variadic and pass a real va_list to
-    
-    vdollar_percent_expand. Fixes build error on arm64 spotted by otto@.
-    
-    OpenBSD-Commit-ID: 181910d7ae489f40ad609b4cf4a20f3d068a7279
+    Fixing quoting for installing moduli on target guest.
 
-commit 837ffa9699a9cba47ae7921d2876afaccc027133
+commit b3afc243bc820f323a09e3218e9ec8a30a3c1933
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri May 29 20:39:00 2020 +1000
+Date:   Thu Feb 18 10:27:16 2021 +1100
 
-    Omit ToS setting if we don't have IPV6_TCLASS too.
-    
-    Fixes tests on old BSDs.
+    Install moduli on target not host.
 
-commit f85b118d2150847cc333895296bc230e367be6b5
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri May 29 09:02:44 2020 +0000
+commit f060c2bc85d59d111fa18a12eb3872ee4b9f7e97
+Author: Damien Miller <djm@mindrot.org>
+Date:   Thu Feb 18 10:33:58 2021 +1100
 
-    upstream: Pass a NULL instead of zeroed out va_list from
+    don't free string returned by login_getcapstr(3)
     
-    dollar_expand.  The original intent was in case there's some platform where
-    va_list is not a pointer equivalent, but on i386 this chokes on the memset.
-    This unbreaks that build, but will require further consideration.
+    OpenBSD and NetBSD require the caller to free strings returned
+    bu the login_* functions, but FreeBSD requires that callers don't.
     
-    OpenBSD-Commit-ID: 7b90afcd8e1137a1d863204060052aef415baaf7
+    Fortunately in this case, we can harmlessly leak as the process is
+    about to exec the shell/command.
+    
+    From https://reviews.freebsd.org/D28617 via Ed Maste; ok dtucker@
 
-commit ec1d50b01c84ff667240ed525f669454c4ebc8e9
-Author: jmc@openbsd.org <jmc@openbsd.org>
-Date:   Fri May 29 05:48:39 2020 +0000
+commit bc9b0c25703215501da28aa7a6539f96c0fa656f
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Thu Feb 18 10:10:00 2021 +1100
 
-    upstream: remove a stray .El;
-    
-    OpenBSD-Commit-ID: 58ddfe6f8a15fe10209db6664ecbe7896f1d167c
+    Skip unit tests on sol11 to speed things up.
 
-commit 058674a62ffe33f01d871d46e624bc2a2c22d91f
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri May 29 04:32:26 2020 +0000
+commit 161873035c12cc22211fc73d07170ade47746bc5
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Thu Feb 18 10:09:27 2021 +1100
 
-    upstream: Add regression and unit tests for ${ENV} style
-    
-    environment variable expansion in various keywords (bz#3140).  ok djm@
-    
-    OpenBSD-Regress-ID: 4d9ceb95d89365b7b674bc26cf064c15a5bbb197
+    Remove SKIP_UNIT as it needs to be a make arg.
 
-commit 0b15892fc47d6840eba1291a6be9be1a70bc8972
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri May 29 01:21:35 2020 +0000
+commit 1c293868e4b4e8e74e3ea15b8dff90f6b089967a
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Thu Feb 18 10:05:03 2021 +1100
 
-    upstream: Unit test for convtime. ok djm@
+    Always intall moduli.
     
-    OpenBSD-Regress-ID: cec4239efa2fc4c7062064f07a847e1cbdbcd5dd
+    Allows us to run tests without falling back to a fixed modulus.  Ensure that
+    the directory exists.
 
-commit 188e332d1c8f9f24e5b6659e9680bf083f837df9
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri May 29 05:37:03 2020 +0000
+commit 5c8f41ad100601ec2fdcbccdfe92890c31f81bbe
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Thu Feb 18 09:59:09 2021 +1100
 
-    upstream: mention that wildcards are processed in lexical order;
-    
-    bz#3165
-    
-    OpenBSD-Commit-ID: 8856f3d1612bd42e9ee606d89386cae456dd165c
+    Quote SSHD_CONFOPTS in case it contains spaces.
 
-commit 4a1b46e6d032608b7ec00ae51c4e25b82f460b05
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri May 29 04:25:40 2020 +0000
+commit 4653116c1f5384ea7006e6396d9b53c33d218975
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Thu Feb 18 09:51:18 2021 +1100
 
-    upstream: Allow some keywords to expand shell-style ${ENV}
-    
-    environment variables on the client side.  The supported keywords are
-    CertificateFile, ControlPath, IdentityAgent and IdentityFile, plus
-    LocalForward and RemoteForward when used for Unix domain socket paths.  This
-    would for example allow forwarding of Unix domain socket paths that change at
-    runtime.  bz#3140, ok djm@
-    
-    OpenBSD-Commit-ID: a4a2e801fc2d4df2fe0e58f50d9c81b03822dffa
+    Fix labels on targets (dots vs underscores).
 
-commit c9bab1d3a9e183cef3a3412f57880a0374cc8cb2
-Author: Damien Miller <djm@mindrot.org>
-Date:   Fri May 29 14:49:16 2020 +1000
+commit 4512047f57ca3c6e8cd68f0cc69be59e98b25287
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Wed Feb 17 21:47:48 2021 +1100
 
-    depend
+    More compact representation of config matrix.
 
-commit 0b0d219313bf9239ca043f20b1a095db0245588f
-Author: sobrado <sobrado@openbsd.org>
-Date:   Thu Sep 3 23:06:28 2015 +0000
+commit 0406cd09f05c2e419b113dd4c0eac8bc34ec915b
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Wed Feb 17 21:19:18 2021 +1100
 
-    partial sync of regress/netcat.c with upstream
-    
-    synchronize synopsis and usage.
+    Skip unit tests on hosted VMs to speed things up.
 
-commit 0f04c8467f589f85a523e19fd684c4f6c4ed9482
-Author: chl <chl@openbsd.org>
-Date:   Sun Jul 26 19:12:28 2015 +0000
+commit 4582612e6147d766c336198c498740242fb8f1ec
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Wed Feb 17 20:21:29 2021 +1100
 
-    partial sync of regress/netcat.c with upstream
-    
-    remove unused variable
-    
-    ok tedu@
+    Merge macos and ubuntu tests.
 
-commit d6a81050ace2630b06c3c6dd39bb4eef5d1043f8
-Author: tobias <tobias@openbsd.org>
-Date:   Thu Mar 26 21:22:50 2015 +0000
+commit 09f4b84654b71099559492e9aed5e1a38bf24815
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Wed Feb 17 18:41:30 2021 +1100
 
-    partial sync of regress/netcat.c with upstream
-    
-    The code in socks.c writes multiple times in a row to a socket. If the socket becomes invalid between these calls (e.g. connection closed), write will throw SIGPIPE. With this patch, SIGPIPE is ignored so we can handle write's -1 return value (errno will be EPIPE). Ultimately, it leads to program exit, too -- but with nicer error message. :)
-    
-    with input by and ok djm
+    Convert most github hosted tests to new config structure.
 
-commit bf3893dddd35e16def04bf48ed2ee1ad695b8f82
-Author: tobias <tobias@openbsd.org>
-Date:   Thu Mar 26 10:36:03 2015 +0000
+commit 65380ff7e054be1454e5ab4fd7bb9c66f8fcbaa9
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Wed Feb 17 18:27:36 2021 +1100
 
-    partial sync of regress/netcat.c with upstream
-    
-    Check for short writes in fdpass(). Clean up while at it.
-    
-    ok djm
+    Only run selfhosted tests from selfhosted repo.
 
-commit e18435fec124b4c08eb6bbbbee9693dc04f4befb
-Author: jca <jca@openbsd.org>
-Date:   Sat Feb 14 22:40:22 2015 +0000
+commit f031366535650b88248ed7dbf23033afdf466240
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Jan 15 14:11:43 2021 +1100
 
-    partial sync of regress/netcat.c with upstream
+    Add self-hosted runners for VMs of other platforms.
     
-    Support for nc -T on IPv6 addresses.
+    Github only hosts a limited number of platforms, and the runner code
+    is only supported on slightly wider range of platforms.  To increase
+    our test coverage beyond that, we run the runner natively on a VM host,
+    where it runs a jobs that boot VMs of other platforms, waits for them
+    to come up then runs the build and test by ssh'ing into the guest.
+    This means that the minimum dependencies for the guests are quite low
+    (basically just sshd, a compiler and make).
     
-    ok sthen@
-
-commit 4c607244054a036ad3b2449a6cb4c15feb846a76
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri May 29 03:14:02 2020 +0000
-
-    upstream: fix compilation on !HAVE_DLOPEN platforms; stub function
+    The interface to the VM host is fairly simple (basically 3 scripts:
+    vmstartup, vmrun and vmshutdown), but those are specific to the VM host
+    so are not in the public repo.  We also mount the working directory on the
+    host via sshfs, so things like artifact upload by the runner also work.
     
-    was not updated to match API change. From Dale Rahn via beck@ ok markus@
+    As part of this we are moving the per-test-target configs into a single
+    place (.github/configs) where there will be referenced by a single short
+    "config" key.  I plan to make the github-hosted runners use this too.
     
-    OpenBSD-Commit-ID: 2b8d054afe34c9ac85e417dae702ef981917b836
+    The self-hosted runners are run off a private repo on github since that
+    prevents third parties from accessing them[0], and since runner quota is
+    limited on private repos, we avoid running the tests we run on the public
+    repo.
+    
+    [0] https://docs.github.com/en/actions/hosting-your-own-runners/about-self-hosted-runners#self-hosted-runner-security-with-public-repositories
 
-commit 224418cf55611869a4ace1b8b07bba0dff77a9c3
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri May 29 03:11:54 2020 +0000
+commit 64bbd7444d658ef7ee14a7ea5ccc7f5810279ee7
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Wed Feb 17 03:59:00 2021 +0000
 
-    upstream: fix exit status for downloading of FIDO resident keys;
+    upstream: Make sure puttygen is new enough to successfully run the
     
-    from Pedro Martelletto, ok markus@
+    PuTTY interop tests, otherwise skip them.
     
-    OpenBSD-Commit-ID: 0da77dc24a1084798eedd83c39a002a9d231faef
+    OpenBSD-Regress-ID: 34565bb50b8aec58331ed02a5e9e0a9a929bef51
 
-commit 1001dd148ed7c57bccf56afb40cb77482ea343a6
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri May 29 01:20:46 2020 +0000
+commit da0a9afcc446a30ca49dd216612c41ac3cb1f2d4
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Mon Feb 15 20:43:15 2021 +0000
 
-    upstream: Fix multiplier in convtime when handling seconds after
+    upstream: ssh: add PermitRemoteOpen for remote dynamic forwarding
     
-    other units. bz#3171, spotted by ronf at timeheart.net, ok djm@.
+    with SOCKS ok djm@, dtucker@
     
-    OpenBSD-Commit-ID: 95b7a848e1083974a65fbb6ccb381d438e1dd5be
+    OpenBSD-Commit-ID: 64fe7b6360acc4ea56aa61b66498b5ecc0a96a7c
 
-commit 7af1e92cd289b7eaa9a683e9a6f2fddd98f37a01
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed May 27 22:37:53 2020 +0000
+commit b696858a7f9db72a83d02cb6edaca4b30a91b386
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Mon Feb 15 20:36:35 2021 +0000
 
-    upstream: fix Include before Match in sshd_config; bz#3122 patch
-    
-    from Jakub Jelen
+    upstream: factor out opt_array_append; ok djm@
     
-    OpenBSD-Commit-ID: 1b0aaf135fe6732b5d326946042665dd3beba5f4
+    OpenBSD-Commit-ID: 571bc5dd35f99c5cf9de6aaeac428b168218e74a
 
-commit 0a9a611619b0a1fecd0195ec86a9885f5d681c84
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed May 27 21:59:11 2020 +0000
+commit ad74fc127cc45567e170e8c6dfa2cfd9767324ec
+Author: dlg@openbsd.org <dlg@openbsd.org>
+Date:   Mon Feb 15 11:09:22 2021 +0000
 
-    upstream: Do not call process_queued_listen_addrs() for every
+    upstream: ProxyJump takes "none" to disable processing like
     
-    included file from sshd_config; patch from Jakub Jelen
+    ProxyCommand does
     
-    OpenBSD-Commit-ID: 0ff603d6f06a7fab4881f12503b53024799d0a49
+    ok djm@ jmc@
+    
+    OpenBSD-Commit-ID: 941a2399da2193356bdc30b879d6e1692f18b6d3
 
-commit 16ea1fdbe736648f79a827219134331f8d9844fb
+commit 16eacdb016ccf38dd9959c78edd3a6282513aa53
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed May 27 21:25:18 2020 +0000
+Date:   Fri Feb 12 03:49:09 2021 +0000
 
-    upstream: fix crash in recallocarray when deleting SendEnv
+    upstream: sftp: add missing lsetstat@openssh.com documentation
     
-    variables; spotted by & ok sthen@
+    patch from Mike Frysinger
     
-    OpenBSD-Commit-ID: b881e8e849edeec5082b5c0a87d8d7cff091a8fd
+    OpenBSD-Commit-ID: 9c114db88d505864075bfe7888b7c8745549715b
 
-commit 47adfdc07f4f8ea0064a1495500244de08d311ed
+commit e04fd6dde16de1cdc5a4d9946397ff60d96568db
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed May 27 22:35:19 2020 +0000
+Date:   Fri Feb 12 03:14:18 2021 +0000
 
-    upstream: two new tests for Include in sshd_config, checking whether
+    upstream: factor SSH_AGENT_CONSTRAIN_EXTENSION parsing into its own
     
-    Port directives are processed correctly and handling of Include directives
-    that appear before Match. Both tests currently fail. bz#3122 and bz#3169 -
-    patch from Jakub Jelen
+    function and remove an unused variable; ok dtucker@
     
-    OpenBSD-Regress-ID: 8ad5a4a385a63f0a1c59c59c763ff029b45715df
+    OpenBSD-Commit-ID: e1a938657fbf7ef0ba5e73b30365734a0cc96559
 
-commit 47faad8f794516c33864d866aa1b55d88416f94c
+commit 1bb130ed34721d46452529d094d9bbf045607d79
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Wed May 27 23:26:23 2020 +1000
+Date:   Thu Feb 11 10:18:05 2021 +1100
 
-    Document that libfido2 >= 1.4.0 is needed.
+    Add __NR_futex_time64 to seccomp sandbox.
+    
+    This is apparently needed for (some) 32 bit platforms with glibc 2.33.
+    Patch from nix at esperi.org.uk and jjelen at redhat.com via bz#3260.
 
-commit 4be563994c0cbe9856e7dd3078909f41beae4a9c
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue May 26 01:59:46 2020 +0000
+commit f88a7a431212a16e572ecabd559e632f369c363e
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Sat Feb 6 09:37:01 2021 +1100
 
-    upstream: fix memleak of signature; from Pedro Martelletto
+    Add a hostname function for systems that don't have it.
     
-    OpenBSD-Commit-ID: d0a6eb07e77c001427d738b220dd024ddc64b2bb
+    Some systems don't have a hostname command (it's not required by POSIX).
+    The do have uname -n (which is), but as found by tim@ some others (eg
+    UnixWare) do not report the FQDN from uname -n.
 
-commit 0c111eb84efba7c2a38b2cc3278901a0123161b9
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue May 26 01:26:58 2020 +0000
+commit 5e385a71ef2317856f37c91a98658eb12eb5a89c
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Feb 5 22:03:40 2021 +0000
 
-    upstream: Restrict ssh-agent from signing web challenges for FIDO
-    
-    keys.
-    
-    When signing messages in ssh-agent using a FIDO key that has an
-    application string that does not start with "ssh:", ensure that the
-    message being signed is one of the forms expected for the SSH protocol
-    (currently pubkey authentication and sshsig signatures).
-    
-    This prevents ssh-agent forwarding on a host that has FIDO keys
-    attached granting the ability for the remote side to sign challenges
-    for web authentication using those keys too.
-    
-    Note that the converse case of web browsers signing SSH challenges is
-    already precluded because no web RP can have the "ssh:" prefix in the
-    application string that we require.
+    upstream: Roll back the hostname->uname change in rev 1.10. It turns
     
-    ok markus@
+    out uname -n doesn't do what we need for some platforms in portable, so we'll
+    fix the original problem (that some other platforms don't have hostname at
+    all) by providing wrapper function to implement it.
     
-    OpenBSD-Commit-ID: 9ab6012574ed0352d2f097d307f4a988222d1b19
+    OpenBSD-Regress-ID: 827a707d6201d5a8e196a8c28aec1d2c76c52341
 
-commit 9c5f64b6cb3a68b99915202d318b842c6c76cf14
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue May 26 01:09:05 2020 +0000
+commit b446c214279de50ed8388e54897eb1be5281c894
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Feb 5 06:01:58 2021 +0000
 
-    upstream: improve logging for MaxStartups connection throttling:
+    upstream: hostname is not specified by POSIX but uname -n is, so use
     
-    have sshd log when it starts and stops throttling and periodically while in
-    this state. bz#3055 ok markus@
+    the latter for portability.  Patch from Geert Hendrickx via github PR#208.
     
-    OpenBSD-Commit-ID: 2e07a09a62ab45d790d3d2d714f8cc09a9ac7ab9
+    OpenBSD-Regress-ID: d6a79c7c4d141a0d05ade4a042eb57dddbce89f3
 
-commit 756c6f66aee83a5862a6f936a316f761532f3320
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue May 26 01:06:52 2020 +0000
+commit 1cb6ce98d658e5fbdae025a3bd65793980e3b5d9
+Author: David Carlier <devnexen@gmail.com>
+Date:   Sat Nov 21 12:22:23 2020 +0000
 
-    upstream: add fmt_timeframe() (from bgpd) to format a time
-    
-    interval in a human- friendly format. Switch copyright for this file from BSD
-    to MIT to make it easier to add Henning's copyright for this function. ok
-    markus@
+    Using explicit_memset for the explicit_bzero compatibility layer.
     
-    OpenBSD-Commit-ID: 414a831c662df7e68893e5233e86f2cac081ccf9
+    Favoriting the native implementation in this case.
 
-commit 2a63ce5cd6d0e782783bf721462239b03757dd49
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon May 18 04:29:35 2020 +0000
+commit 2e0beff67def2120f4b051b1016d7fbf84823e78
+Author: Luca Weiss <luca@z3ntu.xyz>
+Date:   Sun Nov 8 14:19:23 2020 +0100
 
-    upstream: avoid possible NULL deref; from Pedro Martelletto
-    
-    OpenBSD-Commit-ID: e6099c3fbb70aa67eb106e84d8b43f1fa919b721
+    Deny (non-fatal) statx in preauth privsep child.
 
-commit 4b307faf2fb0e63e51a550b37652f7f972df9676
-Author: markus@openbsd.org <markus@openbsd.org>
-Date:   Fri May 15 08:34:03 2020 +0000
+commit a35d3e911e193a652bd09eed40907e3e165b0a7b
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Feb 5 02:20:23 2021 +0000
 
-    upstream: sshd listener must not block if reexecd sshd exits
+    upstream: Remove debug message from sigchld handler. While this
     
-    in write(2) on config_s[0] if the forked child exits early before finishing
-    recv_rexec_state (e.g. with fatal()) because config_s[1] stays open in the
-    parent. this prevents the parent from accepting new connections. ok djm,
-    deraadt
+    works on OpenBSD it can cause problems on other platforms.  From kircherlike
+    at outlook.com via bz#3259, ok djm@
+    
+    OpenBSD-Commit-ID: 3e241d7ac1ee77e3de3651780b5dc47b283a7668
+
+commit 69338ab46afe9e3dfb7762ad65351d854077c998
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Feb 2 22:36:59 2021 +0000
+
+    upstream: whitespace
     
-    OpenBSD-Commit-ID: 92ccfeb939ccd55bda914dc3fe84582158c4a9ef
+    OpenBSD-Commit-ID: 544bb092e03fcbecb420196cd0f70af13ea868ad
 
-commit af8b16fb2cce880341c0ee570ceb0d84104bdcc0
+commit f71219a01d8f71c4b3ed7e456337a84ddba1653e
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri May 15 03:57:33 2020 +0000
+Date:   Tue Feb 2 22:36:46 2021 +0000
 
-    upstream: fix off-by-one error that caused sftp downloads to make
+    upstream: fix memleaks in private key deserialisation; enforce more
     
-    one more concurrent request that desired. This prevented using sftp(1) in
-    unpipelined request/response mode, which is useful when debugging. Patch from
-    Stephen Goetze in bz#3054
+    consistency between redundant fields in private key certificate and private
+    key body; ok markus@
     
-    OpenBSD-Commit-ID: 41b394ebe57037dbc43bdd0eef21ff0511191f28
+    OpenBSD-Commit-ID: dec344e414d47f0a7adc13aecf3760fe58101240
 
-commit d7d753e2979f2d3c904b03a08d30856cd2a6e892
-Author: deraadt@openbsd.org <deraadt@openbsd.org>
-Date:   Wed May 13 22:38:41 2020 +0000
+commit 3287790e78bf5b53c4a3cafb67bb5aa03e3910f0
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Feb 2 22:35:14 2021 +0000
 
-    upstream: we are still aiming for pre-C99 ...
+    upstream: memleak on error path; ok markus@
     
-    OpenBSD-Commit-ID: a240fc9cbe60bc4e6c3d24d022eb4ab01fe1cb38
+    OpenBSD-Commit-ID: 2091a36d6ca3980c81891a6c4bdc544e63cb13a8
 
-commit 2ad7b7e46408dbebf2a4efc4efd75a9544197d57
+commit 3dd0c64e08f1bba21d71996d635c7256c8c139d1
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed May 13 10:08:02 2020 +0000
+Date:   Sun Jan 31 22:55:29 2021 +0000
 
-    upstream: Enable credProtect extension when generating a resident
-    
-    key.
+    upstream: more strictly enforce KEX state-machine by banning packet
     
-    The FIDO 2.1 Client to Authenticator Protocol introduced a "credProtect"
-    feature to better protect resident keys. This option allows (amone other
-    possibilities) requiring a PIN prior to all operations that may retrieve
-    the key handle.
+    types once they are received. Fixes memleak caused by duplicate
+    SSH2_MSG_KEX_DH_GEX_REQUEST (spotted by portable OpenSSH kex_fuzz via
+    oss-fuzz #30078).
     
-    Patch by Pedro Martelletto; ok djm and markus
+    ok markus@
     
-    OpenBSD-Commit-ID: 013bc06a577dcaa66be3913b7f183eb8cad87e73
+    OpenBSD-Commit-ID: 87331c715c095b587d5c88724694cdeb701c9def
 
-commit 1e70dc3285fc9b4f6454975acb81e8702c23dd89
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed May 13 09:57:17 2020 +0000
+commit 7a92a324a2e351fabd0ba8ef9b434d3b12d54ee3
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Sun Jan 31 10:50:10 2021 +0000
 
-    upstream: always call fido_init(); previous behaviour only called
+    upstream: Set linesize returned by getline to zero when freeing and
     
-    fido_init() when SK_DEBUG was defined. Harmless with current libfido2, but
-    this isn't guaranteed in the future.
+    NULLing the returned string.  OpenBSD's getline handles this just fine, but
+    some implementations used by -portable do not.  ok djm@
     
-    OpenBSD-Commit-ID: c7ea20ff2bcd98dd12015d748d3672d4f01f0864
+    OpenBSD-Commit-ID: 4d7bd5169d3397654247db9655cc69a9908d165c
 
-commit f2d84f1b3fa68d77c99238d4c645d0266fae2a74
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed May 13 09:55:57 2020 +0000
+commit a5dfc5bae8c16e2a7caf564758d812c7672480b5
+Author: Damien Miller <djm@mindrot.org>
+Date:   Sat Jan 30 16:32:29 2021 +1100
 
-    upstream: preserve group/world read permission on known_hosts
-    
-    file across runs of "ssh-keygen -Rf /path". The old behaviour was to remove
-    all rights for group/other. bz#3146 ok dtucker@
+    allow a fuzz case to contain more than one request
     
-    OpenBSD-Commit-ID: dc369d0e0b5dd826430c63fd5f4b269953448a8a
+    loop until input buffer empty, no message consumed or 256 messages
+    processed
 
-commit 05a651400da6fbe12296c34e3d3bcf09f034fbbf
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed May 13 09:52:41 2020 +0000
+commit 0ef24ad60204022f7e33b6e9d171172c50514132
+Author: Damien Miller <djm@mindrot.org>
+Date:   Sat Jan 30 16:28:23 2021 +1100
 
-    upstream: when ordering the hostkey algorithms to request from a
+    expect fuzz cases to have length prefix
     
-    server, prefer certificate types if the known_hosts files contain a key
-    marked as a @cert-authority; bz#3157 ok markus@
+    might make life a little easier for the fuzzer, e.g. it can now
+    produce valid (multi-request) messages by smashing two cases together.
+
+commit de613f2713d2dfcd3b03c00e5558a40997f52712
+Author: Damien Miller <djm@mindrot.org>
+Date:   Sat Jan 30 12:03:30 2021 +1100
+
+    ssh-agent fuzzer
+
+commit 7e96c877bcb2fb645355a687b8cb7347987c1c58
+Author: Damien Miller <djm@mindrot.org>
+Date:   Sat Jan 30 12:02:46 2021 +1100
+
+    move keys out of kex_fuzz.cc into separate header
     
-    OpenBSD-Commit-ID: 8f194573e5bb7c01b69bbfaabc68f27c9fa5e0db
+    add certificates and missing key types
 
-commit 829451815ec207e14bd54ff5cf7e22046816f042
+commit 76f46d75664fdaa1112739ca523ff85ee4eb52b4
+Author: Damien Miller <djm@mindrot.org>
+Date:   Sat Jan 30 12:02:10 2021 +1100
+
+    some fixed test data (mostly keys) for fuzzing
+
+commit 7c2e3d6de1f2edb0c8b4725b4c2b56360e032b19
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue May 12 01:41:32 2020 +0000
+Date:   Sat Jan 30 00:56:38 2021 +0000
 
-    upstream: fix non-ASCII quote that snuck in; spotted by Gabriel
+    upstream: add a SK_DUMMY_INTEGRATE define that allows the dummy
     
-    Kihlman
+    security key middleware to be directly linked; useful for writing fuzzers,
+    etc.
     
-    OpenBSD-Commit-ID: 04bcde311de2325d9e45730c744c8de079b49800
+    OpenBSD-Regress-ID: 0ebd00159b58ebd85e61d8270fc02f1e45df1544
 
-commit 5a442cec92c0efd6fffb4af84bf99c70af248ef3
+commit 1a4b92758690faa12f49079dd3b72567f909466d
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon May 11 02:11:29 2020 +0000
+Date:   Fri Jan 29 06:29:46 2021 +0000
 
-    upstream: clarify role of FIDO tokens in multi-factor
-    
-    authentictation; mostly from Pedro Martelletto
+    upstream: fix the values of enum sock_type
     
-    OpenBSD-Commit-ID: fbe05685a1f99c74b1baca7130c5a03c2df7c0ac
+    OpenBSD-Commit-ID: 18d048f4dbfbb159ff500cfc2700b8fb1407facd
 
-commit ecb2c02d994b3e21994f31a70ff911667c262f1f
+commit 8afaa7d7918419d3da6c0477b83db2159879cb33
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri May 8 05:13:14 2020 +0000
+Date:   Fri Jan 29 06:28:10 2021 +0000
 
-    upstream: fix compilation with DEBUG_KEXDH; bz#3160 ok dtucker@
+    upstream: give typedef'd struct a struct name; makes the fuzzer I'm
     
-    OpenBSD-Commit-ID: 832e771948fb45f2270e8b8895aac36d176ba17a
+    writing a bit easier
+    
+    OpenBSD-Commit-ID: 1052ab521505a4d8384d67acb3974ef81b8896cb
 
-commit 3ab6fccc3935e9b778ff52f9c8d40f215d58e01d
+commit 1e660115f0c7c4a750cd31e468ff889f33dd8088
 Author: Damien Miller <djm@mindrot.org>
-Date:   Thu May 14 12:22:09 2020 +1000
+Date:   Fri Jan 29 11:09:14 2021 +1100
 
-    prefer ln to cp for temporary copy of sshd
-    
-    I saw failures on the reexec fallback test on Darwin 19.4 where
-    fork()ed children of a process that had it's executable removed
-    would instantly fail. Using ln to preserve the inode avoids this.
+    fuzz diffie-hellman-group-exchange-sha1 kex too
 
-commit f700d316c6b15a9cfbe87230d2dca81a5d916279
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Wed May 13 15:24:51 2020 +1000
+commit be5f0048ea2aaeddd27be7dcca23aaad345fa16c
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Jan 29 11:03:35 2021 +1100
 
-    Actually skip pty tests when needed.
+    support for running kex fuzzer with null cipher
 
-commit 08ce6b2210f46f795e7db747809f8e587429dfd2
+commit 3d59e88c0e42182c3749b446ccd9027933c84be4
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Wed May 13 13:56:45 2020 +1000
+Date:   Thu Jan 28 20:55:16 2021 +1100
 
-    Skip building sk-dummy library if no SK support.
+    make with -j2 to use available CPUs.
 
-commit 102d106bc2e50347d0e545fad6ff5ce408d67247
-Author: Damien Miller <djm@mindrot.org>
-Date:   Wed May 13 12:08:34 2020 +1000
+commit 66dd9ddb5d2ea8c407908c8e8468c9d6e71db05b
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Thu Jan 28 14:31:01 2021 +1100
 
-    explicitly manage .depend and .depend.bak
-    
-    Bring back removal of .depend to give the file a known state before
-    running makedepend, but manually move aside the current .depend file
-    and restore it as .depend.bak afterwards so the stale .depend check
-    works as expected.
+    Add test against openssl head and libressl head.
 
-commit 83a6dc6ba1e03b3fa39d12a8522b8b0e68dd6390
-Author: Damien Miller <djm@mindrot.org>
-Date:   Wed May 13 12:03:42 2020 +1000
+commit 237dbb34e24b6b7ea888d54bda4d17da0a0fd0fa
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Thu Jan 28 14:30:50 2021 +1100
 
-    make depend
+    Remove whitespace.
 
-commit 7c0bbed967abed6301a63e0267cc64144357a99a
-Author: Damien Miller <djm@mindrot.org>
-Date:   Wed May 13 12:01:10 2020 +1000
+commit d983e1732b8135d7ee8d92290d6dce35f736ab88
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Jan 27 23:49:46 2021 +0000
 
-    revert removal of .depend before makedepend
-    
-    Commit 83657eac4 started removing .depend before running makedepend
-    to reset the contents of .depend to a known state. Unfortunately
-    this broke the depend-check step as now .depend.bak would only ever
-    be created as an empty file.
+    upstream: fix leak: was double allocating kex->session_id buffer
     
-    ok dtucker
+    OpenBSD-Commit-ID: 3765f4cc3ae1df874dba9102a3588ba7b48b8183
 
-commit 58ad004acdcabf3b9f40bc3aaa206b25d998db8c
+commit 1134a48cdcef8e7363b9f6c73ebdd24405066738
 Author: Damien Miller <djm@mindrot.org>
-Date:   Tue May 12 12:58:46 2020 +1000
-
-    prepare for 8.3 release
-
-commit 4fa9e048c2af26beb7dc2ee9479ff3323e92a7b5
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri May 8 21:50:43 2020 +1000
+Date:   Thu Jan 28 08:57:31 2021 +1100
 
-    Ensure SA_SIGNAL test only signals itself.
-    
-    When the test's child signals its parent and it exits the result of
-    getppid changes.  On Ubuntu 20.04 this results in the ppid being that
-    of the GDM session, causing it to exit.  Analysis and testing from pedro
-    at ambientworks.net
+    correct kex name in disabled code
 
-commit dc2da29aae76e170d22f38bb36f1f5d1edd5ec2b
-Author: Damien Miller <djm@mindrot.org>
-Date:   Fri May 8 13:31:53 2020 +1000
+commit 67f47f1965abafc1830a287761125c2f4790857e
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Jan 27 10:15:08 2021 +0000
 
-    sync config.guess/config.sub with latest versions
+    upstream: this needs kex.h now
     
-    ok dtucker@
+    OpenBSD-Commit-ID: c5a42166c5aa002197217421a971e48be7cb5d41
 
-commit a8265bd64c14881fc7f4fa592f46dfc66b911f17
+commit 39be3dc209f28f9c1ebfeba42adde8963b01e1cd
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed May 6 20:58:01 2020 +0000
+Date:   Wed Jan 27 10:05:28 2021 +0000
 
-    upstream: openssh-8.3; ok deraadt@
+    upstream: make ssh->kex->session_id a sshbuf instead of u_char*/size_t
     
-    OpenBSD-Commit-ID: c8831ec88b9c750f5816aed9051031fb535d22c1
+    and use that instead of global variables containing copies of it. feedback/ok
+    markus@
+    
+    OpenBSD-Commit-ID: a4b1b1ca4afd2e37cb9f64f737b30a6a7f96af68
 
-commit 955854cafca88e0cdcd3d09ca1ad4ada465364a1
+commit 4ca6a1fac328477c642329676d6469dba59019a3
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed May 6 20:57:38 2020 +0000
+Date:   Wed Jan 27 09:26:53 2021 +0000
 
-    upstream: another case where a utimes() failure could make scp send
+    upstream: remove global variable used to stash compat flags and use the
     
-    a desynchronising error; reminded by Aymeric Vincent ok deraadt markus
+    purpose-built ssh->compat variable instead; feedback/ok markus@
     
-    OpenBSD-Commit-ID: 2ea611d34d8ff6d703a7a8bf858aa5dbfbfa7381
+    OpenBSD-Commit-ID: 7c4f200e112dae6bcf99f5bae1a5629288378a06
 
-commit 59d531553fd90196946743da391f3a27cf472f4e
+commit bba229b6f3328171f5e3ae85de443002523c0452
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Thu May 7 15:34:12 2020 +1000
+Date:   Wed Jan 27 12:34:07 2021 +1100
 
-    Check if -D_REENTRANT is needed for localtime_r.
+    Install moduli file before tests.
     
-    On at least HP-UX 11.11, the localtime_r declararation is behind
-    ifdef _REENTRANT.  Check for and add if needed.
+    Reduces warnings during test runs.
 
-commit c13403e55de8cdbb9da628ed95017b1d4c0f205f
+commit 1b83185593a90a73860a503d753a95ca6d726c00
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Tue May 5 11:32:43 2020 +1000
+Date:   Wed Jan 27 11:58:26 2021 +1100
 
-    Skip security key tests if ENABLE_SK not set.
+    Run one test with -Werror to catch warnings.
 
-commit 4da393f87cd52d788c84112ee3f2191c9bcaaf30
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri May 1 04:03:14 2020 +0000
+commit d1532d90074b212054d5fd965f833231b09982f5
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Wed Jan 27 00:37:26 2021 +0000
 
-    upstream: sure enough, some of the test data that we though were in
-    
-    new format were actually in the old format; fix from Michael Forney
+    upstream: Logical not bitwise or. ok djm@
     
-    OpenBSD-Regress-ID: a41a5c43a61b0f0b1691994dbf16dfb88e8af933
+    OpenBSD-Commit-ID: d4dc855cf04951b93c45caa383e1ac9af0a3b0e5
 
-commit 15bfafc1db4c8792265ada9623a96f387990f732
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri May 1 04:00:29 2020 +0000
+commit 507b448a2465a53ab03a88acbc71cc51b48ca6ac
+Author: naddy@openbsd.org <naddy@openbsd.org>
+Date:   Tue Jan 26 15:40:17 2021 +0000
 
-    upstream: make mktestdata.sh generate old/new format keys that we
+    upstream: move HostbasedAcceptedAlgorithms to the right place in
     
-    expect. This script was written before OpenSSH switched to new-format private
-    keys by default and was never updated to the change (until now) From Michael
-    Forney
+    alphabetical order
     
-    OpenBSD-Regress-ID: 38cf354715c96852e5b71c2393fb6e7ad28b7ca7
+    OpenBSD-Commit-ID: d766820d33dd874d944c14b0638239adb522c7ec
 
-commit 7882d2eda6ad3eb82220a85294de545d20ef82db
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri May 1 03:58:02 2020 +0000
+commit e26c980778b228bdd42b8353cc70101cf49b731b
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Tue Jan 26 11:25:01 2021 +0000
 
-    upstream: portability fix for sed that always emil a newline even
+    upstream: Remove unused variables leftover from refactoring. ok
     
-    if the input does not contain one; from Michael Forney
+    djm@
     
-    OpenBSD-Regress-ID: 9190c3ddf0d2562ccc02c4a95fce0e392196bfc7
+    OpenBSD-Commit-ID: 8b3ad58bff828fcf874e54b2fc27a4cf1d9505e8
 
-commit 8074f9499e454df0acdacea33598858a1453a357
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri May 1 03:36:25 2020 +0000
+commit e9f78d6b06fc323bba1890b2dc3b8423138fb35c
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Tue Jan 26 05:32:21 2021 +0000
 
-    upstream: remove obsolete RSA1 test keys; spotted by Michael Forney
+    upstream: Rename HostbasedKeyTypes (ssh) and
     
-    OpenBSD-Regress-ID: 6384ba889594e217d166908ed8253718ab0866da
-
-commit c697e46c314aa94574af0d393d80f23e0ebc9748
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Sat May 2 18:34:47 2020 +1000
-
-    Update .depend.
+    HostbasedAcceptedKeyTypes (sshd) to HostbasedAcceptedAlgorithms, which more
+    accurately reflects its effect. This matches a previous change to
+    PubkeyAcceptedAlgorithms.  The previous names are retained as aliases.  ok
+    djm@
+    
+    OpenBSD-Commit-ID: 49451c382adc6e69d3fa0e0663eeef2daa4b199e
 
-commit 83657eac42941f270c4b02b2c46d9a21f616ef99
+commit 48d0d7a4dd31154c4208ec39029d60646192f978
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Sat May 2 18:29:40 2020 +1000
+Date:   Tue Jan 26 14:48:07 2021 +1100
 
-    Remove use of tail for 'make depend'.
+    Disable sntrup761 if compiler doesn't support VLAs.
     
-    Not every tail supports +N and we can do with out it so just remove it.
-    Prompted by mforney at mforney.org.
+    The sntrup761 code sourced from supercop uses variable length
+    arrays.  Although widely supported, they are not part of the ANSI
+    C89 spec so if the compiler does not support VLAs, disable the
+    sntrup761x25519-sha512@openssh.com KEX method by replacing the kex
+    functions with no-op ones similar to what we do in kexecdh.c.
+    
+    This should allow OpenSSH to build with a plain C89 compiler again.
+    Spotted by tim@, ok djm@.
 
-commit d25d630d24c5a1c64d4e646510e79dc22d6d7b88
+commit 37c70ea8d4f3664a88141bcdf0bf7a16bd5fd1ac
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sat May 2 07:19:43 2020 +0000
+Date:   Tue Jan 26 00:54:49 2021 +0000
 
-    upstream: we have a sshkey_save_public() function to save public keys;
+    upstream: refactor key constraint parsing in ssh-agent
     
-    use it and save a bunch of redundant code.
+    Key constraints parsing code previously existed in both the "add regular
+    key" and "add smartcard key" path. This unifies them but also introduces
+    more consistency checking: duplicated constraints and constraints that
+    are nonsensical for a particular situation (e.g. FIDO provider for a
+    smartcard key) are now banned.
     
-    Patch from loic AT venez.fr; ok markus@ djm@
+    ok markus@
     
-    OpenBSD-Commit-ID: f93e030a0ebcd0fd9054ab30db501ec63454ea5f
+    OpenBSD-Commit-ID: 511cb1b1c021ee1d51a4c2d649b937445de7983c
 
-commit e9dc9863723e111ae05e353d69df857f0169544a
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri May 1 18:32:25 2020 +1000
+commit e0e8bee8024fa9e31974244d14f03d799e5c0775
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Jan 26 00:53:31 2021 +0000
 
-    Use LONG_LONG_MAX and friends if available.
+    upstream: more ssh-agent refactoring
     
-    If we don't have LLONG_{MIN,MAX} but do have LONG_LONG_{MIN,MAX}
-    then use those instead.  We do calculate these values in configure,
-    but it turns out that at least one compiler (old HP ANSI C) can't
-    parse "-9223372036854775808LL" without mangling it. (It can parse
-    "-9223372036854775807LL" which is presumably why its limits.h defines
-    LONG_LONG_MIN as the latter minus 1.)
+    Allow confirm_key() to accept an additional reason suffix
     
-    Fixes rekey test when compiled with the aforementioned compiler.
+    Factor publickey userauth parsing out into its own function and allow
+    it to optionally return things it parsed out of the message to its
+    caller.
+    
+    feedback/ok markus@
+    
+    OpenBSD-Commit-ID: 29006515617d1aa2d8b85cd2bf667e849146477e
 
-commit aad87b88fc2536b1ea023213729aaf4eaabe1894
+commit dfe18a295542c169ffde8533b3d7fe42088e2de7
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri May 1 06:31:42 2020 +0000
+Date:   Tue Jan 26 00:51:30 2021 +0000
 
-    upstream: when receving a file in sink(), be careful to send at
+    upstream: make struct hostkeys public; I have no idea why I made it
     
-    most a single error response after the file has been opened. Otherwise the
-    source() and sink() can become desyncronised. Reported by Daniel Goujot,
-    Georges-Axel Jaloyan, Ryan Lahfa, and David Naccache.
+    opaque originally.
     
-    ok deraadt@ markus@
+    ok markus@
     
-    OpenBSD-Commit-ID: 6c14d233c97349cb811a8f7921ded3ae7d9e0035
+    OpenBSD-Commit-ID: e50780b34d4bbe628d69b2405b024dd749d982f3
 
-commit 31909696c4620c431dd55f6cd15db65c4e9b98da
+commit 3b44f2513cae89c920e8fe927b9bc910a1c8c65a
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri May 1 06:28:52 2020 +0000
+Date:   Tue Jan 26 00:49:30 2021 +0000
 
-    upstream: expose vasnmprintf(); ok (as part of other commit) markus
+    upstream: move check_host_cert() from sshconnect,c to sshkey.c and
     
-    deraadt
+    refactor it to make it more generally usable and testable.
     
-    OpenBSD-Commit-ID: 2e80cea441c599631a870fd40307d2ade5a7f9b5
+    ok markus@
+    
+    OpenBSD-Commit-ID: 536f489f5ff38808c1fa711ba58d4579b636f9e4
 
-commit 99ce9cefbe532ae979744c6d956b49f4b02aff82
+commit 1fe16fd61bb53944ec510882acc0491abd66ff76
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri May 1 04:23:11 2020 +0000
+Date:   Tue Jan 26 00:47:47 2021 +0000
 
-    upstream: avoid NULL dereference when attempting to convert invalid
+    upstream: use recallocarray to allocate the agent sockets table;
     
-    ssh.com private keys using "ssh-keygen -i"; spotted by Michael Forney
+    also clear socket entries that are being marked as unused.
     
-    OpenBSD-Commit-ID: 2e56e6d26973967d11d13f56ea67145f435bf298
+    spinkle in some debug2() spam to make it easier to watch an agent
+    do its thing.
+    
+    ok markus
+    
+    OpenBSD-Commit-ID: 74582c8e82e96afea46f6c7b6813a429cbc75922
 
-commit 6c6072ba8b079e6f5caa38b011a6f4570c14ed38
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri May 1 15:09:26 2020 +1000
+commit cb7b22ea20a01332c81c0ddcb3555ad50de9cce2
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Jan 26 00:46:17 2021 +0000
 
-    See if SA_RESTART signals will interrupt select().
+    upstream: factor out common code in the agent client
     
-    On some platforms (at least older HP-UXes such as 11.11, possibly others)
-    setting SA_RESTART on signal handers will cause it to not interrupt
-    select(), at least for calls that do not specify a timeout.  Try to
-    detect this and if found, don't use SA_RESTART.
+    Add a ssh_request_reply_decode() function that sends a message to
+    the agent, reads and parses a success/failure reply.
+    Use it for all requests that only expect success/failure
     
-    POSIX says "If SA_RESTART has been set for the interrupting signal, it
-    is implementation-dependent whether select() restarts or returns with
-    [EINTR]" so this behaviour is within spec.
+    ok markus@
+    
+    OpenBSD-Commit-ID: e0c1f4d5e6cfa525d62581e2b8de93be0cb85adb
 
-commit 90a0b434ed41f9c505662dba8782591818599cb3
-Author: Damien Miller <djm@mindrot.org>
-Date:   Fri May 1 13:55:03 2020 +1000
+commit d1e578afe7cd48140ad6e92a453f9b035363fd7f
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Jan 25 06:00:17 2021 +0000
 
-    fix reversed test
+    upstream: make ssh hostbased authentication send the signature
+    
+    algorithm in its SSH2_MSG_USERAUTH_REQUEST packets instead of the key type.
+    This make HostbasedAcceptedAlgorithms do what it is supposed to - filter on
+    signature algorithm and not key type.
+    
+    spotted with dtucker@ ok markus@
+    
+    OpenBSD-Commit-ID: 25bffe19f0326972f5728170f7da81d5f45c78c6
 
-commit c0dfd18dd1c2107c73d18f70cd164f7ebd434b08
-Author: Damien Miller <djm@mindrot.org>
-Date:   Fri May 1 13:29:16 2020 +1000
+commit 95eca1e195a3b41baa1a725c2c5af8a09d885e4b
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Sat Jan 23 18:26:05 2021 +1100
 
-    wrap sha2.h inclusion in #ifdef HAVE_SHA2_H
+    ifdef new instance of sin6_scope_id
+    
+    Put inside HAVE_STRUCT_SOCKADDR_IN6_SIN6_SCOPE_ID similar to
+    existing instance.  Should fix error on UnixWare 7.
 
-commit a01817a9f63dbcbbc6293aacc4019993a4cdc7e3
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Apr 28 04:59:29 2020 +0000
+commit 6ffdcdda128045226dda7fbb3956407978028a1e
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Mon Jan 18 11:43:34 2021 +0000
 
-    upstream: adapt dummy FIDO middleware to API change; ok markus@
+    upstream: Fix long->int for convtime tests here too. Spotted by
     
-    OpenBSD-Regress-ID: 8bb84ee500c2eaa5616044314dd0247709a1790f
+    tobhe@.
+    
+    OpenBSD-Regress-ID: a87094f5863312d00938afba771d25f788c849d0
 
-commit 261571ddf02ea38fdb5e4a97c69ee53f847ca5b7
-Author: jmc@openbsd.org <jmc@openbsd.org>
-Date:   Thu Apr 30 18:28:37 2020 +0000
+commit b55b7565f15327d82ad7acbddafa90b658c5f0af
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Jan 22 02:46:40 2021 +0000
 
-    upstream: tweak previous; ok markus
+    upstream: PubkeyAcceptedKeyTypes->PubkeyAcceptedAlgorithms
     
-    OpenBSD-Commit-ID: 41895450ce2294ec44a5713134491cc31f0c09fd
+    here too.
+    
+    OpenBSD-Commit-ID: 3b64a640f8ce8c21d9314da9df7ce2420eefde3a
 
-commit 5de21c82e1d806d3e401b5338371e354b2e0a66f
-Author: markus@openbsd.org <markus@openbsd.org>
-Date:   Thu Apr 30 17:12:20 2020 +0000
+commit ee9c0da8035b3168e8e57c1dedc2d1b0daf00eec
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Jan 22 02:44:58 2021 +0000
 
-    upstream: bring back debug() removed in rev 1.74; noted by pradeep
+    upstream: Rename PubkeyAcceptedKeyTypes keyword to
     
-    kumar
+    PubkeyAcceptedAlgorithms. While the two were originally equivalent, this
+    actually specifies the signature algorithms that are accepted.  Some key
+    types (eg RSA) can be used by multiple algorithms (eg ssh-rsa, rsa-sha2-512)
+    so the old name is becoming increasingly misleading.  The old name is
+    retained as an alias. Prompted by bz#3253, help & ok djm@, man page help jmc@
     
-    OpenBSD-Commit-ID: 8d134d22ab25979078a3b48d058557d49c402e65
+    OpenBSD-Commit-ID: 0346b2f73f54c43d4e001089759d149bfe402ca5
 
-commit ea14103ce9a5e13492e805f7e9277516ff5a4273
-Author: markus@openbsd.org <markus@openbsd.org>
-Date:   Thu Apr 30 17:07:10 2020 +0000
+commit a8e798feabe36d02de292bcfd274712cae1d8d17
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Jan 15 02:58:11 2021 +0000
 
-    upstream: run the 2nd ssh with BatchMode for scp -3
+    upstream: Change types in convtime() unit test to int to match change
+    
+    its new type. Add tests for boundary conditions and fix convtime to work up
+    to INT_MAX. ok djm@
     
-    OpenBSD-Commit-ID: 77994fc8c7ca02d88e6d0d06d0f0fe842a935748
+    OpenBSD-Regress-ID: ba2b81e9a3257fff204b020affe85b604a44f97e
 
-commit 59d2de956ed29aa5565ed5e5947a7abdb27ac013
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Apr 28 04:02:29 2020 +0000
+commit 9bde1a420626da5007bf7ab499fa2159b9eddf72
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Jan 15 04:31:25 2021 +0000
 
-    upstream: when signing a challenge using a FIDO toke, perform the
+    upstream: Make output buffer larger to prevent potential truncation
     
-    hashing in the middleware layer rather than in ssh code. This allows
-    middlewares that call APIs that perform the hashing implicitly (including
-    Microsoft's AFAIK). ok markus@
+    warnings from compilers not smart enough to know the strftime calls won't
+    ever fully fill "to" and "from".  ok djm@
     
-    OpenBSD-Commit-ID: c9fc8630aba26c75d5016884932f08a5a237f37d
+    OpenBSD-Commit-ID: 83733f1b01b82da88b9dd1769475952aff10bdd7
 
-commit c9d10dbc0ccfb1c7568bbb784f7aeb7a0b5ded12
+commit 02da325f10b214219eae2bb1bc2d3bf0c2f13f9f
 Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Sun Apr 26 09:38:14 2020 +0000
+Date:   Fri Jan 15 02:58:11 2021 +0000
 
-    upstream: Fix comment typo. Patch from mforney at mforney.org.
+    upstream: Change types in convtime() unit test to int to match
     
-    OpenBSD-Commit-ID: 3565f056003707a5e678e60e03f7a3efd0464a2b
+    change its new type. Add tests for boundary conditions and fix convtime to
+    work up to INT_MAX. ok djm@
+    
+    OpenBSD-Commit-ID: 01dc0475f1484ac2f47facdfcf9221f9472145de
 
-commit 4d2c87b4d1bde019cdd0f00552fcf97dd8b39940
+commit 5339ab369c225b40bc64d5ec3374f5c91b3ad609
 Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Sat Apr 25 06:59:36 2020 +0000
+Date:   Fri Jan 15 02:32:41 2021 +0000
 
-    upstream: We've standardized on memset over bzero, replace a couple
+    upstream: In waitfd(), when poll returns early we are subtracting
     
-    that had slipped in.  ok deraadt markus djm.
+    the elapsed time from the timeout each loop, so we only want to measure the
+    elapsed time the poll() in that loop, not since the start of the function.
+    Spotted by chris.xj.zhu at gmail.com, ok djm@
     
-    OpenBSD-Commit-ID: f5be055554ee93e6cc66b0053b590bef3728dbd6
+    OpenBSD-Commit-ID: 199df060978ee9aa89b8041a3dfaf1bf7ae8dd7a
 
-commit 7f23f42123d64272a7b00754afa6b0841d676691
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri May 1 12:21:58 2020 +1000
+commit a164862dfa863b54b7897f66e1dd75437f086c11
+Author: rob@openbsd.org <rob@openbsd.org>
+Date:   Thu Jan 14 19:45:06 2021 +0000
 
-    Include sys/byteorder.h for htons and friends.
+    upstream: Minor grammatical correction.
     
-    These are usually in netinet/in.h but on HP-UX they are not defined if
-    _XOPEN_SOURCE_EXTENDED is set.  Only needed for netcat in the regression
-    tests.
+    OK jmc@
+    
+    OpenBSD-Commit-ID: de0fad0581e212b2750751e479b79c18ff8cac02
 
-commit d27cba58c972d101a5de976777e518f34ac779cb
+commit 8635e7df7e3a3fbb4a4f6cd5a7202883b2506087
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri May 1 09:21:52 2020 +1000
+Date:   Wed Jan 13 18:00:57 2021 +1100
 
-    Fix conditional for openssl-based chacha20.
-    
-    Fixes warnings or link errors when building against older OpenSSLs.
-    ok djm
+    Merge Mac OS X targets into a single config.
 
-commit 20819b962dc1467cd6fad5486a7020c850efdbee
+commit ac112ade990585c511048ed4edaf2d9fc92b61f0
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Apr 24 15:07:55 2020 +1000
+Date:   Tue Jan 12 19:22:47 2021 +1100
 
-    Error out if given RDomain if unsupported.
+    Add Mac OS X test targets.
+
+commit 1050109b4b2884bf50fd1b3aa084c7fd0a42ae90
+Author: anatasluo <luolongjuna@gmail.com>
+Date:   Mon Jan 11 13:51:39 2021 +0000
+
+    Remove duplicated declaration in fatal.c .
+
+commit 7d0f8a3369579dfe398536eb4e3da7bc15da9599
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Mon Jan 11 04:48:22 2021 +0000
+
+    upstream: Correct spelling of persourcenetblocksize in config-dump
     
-    If the config contained 'RDomain %D' on a platform that did not support
-    it, the error would not be detected until runtime resulting in a broken
-    sshd.  Detect this earlier and error out if found.  bz#3126, based on a
-    patch from jjelen at redhat.com, tweaks and ok djm@
+    mode.
+    
+    OpenBSD-Commit-ID: ecdc49e2b6bde6b6b0e52163d621831f6ac7b13d
 
-commit 2c1690115a585c624eed2435075a93a463a894e2
+commit ba328bd7a6774f30daaf90b83f1933cc4afc866c
 Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Apr 24 03:33:21 2020 +0000
+Date:   Sat Jan 9 12:31:46 2021 +0000
 
-    upstream: Fix incorrect error message for "too many known hosts files."
+    upstream: Adjust kexfuzz to addr.c/addrmatch.c split.
     
-    bz#3149, patch from jjelen at redhat.com.
+    OpenBSD-Regress-ID: 1d8d23bb548078020be2fb52c4c643efb190f0eb
+
+commit b08ef25552443e94c0857d5e3806dd019ccc55d7
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Sat Jan 9 12:24:30 2021 +0000
+
+    upstream: Update unittests for addr.c/addrmatch.c split.
     
-    OpenBSD-Commit-ID: e0fcb07ed5cf7fd54ce340471a747c24454235e5
+    OpenBSD-Regress-ID: de2b415fb7af084a91c6ef147a90482d8f771eef
 
-commit 3beb7276e7a8aedd3d4a49f9c03b97f643448c92
+commit 6d30673fedec2d251f4962c526fd0451f70c4d97
 Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Apr 24 02:19:40 2020 +0000
+Date:   Mon Jan 11 02:12:57 2021 +0000
 
-    upstream: Remove leave_non_blocking() which is now dead code
+    upstream: Change convtime() from returning long to returning int.
     
-    because nothing sets in_non_blocking_mode any more. Patch from
-    michaael.meeks at collabora.com, ok djm@
+    On platforms where sizeof(int) != sizeof(long), convtime could accept values
+    >MAX_INT which subsequently truncate when stored in an int during config
+    parsing.  bz#3250, ok djm@
     
-    OpenBSD-Commit-ID: c403cefe97a5a99eca816e19cc849cdf926bd09c
+    OpenBSD-Commit-ID: 8fc932683d6b4660d52f50911d62bd6639c5db31
 
-commit 8654e3561772f0656e7663a0bd6a1a8cb6d43300
+commit 7a57adb8b07b2ad0aead4b2e09ee18edc04d0481
 Author: jmc@openbsd.org <jmc@openbsd.org>
-Date:   Thu Apr 23 21:28:09 2020 +0000
+Date:   Sat Jan 9 12:51:12 2021 +0000
 
-    upstream: ce examples of "Ar arg Ar arg" with "Ar arg arg" and
-    
-    stop the spread;
+    upstream: add a comma to previous;
     
-    OpenBSD-Commit-ID: af0e952ea0f5e2019c2ce953ed1796eca47f0705
+    OpenBSD-Commit-ID: 9139433701c0aa86a0d3a6c7afe10d1c9c2e0869
 
-commit 67697e4a8246dd8423e44b8785f3ee31fee72d07
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Apr 24 11:10:18 2020 +1000
+commit 3a923129534b007c2e24176a8655dec74eca9c46
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Sat Jan 9 12:10:02 2021 +0000
 
-    Update .depend.
+    upstream: Add PerSourceMaxStartups and PerSourceNetBlockSize
+    
+    options which provide more fine grained MaxStartups limits.  Man page help
+    jmc@, feedback & ok djm@
+    
+    OpenBSD-Commit-ID: e2f68664e3d02c0895b35aa751c48a2af622047b
 
-commit d6cc76176216fe3fac16cd20d148d75cb9c50876
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Wed Apr 22 14:07:00 2020 +1000
+commit d9a2bc71693ea27461a78110005d5a2d8b0c6a50
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Sat Jan 9 11:58:50 2021 +0000
 
-    Mailing list is now closed to non-subscribers.
+    upstream: Move address handling functions out into their own file
     
-    While there, add a reference to the bugzilla.  ok djm@
+    in order to reuse them for per-source maxstartups limiting.  Supplement with
+    some additional functions from djm's flowtools that we'll also need.  ok djm@
+    (as part of a larger diff).
+    
+    OpenBSD-Commit-ID: e3e7d9ccc6c9b82e25cfef0ec83598e8e2327cbf
 
-commit cecde6a41689d0ae585ec903b190755613a6de79
+commit b744914fcb76d70761f1b667de95841b3fc80a56
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Wed Apr 22 12:09:40 2020 +1000
+Date:   Sat Jan 9 00:36:05 2021 +1100
 
-    Put the values from env vars back.
+    Add test against Graphene hardened malloc.
+
+commit 6cb52d5bf771f6769b630fce35a8e9b8e433044f
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Jan 8 04:49:13 2021 +0000
+
+    upstream: make CheckHostIP default to 'no'. It doesn't provide any
     
-    This merges the values from the recently removed environment into make's
-    command line arguments since we actually need those.
+    perceptible value and makes it much harder for hosts to change host keys,
+    particularly ones that use IP-based load-balancing.
+    
+    ok dtucker@
+    
+    OpenBSD-Commit-ID: 0db98413e82074f78c7d46784b1286d08aee78f0
 
-commit 300c4322b92e98d3346efa0aec1c094c94d0f964
+commit 309b642e1442961b5e57701f095bcd4acd2bfb5f
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Wed Apr 22 11:33:15 2020 +1000
+Date:   Fri Jan 8 15:50:41 2021 +1100
 
-    Pass configure's egrep through to test-exec.sh.
-    
-    Use it to create a wrapper function to call it from tests.  Fixes the
-    keygen-comment test on platforms with impoverished default egrep (eg
-    Solaris).
+    Run tests with sudo for better coverage.
 
-commit c8d9796cfe046f00eb8b2096d2b7028d6a523a84
+commit c336644351fa3c715a08b7a292e309e72792e71e
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Wed Apr 22 10:56:44 2020 +1000
+Date:   Fri Jan 8 14:26:32 2021 +1100
 
-    Remove unneeded env vars from t-exec invocation.
+    Add Ubuntu 16.04 and 20.04 test targets.
 
-commit 01d4cdcd4514e99a4b6eb9523cd832bbf008d1d7
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Tue Apr 21 23:14:58 2020 +0000
+commit 4c7af01f9dcc1606dec033e7665a042cb0d8ec52
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Jan 8 02:57:24 2021 +0000
 
-    upstream: Backslash '$' at then end of string. Prevents warning on
+    upstream: If a signature operation on a FIDO key fails with a
     
-    some shells.
+    "incorrect PIN" reason and no PIN was initially requested from the user, then
+    request a PIN and retry the operation.
     
-    OpenBSD-Regress-ID: 5dc27ab624c09d34078fd326b10e38c1ce9c741f
+    This smoothes over a few corner cases including FIDO devices that
+    require PINs for all hosted credentials, biometric FIDO devices that
+    fall back to requiring PIN when reading the biometric failed, devices
+    that don't implement reading credProtect status for downloaded keys
+    and probably a few more cases that I haven't though of yet.
+    
+    ok dtucker@
+    
+    OpenBSD-Commit-ID: 176db8518933d6a5bbf81a2e3cf62447158dc878
 
-commit 8854724ccefc1fa16f10b37eda2e759c98148caa
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Tue Apr 21 18:27:23 2020 +1000
+commit 64ddd0fe68c4a7acf99b78624f8af45e919cd317
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Jan 8 02:44:14 2021 +0000
 
-    Sync rev 1.49.
+    upstream: don't try to use timespeccmp(3) directly as a qsort(3)
     
-    Prevent infinite for loop since i went from ssize_t to size_t.  Patch from
-    eagleoflqj via OpenSSH github PR#178, ok djm@, feedback & ok millert@
+    comparison function - it returns 0/1 and not the -1/0/1 that qsort expectes.
+    
+    fixes sftp "ls -ltr" under some circumstances.
+    
+    Based on patch by Masahiro Matsuya via bz3248.
+    
+    OpenBSD-Commit-ID: 65b5e9f18bb0d10573868c3516de6e5170adb163
 
-commit d00d07b6744d3b4bb7aca46c734ecd670148da23
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Apr 20 04:44:47 2020 +0000
+commit 599df78f3008cf78af21f8977be3e1dd085f8e2e
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Jan 8 02:33:13 2021 +0000
 
-    upstream: regression test for printing of private key fingerprints and
+    upstream: Update the sntrup761 creation script and generated code:
     
-    key comments, mostly by loic AT venez.fr (slightly tweaked for portability)
-    ok dtucker@
+    - remove unneeded header files and typedefs and rely on crypto_api.h  - add
+    defines to map types used to the crypto_api ones instead of typedefs.  This
+     prevents typedef name collisions in -portable.  - remove CRYPTO_NAMESPACE
+    entirely instead of making it a no-op  - delete unused functions and make the
+    remaining ones that aren't exported static.
     
-    OpenBSD-Regress-ID: 8dc6c4feaf4fe58b6d634cd89afac9a13fd19004
+    ok djm@
+    
+    OpenBSD-Commit-ID: 7b9d0cf3acd5a3c1091da8afe00c904d38cf5783
 
-commit a98d5ba31e5e7e01317352f85fa63b846a960f8c
+commit 16448ff529affda7e2a15ee7c3200793abde0759
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Apr 20 04:43:57 2020 +0000
+Date:   Fri Jan 8 02:19:24 2021 +0000
 
-    upstream: fix a bug I introduced in r1.406: when printing private key
+    upstream: mention that DisableForwarding is valid in a sshd_config
     
-    fingerprint of old-format key, key comments were not being displayed. Spotted
-    by loic AT venez.fr, ok dtucker
+    Match block reported by Fredrik Eriksson in bz3239
     
-    OpenBSD-Commit-ID: 2d98e4f9eb168eea733d17e141e1ead9fe26e533
+    OpenBSD-Commit-ID: 3a71c3d84b597f5e43e4b40d5232797daf0993f6
 
-commit 32f2d0aad42c15e19bd3b07496076ca891573a58
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Apr 17 07:16:07 2020 +0000
+commit 91bac5e95b1b0debf9b2b4f05c20dcfa96b368b9
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Mon Jan 4 21:58:58 2021 +0000
 
-    upstream: repair private key fingerprint printing to also print
+    upstream: estructure sntrup761.sh to process all files in a single
     
-    comment after regression caused by my recent pubkey loading refactor.
-    Reported by loic AT venez.fr, ok dtucker@
+    list, which will make it easier to reorder.  Re-inline int32_MINMAX.  ok
+    tobhe@
     
-    OpenBSD-Commit-ID: f8db49acbee6a6ccb2a4259135693b3cceedb89e
+    OpenBSD-Commit-ID: d145c6c19b08bb93c9e14bfaa7af589d90f144c0
 
-commit 094dd513f4b42e6a3cebefd18d1837eb709b4d99
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Apr 17 07:15:11 2020 +0000
+commit 4d96a3ebab2224f17e639a15078e03be1ad3736d
+Author: tobhe@openbsd.org <tobhe@openbsd.org>
+Date:   Sun Jan 3 18:05:21 2021 +0000
 
-    upstream: refactor out some duplicate private key loading code;
+    upstream: Prevent redefinition of `crypto_int32' error with gcc3.
     
-    based on patch from loic AT venez.fr, ok dtucker@
+    Fixes compilation on luna88k.
     
-    OpenBSD-Commit-ID: 5eff2476b0d8d0614924c55e350fb7bb9c84f45e
+    Feedback millert@
+    Found by and ok aoyama@
+    
+    OpenBSD-Commit-ID: f305ddfe575a26cc53431af3fde3f4aeebed9ba6
 
-commit 4e04f46f248f1708e39b900b76c9693c820eff68
-Author: jmc@openbsd.org <jmc@openbsd.org>
-Date:   Fri Apr 17 06:12:41 2020 +0000
+commit a23954eeb930ccc8a66a2710153730769dba31b6
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Jan 1 22:00:49 2021 +1100
 
-    upstream: add space beteen macro arg and punctuation;
+    Undef int32 after sort routines.
     
-    OpenBSD-Commit-ID: c93a6cbb4bf9468fc4c13e64bc1fd4efee201a44
+    This prevents typedef'ing crypto_int32 twice, in sntrup761.c and
+    crypto_api.h, which some compilers (at least some GCCs) don't accept.
 
-commit 44ae009a0112081d0d541aeaa90088bedb6f21ce
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Apr 17 04:27:03 2020 +0000
+commit 148b8a661c3f93e4b6d049ee902de3d521261fbc
+Author: Damien Miller <djm@mindrot.org>
+Date:   Thu Dec 31 12:47:22 2020 +1100
 
-    upstream: auth2-pubkey r1.89 changed the order of operations to
+    fix: missing pieces of previous commit
+
+commit 3d999be7b987c848feda718cfcfcdc005ddf670d
+Author: tobhe@openbsd.org <tobhe@openbsd.org>
+Date:   Wed Dec 30 14:13:28 2020 +0000
+
+    upstream: Use int64_t for intermediate values in int32_MINMAX to
     
-    checking AuthorizedKeysFile first and falling back to AuthorizedKeysCommand
-    if no key was found in a file. Document this order here; bz3134
+    prevent signed 32-bit integer overflow.
     
-    OpenBSD-Commit-ID: afce0872cbfcfc1d4910ad7722e50f792a1dce12
+    Found by and ok djm@
+    ok markus@
+    
+    OpenBSD-Commit-ID: 4f0704768e34cf45fdd792bac4011c6971881bb3
 
-commit f96f17f920f38ceea6f3c5cb0b075c46b8929fdc
+commit 5c1953bf98732da5a76c706714ac066dbfa015ac
 Author: Damien Miller <djm@mindrot.org>
-Date:   Fri Apr 17 14:07:15 2020 +1000
+Date:   Tue Dec 29 12:40:54 2020 +1100
 
-    sys/sysctl.h is only used on OpenBSD
-    
-    so change the preprocessor test used to include it to check
-    __OpenBSD__, matching the code that uses the symbols it declares.
+    adapt KEX fuzzer to PQ kex change
 
-commit 54688e937a69c7aebef8a3d50cbd4c6345bab2ca
+commit 659864fe81dbc57eeed3769c462679d83e026640
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Apr 17 03:38:47 2020 +0000
+Date:   Tue Dec 29 01:02:15 2020 +0000
 
-    upstream: fix reversed test that caused IdentitiesOnly=yes to not
+    upstream: Adapt to replacement of
     
-    apply to keys loaded from a PKCS11Provider; bz3141, ok dtucker@
+    sntrup4591761x25519-sha512@tinyssh.org with
+    sntrup761x25519-sha512@openssh.com.
     
-    OpenBSD-Commit-ID: e3dd6424b94685671fe84c9b9dbe352fb659f677
+    Also test sntrup761x25519-sha512@openssh.com in unittests/kex
+    
+    OpenBSD-Regress-ID: cfa3506b2b077a9cac1877fb521efd2641b6030c
 
-commit 267cbc87b5b6e78973ac4d3c7a6f807ed226928c
+commit 2c71cec020219d69df84055c59eba5799a1233ec
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Apr 17 03:34:42 2020 +0000
+Date:   Tue Dec 29 00:59:15 2020 +0000
 
-    upstream: mention that /etc/hosts.equiv and /etc/shosts.equiv are
+    upstream: Update/replace the experimental post-quantim hybrid key
     
-    not considered for HostbasedAuthentication when the target user is root;
-    bz3148
+    exchange method based on Streamlined NTRU Prime (coupled with X25519).
     
-    OpenBSD-Commit-ID: fe4c1256929e53f23af17068fbef47852f4bd752
-
-commit c90f72d29e84b4a2709078bf5546a72c29a65177
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Apr 17 03:30:05 2020 +0000
-
-    upstream: make IgnoreRhosts a tri-state option: "yes" ignore
+    The previous sntrup4591761x25519-sha512@tinyssh.org method is
+    replaced with sntrup761x25519-sha512@openssh.com. Per the authors,
+    sntrup4591761 was replaced almost two years ago by sntrup761.
     
-    rhosts/shosts, "no" allow rhosts/shosts or (new) "shosts-only" to allow
-    .shosts files but not .rhosts. ok dtucker@
+    The sntrup761 implementaion, like sntrup4591761 before it, is public
+    domain code extracted from the SUPERCOP cryptography benchmark
+    suite (https://bench.cr.yp.to/supercop.html).
     
-    OpenBSD-Commit-ID: d08d6930ed06377a80cf53923c1955e9589342e9
-
-commit 321c7147079270f3a154f91b59e66219aac3d514
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Apr 17 03:23:13 2020 +0000
-
-    upstream: allow the IgnoreRhosts directive to appear anywhere in a
+    Thanks for Daniel J Bernstein for guidance on algorithm selection.
+    Patch from Tobias Heider; feedback & ok markus@ and myself
     
-    sshd_config, not just before any Match blocks; bz3148, ok dtucker@
+    (note this both the updated method and the one that it replaced are
+    disabled by default)
     
-    OpenBSD-Commit-ID: e042467d703bce640b1f42c5d1a62bf3825736e8
+    OpenBSD-Commit-ID: 2bf582b772d81ee24e911bb6f4b2aecfd39338ae
 
-commit ca5403b085a735055ec7b7cdcd5b91f2662df94c
+commit 09d070ccc3574ae0d7947d212ed53c7268ef7e1f
 Author: jmc@openbsd.org <jmc@openbsd.org>
-Date:   Sat Apr 11 20:20:09 2020 +0000
+Date:   Tue Dec 22 07:40:26 2020 +0000
 
-    upstream: add space between macro arg and punctuation;
+    upstream: tweak the description of KnownHostsCommand in ssh_conf.5,
     
-    OpenBSD-Commit-ID: e579e4d95eef13059c30931ea1f09ed8296b819c
+    and add entries for it to the -O list in scp.1 and sftp.1;
+    
+    ok djm
+    
+    OpenBSD-Commit-ID: aba31ebea03f38f8d218857f7ce16a500c3e4aff
 
-commit 8af0244d7b4a65eed2e62f9c89141c7c8e63f09d
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Wed Apr 15 10:58:02 2020 +1000
+commit 931c93389a80e32272712459b1102d303844453d
+Author: Damien Miller <djm@mindrot.org>
+Date:   Tue Dec 22 19:43:55 2020 +1100
 
-    Add sys/syscall.h for syscall numbers.
-    
-    In some architecture/libc configurations we need to explicitly include
-    sys/syscall.h for the syscall number (__NR_xxx) definitions.  bz#3085,
-    patch from blowfist at xroutine.net.
+    whitespace at EOL
 
-commit 3779b50ee952078018a5d9e1df20977f4355df17
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sat Apr 11 10:16:11 2020 +0000
+commit 397b1c4d393f97427283a4717e9015a2bd31b8a5
+Author: Damien Miller <djm@mindrot.org>
+Date:   Tue Dec 22 19:42:37 2020 +1100
 
-    upstream: Refactor private key parsing. Eliminates a fair bit of
-    
-    duplicated code and fixes oss-fuzz#20074 (NULL deref) caused by a missing key
-    type check in the ECDSA_CERT parsing path.
-    
-    feedback and ok markus@
-    
-    OpenBSD-Commit-ID: 4711981d88afb7196d228f7baad9be1d3b20f9c9
+    whitespace at EOL
 
-commit b6a4013647db67ec622c144a9e05dd768f1966b3
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Apr 10 00:54:03 2020 +0000
+commit 33fa3ac547e5349ca34681cce6727b2f933dff0a
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Tue Dec 22 19:21:26 2020 +1100
 
-    upstream: Add tests for TOKEN expansion of LocalForward and
-    
-    RemoteForward.
-    
-    OpenBSD-Regress-ID: 90fcbc60d510eb114a2b6eaf4a06ff87ecd80a89
+    Improve AIX text.
 
-commit abc3e0a5179c13c0469a1b11fe17d832abc39999
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Mon Apr 6 09:43:55 2020 +0000
+commit 0f2e21c9dca89598b694932b5b05848380a23ec0
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Tue Dec 22 18:56:54 2020 +1100
 
-    upstream: Add utf8.c for asmprintf used by krl.c
+    Include stdio.h for FILE in misc.h.
     
-    OpenBSD-Regress-ID: 433708d11165afdb189fe635151d21659dd37a37
+    Fixes build on at least OpenBSD.
 
-commit 990687a0336098566c3a854d23cce74a31ec6fe2
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Apr 10 00:52:07 2020 +0000
+commit 3e9811e57b57ee66b0f70d99d7258da3153b0e8a
+Author: Damien Miller <djm@mindrot.org>
+Date:   Tue Dec 22 18:31:50 2020 +1100
 
-    upstream: Add TOKEN percent expansion to LocalFoward and RemoteForward
-    
-    when used for Unix domain socket forwarding.  Factor out the code for the
-    config keywords that use the most common subset of TOKENS into its own
-    function. bz#3014, ok jmc@ (man page bits) djm@
-    
-    OpenBSD-Commit-ID: bffc9f7e7b5cf420309a057408bef55171fd0b97
+    ensure $LOGNAME is set in tests
 
-commit 2b13d3934d5803703c04803ca3a93078ecb5b715
+commit 3eb647cbb34d87a063aa7714256c6e56103fffda
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Apr 8 00:10:37 2020 +0000
+Date:   Tue Dec 22 06:47:24 2020 +0000
 
-    upstream: let sshkey_try_load_public() load public keys from the
-    
-    unencrypted envelope of private key files if not sidecar public key file is
-    present.
-    
-    ok markus@
+    upstream: more detail for failing tests
     
-    OpenBSD-Commit-ID: 252a0a580e10b9a6311632530d63b5ac76592040
+    OpenBSD-Regress-ID: c68c0e5a521cad7e7f68e54c54ebf86d6c10ee1d
 
-commit d01f39304eaab0352793b490a25e1ab5f59a5366
+commit 2873f19570d4d8758be24dbf78332be9a779009b
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Apr 8 00:09:24 2020 +0000
+Date:   Tue Dec 22 06:03:36 2020 +0000
 
-    upstream: simplify sshkey_try_load_public()
+    upstream: regress test for KnownHostsCommand
     
-    ok markus@
+    OpenBSD-Regress-ID: ffc77464320b6dabdcfa0a72e0df02659233a38a
+
+commit 0121aa87bab9ad2365de2d07f2832b56d5ff9871
+Author: tb@openbsd.org <tb@openbsd.org>
+Date:   Tue Dec 22 03:05:31 2020 +0000
+
+    upstream: Remove lines accidentally left behind in the ProxyJump
     
-    OpenBSD-Commit-ID: 05a5d46562aafcd70736c792208b1856064f40ad
+    parsing fix r1.345.
+    
+    ok djm
+    
+    OpenBSD-Commit-ID: fe767c108c8117bea33767b080ff62eef2c55f5c
 
-commit f290ab0833e44355fc006e4e67b92446c14673ef
+commit da4bf0db942b5f0278f33238b86235e5813d7a5a
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Apr 8 00:08:46 2020 +0000
+Date:   Tue Dec 22 00:15:22 2020 +0000
 
-    upstream: add sshkey_parse_pubkey_from_private_fileblob_type()
+    upstream: add a ssh_config KnownHostsCommand that allows the client
     
-    Extracts a public key from the unencrypted envelope of a new-style
-    OpenSSH private key.
+    to obtain known_hosts data from a command in addition to the usual files.
+    
+    The command accepts bunch of %-expansions, including details of the
+    connection and the offered server host key. Note that the command may
+    be invoked up to three times per connection (see the manpage for
+    details).
     
     ok markus@
     
-    OpenBSD-Commit-ID: 44d7ab446e5e8c686aee96d5897b26b3939939aa
+    OpenBSD-Commit-ID: 2433cff4fb323918ae968da6ff38feb99b4d33d0
 
-commit 8d514eea4ae089626a55e11c7bc1745c8d9683e4
+commit a34e14a5a0071de2036826a00197ce38c8b4ba8b
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Apr 8 00:07:19 2020 +0000
+Date:   Tue Dec 22 00:12:22 2020 +0000
 
-    upstream: simplify sshkey_parse_private_fileblob_type()
+    upstream: move subprocess() from auth.c to misc.c
+    
+    make privilege dropping optional but allow it via callbacks (to avoid
+    need to link uidswap.c everywhere)
     
-    Try new format parser for all key types first, fall back to PEM
-    parser only for invalid format errors.
+    add some other flags (keep environment, disable strict path safety check)
+    that make this more useful for client-side use.
     
-    ok markus@
+    feedback & ok markus@
     
-    OpenBSD-Commit-ID: 0173bbb3a5cface77b0679d4dca0e15eb5600b77
+    OpenBSD-Commit-ID: a80ea9fdcc156f1a18e9c166122c759fae1637bf
 
-commit 421169d0e758351b105eabfcebf42378ebf17217
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Apr 8 00:05:59 2020 +0000
+commit 649205fe388b56acb3481a1b2461f6b5b7c6efa6
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Mon Dec 21 22:48:41 2020 +0000
 
-    upstream: check private key type against requested key type in
+    upstream: Remove explicit rijndael-cbc@lysator.liu.se test since the
     
-    new-style private decoding; ok markus@
+    cipher was removed.
     
-    OpenBSD-Commit-ID: 04d44b3a34ce12ce5187fb6f6e441a88c8c51662
+    OpenBSD-Regress-ID: aa93cddb4ecd9bc21446a79008a1a53050e64f17
 
-commit 6aabfb6d22b36d07f584cba97f4cdc4363a829da
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Apr 8 00:04:32 2020 +0000
+commit 03e93c753d7c223063ad8acaf9a30aa511e5f931
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Mon Dec 21 11:09:32 2020 +0000
 
-    upstream: check that pubkey in private key envelope matches actual
-    
-    private key
+    upstream: Remove the pre-standardization cipher
     
-    (this public key is currently unusued)
+    rijndael-cbc@lysator.liu.se. It is an alias for aes256-cbc which was
+    standardized in RFC4253 (2006), has been deprecated and disabled by default
+    since OpenSSH 7.2 (2016) and was only briefly documented in ssh.1 in 2001.
     
-    ok markus@
+    This will reduce the amount of work the cipher/kex regression tests need
+    to do by a little bit.  ok markus@ djm@
     
-    OpenBSD-Commit-ID: 634a60b5e135d75f48249ccdf042f3555112049c
+    OpenBSD-Commit-ID: fb460acc18290a998fd70910b19c29b4e4f199ad
 
-commit c0f5b2294796451001fd328c44f0d00f1114eddf
+commit a11ca015879eab941add8c6bdaaec7d41107c6f5
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Apr 8 00:01:52 2020 +0000
+Date:   Mon Dec 21 09:19:53 2020 +0000
 
-    upstream: refactor private key parsing a little
+    upstream: properly fix ProxyJump parsing; Thanks to tb@ for
     
-    Split out the base64 decoding and private section decryption steps in
-    to separate functions. This will make the decryption step easier to fuzz
-    as well as making it easier to write a "load public key from new-format
-    private key" function.
+    pointing out my error (parse_ssh_uri() can return -1/0/1, that I missed).
+    Reported by Raf Czlonka via bugs@
     
-    ok markus@
+    ok tb@
     
-    OpenBSD-Commit-ID: 7de31d80fb9062aa01901ddf040c286b64ff904e
+    OpenBSD-Commit-ID: a2991a3794bcaf1ca2b025212cce11cdb5f6b7d6
 
-commit 8461a5b3db34ed0b5a4a18d82f64fd5ac8693ea8
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Mon Apr 6 20:54:34 2020 +1000
+commit d97fb879724f1670bf55d9adfea7278a93c33ae2
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Dec 21 01:31:06 2020 +0000
 
-    Include openssl-compat.h before checking ifdefs.
+    upstream: adapt to API change in hostkeys_foreach()/load_hostkeys()
     
-    Fixes problem where unsuitable chacha20 code in libressl would be used
-    unintentionally.
-
-commit 931c50c5883a9910ea1ae9a371e4e815ec56b035
-Author: Damien Miller <djm@mindrot.org>
-Date:   Mon Apr 6 10:04:56 2020 +1000
-
-    fix inverted test for LibreSSL version
+    OpenBSD-Regress-ID: dcb468514f32da49a446372453497dc6eeafdbf3
 
-commit d1d5f728511e2338b7c994968d301d8723012264
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Sat Apr 4 23:04:41 2020 +0000
+commit bf7eb3c266b7fd4ddda108fcf72b860af2af6406
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Oct 16 14:02:24 2020 +0000
 
-    upstream: Indicate if we're using a cached key in trace output.
+    upstream: few more things needs match.c and addrmatch.c now that
     
-    OpenBSD-Regress-ID: 409a7b0e59d1272890fda507651c0c3d2d3c0d89
+    log.c calls match_pattern_list()
+    
+    OpenBSD-Regress-ID: f7c95c76b150d0aeb00a67858b9579b7d1b2db74
 
-commit a398251a4627367c78bc483c70c2ec973223f82c
+commit 2c64f24e27a5e72a7f59e515fc4f4985355237ae
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Sun Apr 5 08:43:57 2020 +1000
+Date:   Mon Dec 21 14:02:56 2020 +1100
 
-    Use /usr/bin/xp4g/id if necessary.
-    
-    Solaris' native "id" doesn't support the options we use but the one
-    in /usr/bin/xp4g does, so use that instead.
+    Pull in missing rev 1.2.
 
-commit db0fdd48335b5b01114f78c1a73a195235910f81
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Sat Apr 4 22:14:26 2020 +0000
+commit 0f504f592d15d8047e466eb7453067a6880992a8
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Dec 20 23:40:19 2020 +0000
 
-    upstream: Some platforms don't have "hostname -s", so use cut to trim
+    upstream: plumb ssh_conn_info through to sshconnect.c; feedback/ok
     
-    short hostname instead.
+    markus@
     
-    OpenBSD-Regress-ID: ebcf36a6fdf287c9336b0d4f6fc9f793c05307a7
+    OpenBSD-Commit-ID: e8d14a09cda3f1dc55df08f8a4889beff74e68b0
 
-commit e7e59a9cc8eb7fd5944ded28f4d7e3ae0a5fdecd
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Apr 3 07:53:10 2020 +0000
+commit 729b05f59ded35483acef90a6f88aa03eae33b29
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Dec 20 23:38:00 2020 +0000
 
-    upstream: Compute hash locally and re-enable %C tests.
+    upstream: allow UserKnownHostsFile=none; feedback and ok markus@
     
-    OpenBSD-Regress-ID: 94d1366e8105274858b88a1f9ad2e62801e49770
+    OpenBSD-Commit-ID: c46d515eac94a35a1d50d5fd71c4b1ca53334b48
 
-commit abe2b245b3ac6c4801e99bc0f13289cd28211e22
-Author: Damien Miller <djm@mindrot.org>
-Date:   Fri Apr 3 17:25:46 2020 +1100
+commit b4c7cd1185c5dc0593d47eafcc1a34fda569dd1d
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Dec 20 23:36:51 2020 +0000
 
-    prefer libcrypto chacha20-poly1305 where possible
+    upstream: load_hostkeys()/hostkeys_foreach() variants for FILE*
+    
+    Add load_hostkeys_file() and hostkeys_foreach_file() that accept a
+    FILE* argument instead of opening the file directly.
+    
+    Original load_hostkeys() and hostkeys_foreach() are implemented using
+    these new interfaces.
+    
+    Add a u_int note field to the hostkey_entry and hostkey_foreach_line
+    structs that is passed directly from the load_hostkeys() and
+    hostkeys_foreach() call. This is a lightweight way to annotate results
+    between different invocations of load_hostkeys().
+    
+    ok markus@
+    
+    OpenBSD-Commit-ID: 6ff6db13ec9ee4edfa658b2c38baad0f505d8c20
 
-commit bc5c5d01ad668981f9e554e62195383bc12e8528
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Apr 3 05:43:11 2020 +0000
+commit 06fbb386bed666581095cb9cbc7a900e02bfe1b7
+Author: tobhe@openbsd.org <tobhe@openbsd.org>
+Date:   Sat Dec 19 22:09:21 2020 +0000
 
-    upstream: Temporarily remove tests for '%C' since the hash contains the
+    upstream: Print client kem key with correct length.
     
-    local hostname and it doesn't work on any machine except mine... spotted by
-    djm@
+    ok markus@
     
-    OpenBSD-Regress-ID: 2d4c3585b9fcbbff14f4a5a5fde51dbd0d690401
+    OpenBSD-Commit-ID: 91689e14a4fc6c270e265a32d1c8faba63a45755
 
-commit 81624026989654955a657ebf2a1fe8b9994f3c87
+commit 0ebead6593e2441e4af2735bbe2cd097607cd0d3
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Apr 3 06:07:57 2020 +0000
+Date:   Thu Dec 17 23:28:50 2020 +0000
 
-    upstream: r1.522 deleted one too many lines; repair
+    upstream: fix possible error("%s", NULL) on error paths
     
-    OpenBSD-Commit-ID: 1af8851fd7a99e4a887b19aa8f4c41a6b3d25477
+    OpenBSD-Commit-ID: 0b3833c2cb985453ecca1d76803ebb8f3b736a11
 
-commit 668cb3585ce829bd6e34d4a962c489bda1d16370
-Author: jmc@openbsd.org <jmc@openbsd.org>
-Date:   Fri Apr 3 05:53:52 2020 +0000
+commit d060bc7f6e6244f001e658208f53e3e2ecbbd382
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Dec 17 23:26:11 2020 +0000
 
-    upstream: sort -N and add it to usage();
+    upstream: refactor client percent_expand() argument passing;
     
-    OpenBSD-Commit-ID: 5b00e8db37c2b0a54c7831fed9e5f4db53ada332
+    consolidate the common arguments into a single struct and pass that around
+    instead of using a bunch of globals. ok markus@
+    
+    OpenBSD-Commit-ID: 035e6d7ca9145ad504f6af5a021943f1958cd19b
 
-commit 338ccee1e7fefa47f3d128c2541e94c5270abe0c
+commit 43026da035cd266db37df1f723d5575056150744
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Apr 3 05:48:57 2020 +0000
+Date:   Thu Dec 17 23:10:27 2020 +0000
 
-    upstream: avoid another compiler warning spotted in -portable
+    upstream: prepare readconf.c for fuzzing; remove fatal calls and
     
-    OpenBSD-Commit-ID: 1d29c51ac844b287c4c8bcaf04c63c7d9ba3b8c7
+    fix some (one-off) memory leaks; ok markus@
+    
+    OpenBSD-Commit-ID: 91c6aec57b0e7aae9190de188e9fe8933aad5ec5
 
-commit 9f8a42340bd9af86a99cf554dc39ecdf89287544
+commit bef92346c4a808f33216e54d6f4948f9df2ad7c1
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Apr 3 04:07:48 2020 +0000
+Date:   Mon Dec 14 03:13:12 2020 +0000
 
-    upstream: this needs utf8.c too
+    upstream: use _PATH_SSH_USER_DIR instead of hardcoded .ssh in path
     
-    OpenBSD-Regress-ID: 445040036cec714d28069a20da25553a04a28451
+    OpenBSD-Commit-ID: 5c1048468813107baa872f5ee33ba51623630e01
 
-commit 92115ea7c3a834374720c350841fc729e7d5c8b2
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Apr 3 03:14:03 2020 +0000
+commit a5ab499bd2644b4026596fc2cb24a744fa310666
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Dec 4 14:01:27 2020 +1100
 
-    upstream: Add percent_expand test for 'Match Exec'.
-    
-    OpenBSD-Regress-ID: a41c14fd6a0b54d66aa1e9eebfb9ec962b41232f
+    basic KEX fuzzer; adapted from Markus' unittest
 
-commit de34a440276ae855c38deb20f926d46752c62c9d
+commit 021ff33e383c77b11badd60cec5b141a3e3fa532
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Dec 4 13:57:43 2020 +1100
+
+    use options that work with recent clang
+
+commit e4d1a0b40add800b6e9352b40c2223e44acc3a45
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Apr 3 04:43:24 2020 +0000
+Date:   Fri Dec 4 02:41:10 2020 +0000
 
-    upstream: fix format string (use %llu for uint64, not %lld). spotted by
+    upstream: shuffle a few utility functions into sftp-client.c; from
     
-    Darren and his tinderbox tests
+    Jakub Jelen
     
-    OpenBSD-Commit-ID: 3b4587c3d9d46a7be9bdf028704201943fba96c2
+    OpenBSD-Commit-ID: fdeb1aae1f6149b193f12cd2af158f948c514a2a
 
-commit 9cd40b829a5295cc81fbea8c7d632b2478db6274
+commit ace12dc64f8e3a2496ca48d36b53cb3c0a090755
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Apr 3 04:34:15 2020 +0000
+Date:   Fri Dec 4 02:29:56 2020 +0000
 
-    upstream: Add a flag to re-enable verbose output when in batch
-    
-    mode; requested in bz3135; ok dtucker
+    upstream: make ssh_free(NULL) a no-op
     
-    OpenBSD-Commit-ID: 5ad2ed0e6440562ba9c84b666a5bbddc1afe2e2b
+    OpenBSD-Commit-ID: 42cb285d94789cefe6608db89c63040ab0a80fa0
 
-commit 6ce51a5da5d333a44e7c74c027f3571f70c39b24
+commit 3b98b6e27f8a122dbfda9966b1afeb3e371cce91
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Apr 3 04:32:21 2020 +0000
+Date:   Fri Dec 4 02:29:25 2020 +0000
 
-    upstream: chacha20-poly1305 AEAD using libcrypto EVP_chacha20
-    
-    Based on patch from Yuriy M. Kaminskiy. ok + lots of assistance along the
-    way at a2k20 tb@
+    upstream: memleak of DH public bignum; found with libfuzzer
     
-    OpenBSD-Commit-ID: 5e08754c13d31258bae6c5e318cc96219d6b10f0
+    OpenBSD-Commit-ID: 0e913b542c3764b100b1571fdb0d0e5cc086fe97
 
-commit eba523f0a130f1cce829e6aecdcefa841f526a1a
+commit 553b90feedd7da5b90901d73005f86705456d686
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Apr 3 04:27:03 2020 +0000
+Date:   Fri Dec 4 02:27:57 2020 +0000
 
-    upstream: make Chacha20-POLY1305 context struct opaque; ok tb@ as
-    
-    part of a larger diff at a2k20
+    upstream: fix minor memleak of kex->hostkey_alg on rekex
     
-    OpenBSD-Commit-ID: a4609b7263284f95c9417ef60ed7cdbb7bf52cfd
+    OpenBSD-Commit-ID: 2c3969c74966d4ccdfeff5e5f0df0791919aef50
 
-commit ebd29e90129cf18fedfcfe1de86e324228669295
+commit ac0364b85e66eb53da2f9618f699ba6bd195ceea
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Apr 3 04:06:26 2020 +0000
+Date:   Fri Dec 4 02:27:08 2020 +0000
 
-    upstream: fix debug statement
+    upstream: typos: s/hex/kex/ in error messages
     
-    OpenBSD-Commit-ID: 42c6edeeda5ce88b51a20d88c93be3729ce6b916
+    OpenBSD-Commit-ID: 43a026c9571dd779ec148de1829cf5a6b6651905
 
-commit 7b4d8999f2e1a0cb7b065e3efa83e6edccfc7d82
+commit ee22db7c5885a1d90219202c0695bc621aa0409b
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Apr 3 04:03:51 2020 +0000
+Date:   Fri Dec 4 02:25:13 2020 +0000
 
-    upstream: the tunnel-forwarding vs ExitOnForwardFailure fix that I
-    
-    committed earlier had an off-by-one. Fix this and add some debugging that
-    would have made it apparent sooner.
+    upstream: make program name be const
     
-    OpenBSD-Commit-ID: 082f8f72b1423bd81bbdad750925b906e5ac6910
+    OpenBSD-Commit-ID: ece25680ec637fdf20502721ccb0276691df5384
 
-commit eece243666d44ceb710d004624c5c7bdc05454bc
+commit 2bcbf679de838bb77a8bd7fa18e100df471a679c
 Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Apr 3 03:12:11 2020 +0000
+Date:   Mon Nov 30 05:36:39 2020 +0000
 
-    upstream: %C expansion just added to Match Exec should include
+    upstream: Ignore comments at the end of config lines in ssh_config,
     
-    remote user not local user.
+    similar to what we already do for sshd_config.  bz#2320, with & ok djm@
     
-    OpenBSD-Commit-ID: 80f1d976938f2a55ee350c11d8b796836c8397e2
+    OpenBSD-Commit-ID: bdbf9fc5bc72b1a14266f5f61723ed57307a6db4
 
-commit d5318a784d016478fc8da90a38d9062c51c10432
+commit b755264e7d3cdf1de34e18df1af4efaa76a3c015
 Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Apr 3 02:33:31 2020 +0000
+Date:   Sat Nov 28 12:52:32 2020 +0000
 
-    upstream: Add regression test for percent expansions where possible.
+    upstream: Include cipher.h for declaration of cipher_by_name.
     
-    OpenBSD-Regress-ID: 7283be8b2733ac1cbefea3048a23d02594485288
+    OpenBSD-Commit-ID: ddfebbca03ca0e14e00bbad9d35f94b99655d032
 
-commit 663e84bb53de2a60e56a44d538d25b8152b5c1cc
+commit 022def7bd16c3426a95e25f57cb259d54468341c
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Apr 3 02:40:32 2020 +0000
+Date:   Sat Nov 28 03:27:59 2020 +0000
 
-    upstream: make failures when establishing "Tunnel" forwarding terminate
+    upstream: check result of strchr() against NULL rather than
     
-    the connection when ExitOnForwardFailure is enabled; bz3116; ok dtucker
+    searched-for characters; from zhongjubin@huawei.com
     
-    OpenBSD-Commit-ID: ef4b4808de0a419c17579b1081da768625c1d735
+    OpenBSD-Commit-ID: e6f57de1d4a4d25f8db2d44e8d58d847e247a4fe
 
-commit ed833da176611a39d3376d62154eb88eb440d31c
+commit 57bf03f0217554afb8980f6697a7a0b88658d0a9
 Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Apr 3 02:27:12 2020 +0000
+Date:   Fri Nov 27 10:12:30 2020 +0000
 
-    upstream: Make with config keywords support which
+    upstream: Document ssh-keygen -Z, sanity check its argument earlier and
     
-    percent_expansions more consistent.  - %C is moved into its own function and
-    added to Match Exec.  - move the common (global) options into a macro.  This
-    is ugly but it's    the least-ugly way I could come up with.  - move
-    IdentityAgent and ForwardAgent percent expansion to before the    config dump
-    to make it regression-testable.  - document all of the above
+    provide a better error message if it's not correct.  Prompted by bz#2879, ok
+    djm@ jmc@
     
-    ok jmc@ for man page bits, "makes things less terrible" djm@ for the rest.
+    OpenBSD-Commit-ID: 484178a173e92230fb1803fb4f206d61f7b58005
+
+commit 33313ebc1c7135085676db62189e3520341d6b73
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Nov 27 00:49:58 2020 +0000
+
+    upstream: Set the specified TOS/DSCP for interactive use prior to
     
-    OpenBSD-Commit-ID: 4b65664bd6d8ae2a9afaf1a2438ddd1b614b1d75
+    TCP connect. The connection phase of the SSH session is time-sensitive (due
+    to server side login grace periods) and is frequently interactive (e.g.
+    entering passwords). The ultimate interactive/bulk TOS/DSCP will be set after
+    authentication completes.
+    
+    ok dtucker@
+    
+    OpenBSD-Commit-ID: f31ab10d9233363a6d2c9996007083ba43a093f1
 
-commit 6ec7457171468da2bbd908b8cd63d298b0e049ea
+commit b2bcec13f17ce9174238a704e91d52203e916432
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Apr 3 02:26:56 2020 +0000
+Date:   Fri Nov 27 00:37:10 2020 +0000
 
-    upstream: give ssh-keygen the ability to dump the contents of a
+    upstream: clean up passing of struct passwd from monitor to preauth
     
-    binary key revocation list: ssh-keygen -lQf /path bz#3132; ok dtucker
+    privsep process. No longer copy entire struct w/ pointer addresses, but pass
+    remaining scalar fields explicitly,
     
-    OpenBSD-Commit-ID: b76afc4e3b74ab735dbde4e5f0cfa1f02356033b
+    Prompted by Yuichiro NAITO, feedback Thorsten Glaser; ok dtucker@
+    
+    OpenBSD-Commit-ID: 9925df75a56732c43f3663e70dd15ff413ab3e53
 
-commit af628b8a6c3ef403644d83d205c80ff188c97f0c
+commit 19af04e2231155d513e24fdc81fbec2217ae36a6
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Apr 3 02:25:21 2020 +0000
+Date:   Sun Nov 22 22:38:26 2020 +0000
 
-    upstream: add allocating variant of the safe utf8 printer; ok
+    upstream: when loading PKCS#11 keys, include the key fingerprints
     
-    dtucker as part of a larger diff
+    and provider/slot information in debug output.
     
-    OpenBSD-Commit-ID: 037e2965bd50eacc2ffb49889ecae41552744fa0
+    OpenBSD-Commit-ID: 969a089575d0166a9a364a9901bb6a8d9b8a1431
 
-commit d8ac9af645f5519ac5211e9e1e4dc1ed00e9cced
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Mon Mar 16 02:17:02 2020 +0000
+commit 9b9465ea856e15b9e9890b4ecb4110d7106e7766
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Nov 22 22:37:11 2020 +0000
 
-    upstream: Cast lifetime to u_long for comparison to prevent unsigned
+    upstream: when mentioning that the host key has changed, don't
     
-    comparison warning on 32bit arches.  Spotted by deraadt, ok djm.
+    report the type because it is ambiguous as to whether it referred to the
+    known or new host key. bz3216; ok dtucker@
     
-    OpenBSD-Commit-ID: 7a75b2540bff5ab4fa00b4d595db1df13bb0515a
+    OpenBSD-Commit-ID: 2d5ce4a83dbcf44e340a572e361decad8aab7bad
 
-commit 0eaca933ae08b0a515edfccd5cc4a6b667034813
+commit 637017a7dd3281d3f2df804993cc27c30dbfda47
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Sat Mar 14 20:58:46 2020 +1100
+Date:   Wed Nov 25 17:38:46 2020 +1100
 
-    Include fido.h when checking for fido/credman.h.
+    Use "=" not "==" in string test.
     
-    It's required for fido_dev_t, otherwise configure fails with
-    when given --with-security-key-builtin.
+    POSIX says "=" is string comparison and some shells (eg HP-UX) will
+    complain about "==".
 
-commit c7c099060f82ffe6a36d8785ecf6052e12fd92f0
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Mar 13 03:18:45 2020 +0000
+commit 9880f3480f9768897f3b8e714d5317fb993bc5b3
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Nov 20 17:16:51 2020 +1100
 
-    upstream: some more speeling mistakes from
+    Restore correct flags during localtime_r check.
     
-    OpenBSD-Regress-ID: 02471c079805471c546b7a69d9ab1d34e9a57443
+    We were restoring the wrong thing CPPFLAGS (we used CFLAGS) for any
+    platform that doesn't have localtime_r.
 
-commit 1d89232a4aa97fe935cd60b8d24d75c2f70d56c5
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Mar 13 04:16:27 2020 +0000
+commit 41935882f4e82de60dbd6e033eabe79e1b963518
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Nov 20 03:16:56 2020 +0000
 
-    upstream: improve error messages for some common PKCS#11 C_Login
+    upstream: When doing an sftp recursive upload or download of a
     
-    failure cases; based on patch from Jacob Hoffman-Andrews in bz3130; ok
-    dtucker
+    read-only directory, ensure that the directory is created with write and
+    execute permissions in the interim so that we can actually complete the
+    transfer, then set the directory permission as the final step.  (The execute
+    bit is only likely to be an issue with a non-POSIX server).  bz#3222, ok djm@
     
-    OpenBSD-Commit-ID: b8b849621b4a98e468942efd0a1c519c12ce089e
+    OpenBSD-Commit-ID: a82606212f2796e31f0e1af94a63355a7ad5d903
 
-commit 5becbec023f2037394987f85ed7f74b9a28699e0
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Mar 13 04:01:56 2020 +0000
+commit 0f90440ca70abab947acbd77795e9f130967956c
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Nov 20 13:37:54 2020 +1100
 
-    upstream: use sshpkt_fatal() for kex_exchange_identification()
-    
-    errors. This ensures that the logged errors are consistent with other
-    transport- layer errors and that the relevant IP addresses are logged. bz3129
-    ok dtucker@
+    Add new pselect6_time64 syscall on ARM.
     
-    OpenBSD-Commit-ID: 2c22891f0b9e1a6cd46771cedbb26ac96ec2e6ab
+    This is apparently needed on armhfp/armv7hl.  bz#3232, patch from
+    jjelen at redhat.com.
 
-commit eef88418f9e5e51910af3c5b23b5606ebc17af55
+commit 3a7c46c72b6a1f643b1fc3589cd20d8320c3d9e1
 Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Mar 13 03:24:49 2020 +0000
+Date:   Fri Nov 20 02:14:16 2020 +0000
 
-    upstream: Don't clear alarm timers in listening sshd. Previously
+    upstream: Explicitly initialize all members of the
     
-    these timers were used for regenerating the SSH1 ephemeral host keys but
-    those are now gone so there's no need to clear the timers either.  ok
-    deraadt@
+    find_by_key_ctx struct.  Initializing a single member should be enough
+    (the spec says the remainder should be initialized as per the static
+    rules) but some GCCs warn on this which prevents us testing with -Werror
+    on those.  ok deraadt@ djm@
     
-    OpenBSD-Commit-ID: 280d2b885e4a1ce404632e8cc38fcb17be7dafc0
+    OpenBSD-Commit-ID: 687126e60a27d30f02614760ef3c3ae4e8d6af28
 
-commit d081f017c20a3564255873ed99fd7d024cac540f
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Mar 13 03:17:07 2020 +0000
+commit 076cb616b87d1ea1d292973fcd0ba38c08ea6832
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Thu Nov 19 23:05:05 2020 +0000
 
-    upstream: spelling errors in comments; no code change from
+    upstream: draft-ietf-secsh-architecture is now RFC4251.
     
-    OpenBSD-Commit-ID: 166ea64f6d84f7bac5636dbd38968592cb5eb924
+    OpenBSD-Commit-ID: cb0bb58c2711fb5ed519507659be1dcf179ed403
 
-commit c084a2d040f160bc2b83f13297e3e3ca3f5dbac6
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Mar 13 03:12:17 2020 +0000
+commit 85cceda21f1471548e04111aefe2c4943131c1c8
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Tue Nov 17 11:23:58 2020 +0000
 
-    upstream: when downloading FIDO2 resident keys from a token, don't
+    upstream: Specify that the KDF function is bcrypt. Based on github
     
-    prompt for a PIN until the token has told us that it needs one. Avoids
-    double-prompting on devices that implement on-device authentication (e.g. a
-    touchscreen PIN pad on the Trezor Model T). ok dtucker@
+    PR#214 from rafork, ok markus@, mdoc correction jmc@
     
-    OpenBSD-Commit-ID: 38b78903dd4422d7d3204095a31692fb69130817
-
-commit 955c4cf4c6a1417c28d4e1040702c4d9bf63645b
-Author: Damien Miller <djm@mindrot.org>
-Date:   Fri Mar 13 14:30:16 2020 +1100
-
-    sync fnmatch.c with upstream to fix another typo
-
-commit 397f217e8640e75bb719a8e87111b4bd848fb3df
-Author: Damien Miller <djm@mindrot.org>
-Date:   Fri Mar 13 14:24:23 2020 +1100
-
-    another spelling error in comment
+    OpenBSD-Commit-ID: d8f2853e7edbcd483f31b50da77ab80ffa18b4ef
 
-commit def31bc5427579ec3f7f2ce99f2da1338fdc0c9f
-Author: Damien Miller <djm@mindrot.org>
-Date:   Fri Mar 13 14:23:07 2020 +1100
+commit 5b9720f9adbd70ba5a994f407fe07a7d016d8d65
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Nov 15 22:34:58 2020 +0000
 
-    spelling mistakes
+    upstream: revert r1.341; it breaks ProxyJump; reported by sthen@
     
-    from https://fossies.org/linux/misc/openssh-8.2p1.tar.gz/codespell.html
+    OpenBSD-Commit-ID: 6ac2f945b26cb86d936eed338f77861d6da8356a
 
-commit 8bdc3bb7cf4c82c3344cfcb82495a43406e87e83
-Author: markus@openbsd.org <markus@openbsd.org>
-Date:   Fri Mar 6 18:29:54 2020 +0000
+commit 04088725ec9c44880c01799b588cd4ba47b3e8bc
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Nov 13 07:30:44 2020 +0000
 
-    upstream: fix relative includes in sshd_config; ok djm
+    upstream: scrub keyboard-interactive authentication prompts coming
     
-    OpenBSD-Commit-ID: fa29b0da3c93cbc3a1d4c6bcd58af43c00ffeb5b
-
-commit e32ef97a56ae03febfe307688858badae3a70e5a
-Author: markus@openbsd.org <markus@openbsd.org>
-Date:   Fri Mar 6 18:29:14 2020 +0000
-
-    upstream: fix use-after-free in do_download_sk; ok djm
+    from the server through asmprintf() prior to display; suggested by and ok
+    dtucker@
     
-    OpenBSD-Commit-ID: 96b49623d297797d4fc069f1f09e13c8811f8863
+    OpenBSD-Commit-ID: 31fe93367645c37fbfe4691596bf6cf1e3972a58
 
-commit 5732d58020309364bf31fa125354e399361006db
-Author: markus@openbsd.org <markus@openbsd.org>
-Date:   Fri Mar 6 18:28:50 2020 +0000
+commit 5442b491d0ee4bb82f6341ad0ee620ef3947f8c5
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Nov 13 04:53:12 2020 +0000
 
-    upstream: do not leak oprincipals; ok djm
+    upstream: prefix keyboard interactive prompts with (user@host) to
     
-    OpenBSD-Commit-ID: 4691d9387eab36f8fda48f5d8009756ed13a7c4c
+    make it easier to determine which connection they are associated with in
+    cases like scp -3, ProxyJump, etc. bz#3224 ok dtucker
+    
+    OpenBSD-Commit-ID: 67e6189b04b46c867662f8a6759cf3ecb5f59170
 
-commit 8fae395f34c2c52cdaf9919aa261d1848b4bb00b
-Author: markus@openbsd.org <markus@openbsd.org>
-Date:   Fri Mar 6 18:28:27 2020 +0000
+commit 2992e4e7014ac1047062acfdbbf6feb156fef616
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Nov 13 17:56:11 2020 +1100
 
-    upstream: initialize seconds for debug message; ok djm
+    Remove use of TIME_WITH_SYS_TIME.
     
-    OpenBSD-Commit-ID: 293fbefe6d00b4812a180ba02e26170e4c855b81
+    It was only set by the recently removed AC_HEADER_TIME macro, replace
+    with simple inclusions of both sys/time.h and time.h.  Should prevent
+    mis-detection of struct timespec.
 
-commit 46e5c4c8ffcd1569bcd5d04803abaa2ecf3e4cff
-Author: markus@openbsd.org <markus@openbsd.org>
-Date:   Fri Mar 6 18:27:50 2020 +0000
+commit e3f27006f15abacb7e89fda3f5e9a0bd420b7e38
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Nov 13 14:20:43 2020 +1100
 
-    upstream: correct return code; ok djm
+    Revert "detect Linux/X32 systems"
     
-    OpenBSD-Commit-ID: 319d09e3b7f4b2bc920c67244d9ff6426b744810
+    This reverts commit 5b56bd0affea7b02b540bdbc4d1d271b0e4fc885.
+    
+    The approach used was incorrect; discussion in bz#3085
 
-commit 31c39e7840893f1bfdcbe4f813b20d1d7e69ec3e
-Author: markus@openbsd.org <markus@openbsd.org>
-Date:   Fri Mar 6 18:27:15 2020 +0000
+commit e51dc7fab61df36e43f3bc64b673f88d388cab91
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Nov 13 13:22:15 2020 +1100
 
-    upstream: principalsp is optional, pubkey required; ok djm
+    SELinux has deprecated security_context_t
     
-    OpenBSD-Commit-ID: 2cc3ea5018c28ed97edaccd7f17d2cc796f01024
+    (it was only ever a char* anyway)
 
-commit e26a31757c5df2f58687cb9a4853d1418f39728e
-Author: markus@openbsd.org <markus@openbsd.org>
-Date:   Fri Mar 6 18:26:21 2020 +0000
+commit b79add37d118276d67f3899987b9f0629c9449c3
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Nov 13 13:43:30 2020 +1100
 
-    upstream: remove unused variables in ssh-pkcs11-helper; ok djm
+    Remove obsolete AC_HEADER_TIME macro.
     
-    OpenBSD-Commit-ID: 13e572846d0d1b28f1251ddd2165e9cf18135ae1
+    AC_HEADER_TIME is marked as obsolete in autoconf-2.70 and as far as I
+    can tell everything we have that might be old enough to need it doesn't.
 
-commit 1b378c0d982d6ab522eda634b0e88cf1fca5e352
-Author: markus@openbsd.org <markus@openbsd.org>
-Date:   Fri Mar 6 18:25:48 2020 +0000
+commit d5d05cdb3d4efd4a618aa52caab5bec73097c163
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Nov 12 22:56:00 2020 +0000
 
-    upstream: return correct error in sshsk_ed25519_sig; ok djm
+    upstream: when prompting the user to accept a new hostkey, display
     
-    OpenBSD-Commit-ID: 52bf733df220303c260fee4f165ec64b4a977625
+    any other host names/addresses already associated with the key. E.g.
+    
+    > The authenticity of host 'test (10.0.0.1)' can't be established.
+    > ECDSA key fingerprint is SHA256:milU4MODXm8iJQI18wlsbPG7Yup+34fuNNmV08qDnax.
+    > This host key is known by the following other names/addresses:
+    >     ~/.ssh/known_hosts:1: host.example.org,10.0.0.1
+    >     ~/.ssh/known_hosts:2: [hashed name]
+    >     ~/.ssh/known_hosts:3: [hashed name]
+    >     ~/.ssh/known_hosts:4: host
+    >     ~/.ssh/known_hosts:5: [host]:2222
+    > Are you sure you want to continue connecting (yes/no/[fingerprint])?
+    
+    feedback and ok markus@
+    
+    OpenBSD-Commit-ID: f6f58a77b49f1368b5883b3a1f776447cfcc7ef4
 
-commit fbff605e637b068061ab6784ff03e3874890c092
-Author: markus@openbsd.org <markus@openbsd.org>
-Date:   Fri Mar 6 18:25:12 2020 +0000
+commit 819b44e8b9af6ce18d3ec7505b9f461bf7991a1f
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Thu Nov 12 22:38:57 2020 +0000
 
-    upstream: fix possible null-deref in check_key_not_revoked; ok
+    upstream: Prevent integer overflow when ridiculously large
     
-    djm
+    ConnectTimeout is specified, capping the effective value (for most platforms)
+    at 24 days. bz#3229, ok djm@
     
-    OpenBSD-Commit-ID: 80855e9d7af42bb6fcc16c074ba69876bfe5e3bf
+    OpenBSD-Commit-ID: 62d4c4b7b87d111045f8e9f28b5b532d17ac5bc0
 
-commit bc30b446841fc16e50ed6e75c56ccfbd37b9f281
-Author: markus@openbsd.org <markus@openbsd.org>
-Date:   Fri Mar 6 18:24:39 2020 +0000
+commit add926dd1bbe3c4db06e27cab8ab0f9a3d00a0c2
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Nov 11 05:22:32 2020 +0000
 
-    upstream: ssh_fetch_identitylist() returns the return value from
+    upstream: fix logic error that broke URI parsing in ProxyJump
     
-    ssh_request_reply() so we should also check against != 0 ok djm
+    directives; ok dtucker@
     
-    OpenBSD-Commit-ID: 28d0028769d03e665688c61bb5fd943e18614952
+    OpenBSD-Commit-ID: 96d48839b1704882a0e9a77898f5e14b2d222705
 
-commit 7b4f70ddeb59f35283d77d8d9c834ca58f8cf436
-Author: markus@openbsd.org <markus@openbsd.org>
-Date:   Fri Mar 6 18:23:17 2020 +0000
+commit 4340dd43928dfe746cb7e75fe920b63c0d909a9a
+Author: claudio@openbsd.org <claudio@openbsd.org>
+Date:   Tue Nov 10 07:46:20 2020 +0000
 
-    upstream: sshkey_cert_check_authority requires reason to be set;
+    upstream: Free the previously allocated msg buffer after writing it
     
-    ok djm
+    out. OK djm@
     
-    OpenBSD-Commit-ID: 6f7a6f19540ed5749763c2f9530c0897c94aa552
+    OpenBSD-Commit-ID: 18c055870fc75e4cb9f926c86c7543e2e21d7fa4
 
-commit 05efe270df1e925db0af56a806d18b5063db4b6d
-Author: markus@openbsd.org <markus@openbsd.org>
-Date:   Fri Mar 6 18:21:28 2020 +0000
+commit fcf429a4c69d30d8725612a55b37181594da8ddf
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Wed Nov 11 12:30:46 2020 +1100
 
-    upstream: passphrase depends on kdfname, not ciphername (possible
+    Prevent excessively long username going to PAM.
     
-    null-deref); ok djm
+    This is a mitigation for a buffer overflow in Solaris' PAM username
+    handling (CVE-2020-14871), and is only enabled for Sun-derived PAM
+    implementations.  This is not a problem in sshd itself, it only
+    prevents sshd from being used as a vector to attack Solaris' PAM.
+    It does not prevent the bug in PAM from being exploited via some other
+    PAM application.
     
-    OpenBSD-Commit-ID: 0d39668edf5e790b5837df4926ee1141cec5471c
+    Based on github PR#212 from Mike Scott but implemented slightly
+    differently.  ok tim@ djm@
 
-commit 1ddf5682f3992bdacd29164891abb71a19c2cf61
-Author: markus@openbsd.org <markus@openbsd.org>
-Date:   Fri Mar 6 18:20:44 2020 +0000
+commit 10dce8ff68ef615362cfcab0c0cc33ce524e7682
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Nov 8 23:19:03 2020 +0000
 
-    upstream: consistently check packet_timeout_ms against 0; ok djm
+    upstream: unbreak; missing NULL check
     
-    OpenBSD-Commit-ID: e8fb8cb2c96c980f075069302534eaf830929928
+    OpenBSD-Commit-ID: 6613dfab488123f454d348ef496824476b8c11c0
 
-commit 31f1ee54968ad84eb32375e4412e0318766b586b
-Author: markus@openbsd.org <markus@openbsd.org>
-Date:   Fri Mar 6 18:20:02 2020 +0000
+commit d5a0cd4fc430c8eda213a4010a612d4778867cd9
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Nov 8 22:37:24 2020 +0000
 
-    upstream: initialize cname in case ai_canonname is NULL or too
+    upstream: when requesting a security key touch on stderr, inform the
     
-    long; ok djm
+    user once the touch has been recorded; requested by claudio@ ok markus@
     
-    OpenBSD-Commit-ID: c27984636fdb1035d1642283664193e91aab6e37
+    OpenBSD-Commit-ID: 3b76ee444490e546b9ea7f879e4092ee0d256233
 
-commit a6134b02b5264b2611c8beae98bb392329452bba
-Author: markus@openbsd.org <markus@openbsd.org>
-Date:   Fri Mar 6 18:19:21 2020 +0000
+commit 292bcb2479deb27204e3ff796539c003975a5f7a
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Mon Nov 9 00:33:35 2020 +1100
 
-    upstream: fix uninitialized pointers for forward_cancel; ok djm
+    Remove preprocessor directive from log macro calls.
     
-    OpenBSD-Commit-ID: 612778e6d87ee865d0ba97d0a335f141cee1aa37
+    Preprocessor directives inside macro calls, such as the new log macros,
+    are undefined behaviour and do not work with, eg old GCCs.  Put the
+    entire log call inside the ifdef for OPENSSL_HAS_NISTP521.
 
-commit 16d4f9961c75680aab374dee762a5baa0ad507af
-Author: markus@openbsd.org <markus@openbsd.org>
-Date:   Fri Mar 6 18:16:21 2020 +0000
+commit 71693251b7cbb7dd89aaac18815147124732d0d3
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Sun Nov 8 12:10:20 2020 +0000
 
-    upstream: exit on parse failures in input_service_request; ok djm
+    upstream: Add a comment documenting the source of the moduli group
     
-    OpenBSD-Commit-ID: 6a7e1bfded26051d5aa893c030229b1ee6a0d5d2
-
-commit 5f25afe5216ba7f8921e04f79aa4ca0624eca820
-Author: markus@openbsd.org <markus@openbsd.org>
-Date:   Fri Mar 6 18:15:38 2020 +0000
-
-    upstream: fix null-deref on calloc failure; ok djm
+    sizes.
     
-    OpenBSD-Commit-ID: a313519579b392076b7831ec022dfdefbec8724a
+    OpenBSD-Commit-ID: aec0725ce607630caaa62682624c6763b350391c
 
-commit ff2acca039aef16a15fce409163df404858f7aa5
-Author: markus@openbsd.org <markus@openbsd.org>
-Date:   Fri Mar 6 18:15:04 2020 +0000
+commit 4d94b031ff88b015f0db57e140f481bff7ae1a91
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Sun Nov 8 11:46:12 2020 +0000
 
-    upstream: exit if ssh_krl_revoke_key_sha256 fails; ok djm
+    upstream: Replace WITH_OPENSSL ifdefs in log calls with a macro.
     
-    OpenBSD-Commit-ID: 0864ad4fe8bf28ab21fd1df766e0365c11bbc0dc
+    The log calls are themselves now macros, and preprocessor directives inside
+    macro arguments are undefined behaviour which some compilers (eg old GCCs)
+    choke on.  It also makes the code tidier.  ok deraadt@
+    
+    OpenBSD-Commit-ID: cc12a9029833d222043aecd252d654965c351a69
 
-commit 31c860a0212af2d5b6a129e3e8fcead51392ee1d
-Author: markus@openbsd.org <markus@openbsd.org>
-Date:   Fri Mar 6 18:14:13 2020 +0000
+commit 6d2564b94e51184eb0b73b97d13a36ad50b4f810
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Nov 6 17:11:16 2020 +1100
 
-    upstream: pkcs11_register_provider: return < 0 on error; ok djm
+    Fix function body for variadic macro test.
     
-    OpenBSD-Commit-ID: cfc8321315b787e4d40da4bdb2cbabd4154b0d97
+    AC_LANG_PROGRAM puts its second argument inside main() so we don't need
+    to do it ourselves.
 
-commit 15be29e1e3318737b0768ca37d5b4a3fbe868ef0
-Author: markus@openbsd.org <markus@openbsd.org>
-Date:   Fri Mar 6 18:13:29 2020 +0000
+commit 586f9bd2f5980e12f8cf0d3c2a761fa63175da52
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Nov 6 16:53:24 2020 +1100
 
-    upstream: sshsig: return correct error, fix null-deref; ok djm
+    Remove AC_PROC_CC_C99 obsoleted in autoconf 2.70.
     
-    OpenBSD-Commit-ID: 1d1af7cd538b8b23e621cf7ab84f11e7a923edcd
+    Since we only use it to make sure we can handle variadic macros,
+    explicitly check only for that.  with & ok djm@
 
-commit 6fb6f186cb62a6370fba476b6a03478a1e95c30d
-Author: markus@openbsd.org <markus@openbsd.org>
-Date:   Fri Mar 6 18:12:55 2020 +0000
+commit a019e353df04de1b2ca78d91b39c393256044ad7
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Nov 6 13:56:41 2020 +1100
 
-    upstream: vasnmprintf allocates str and returns -1; ok djm
+    Replace AC_TRY_COMPILE obsoleted in autoconf 2.70.
     
-    OpenBSD-Commit-ID: dae4c9e83d88471bf3b3f89e3da7a107b44df11c
+    Replace with the equivalent AC_COMPILE_IFELSE.
 
-commit 714e1cbca17daa13f4f98978cf9e0695d4b2e0a4
-Author: markus@openbsd.org <markus@openbsd.org>
-Date:   Fri Mar 6 18:11:10 2020 +0000
+commit 771b7795c0ef6a2fb43b4c6c66b615c2085cb9cd
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Nov 6 13:55:33 2020 +1100
 
-    upstream: sshpkt_fatal() does not return; ok djm
+    Move AC_PROG_CC_C99 to immediately afer AC_PROG_CC.
     
-    OpenBSD-Commit-ID: 7dfe847e28bd78208eb227b37f29f4a2a0929929
+    This puts the related C version selection output in the same place.
 
-commit 9b47bd7b09d191991ad9e0506bb66b74bbc93d34
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Feb 28 01:07:28 2020 +0000
+commit e5591161f21ab493c6284a85ac3c0710ad94998f
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Nov 6 13:54:17 2020 +1100
 
-    upstream: no-touch-required certificate option should be an
-    
-    extension, not a critical option.
+    AC_CHECK_HEADER() is obsoleted in autoconf 2.70.
     
-    OpenBSD-Commit-ID: 626b22c5feb7be8a645e4b9a9bef89893b88600d
+    Replace with the non-obsoleted AC_CHECK_HEADERS().
 
-commit dd992520bed35387fc010239abe1bdc0c2665e38
+commit 05bcd0cadf160fd4826a2284afa7cba6ec432633
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Feb 28 01:06:05 2020 +0000
+Date:   Tue Nov 3 22:53:12 2020 +0000
 
-    upstream: better error message when trying to use a FIDO key
+    upstream: fold consecutive '*' wildcards to mitigate combinatorial
     
-    function and SecurityKeyProvider is empty
+    explosion of recursive searches; ok dtucker
     
-    OpenBSD-Commit-ID: e56602c2ee8c82f835d30e4dc8ee2e4a7896be24
+    OpenBSD-Commit-ID: d18bcb39c40fb8a1ab61153db987e7d11dd3792b
 
-commit b81e66dbe0345aef4717911abcb4f589fff33a0a
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Thu Feb 27 02:32:37 2020 +0000
+commit 7d680448db5858dc76307663f78d0b8d3c2b4a3d
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Oct 30 01:50:07 2020 +0000
 
-    upstream: Drop leading space from line count that was confusing
+    upstream: print reason in fatal error message when
     
-    ssh-keygen's screen mode.
+    kex_assemble_namelist() fails
     
-    OpenBSD-Commit-ID: 3bcae7a754db3fc5ad3cab63dd46774edb35b8ae
+    OpenBSD-Commit-ID: a9975ee8db6c98d6f32233d88051b2077ca63dab
 
-commit d5ba1c03278eb079438bb038266d80d7477d49cb
-Author: jsg@openbsd.org <jsg@openbsd.org>
-Date:   Wed Feb 26 13:40:09 2020 +0000
+commit 95d1109fec7e89ad21f2a97e92bde1305d32a353
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Oct 29 03:13:06 2020 +0000
 
-    upstream: change explicit_bzero();free() to freezero()
-    
-    While freezero() returns early if the pointer is NULL the tests for
-    NULL in callers are left to avoid warnings about passing an
-    uninitialised size argument across a function boundry.
+    upstream: fix sshd_config SetEnv directive inside Match blocks; part of
     
-    ok deraadt@ djm@
+    github PR#201 from github user manuelm
     
-    OpenBSD-Commit-ID: 2660fa334fcc7cd05ec74dd99cb036f9ade6384a
+    OpenBSD-Commit-ID: 9772e3748abff3ad65ae8fc43d026ed569b1d2bc
 
-commit 9e3220b585c5be19a7431ea4ff8884c137b3a81c
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Wed Feb 26 11:46:51 2020 +0000
+commit b12b835dc022ba161afe68348e05a83dfbcb1515
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Oct 29 03:01:18 2020 +0000
 
-    upstream: Have sftp reject "-1" in the same way as ssh(1) and
+    upstream: fix type of nid in type_bits_valid(); github PR#202 from
     
-    scp(1) do instead of accepting and silently ignoring it since protocol 1
-    support has been removed.  Spotted by shivakumar2696 at gmail.com, ok
-    deraadt@
+    github user thingsconnected
     
-    OpenBSD-Commit-ID: b79f95559a1c993214f4ec9ae3c34caa87e9d5de
+    OpenBSD-Commit-ID: 769d2b040dec7ab32d323daf54b854dd5dcb5485
 
-commit ade8e67bb0f07b12e5e47e7baeafbdc898de639f
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Wed Feb 26 01:31:47 2020 +0000
+commit 1a14c13147618144d1798c36a588397ba9008fcc
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Oct 29 02:52:43 2020 +0000
 
-    upstream: Remove obsolete XXX comment. ok deraadt@
+    upstream: whitespace; no code change
     
-    OpenBSD-Commit-ID: bc462cc843947feea26a2e21c750b3a7469ff01b
+    OpenBSD-Commit-ID: efefc1c47e880887bdee8cd2127ca93177eaad79
 
-commit 7eb903f51eba051d7f65790bab92a28970ac1ccc
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Mon Feb 24 04:27:58 2020 +0000
+commit 815209abfdd2991fb92ad7d2e33374916cdcbcf4
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Oct 29 02:47:23 2020 +0000
 
-    upstream: Fix typo. Patch from itoama at live.jp via github PR#173.
+    upstream: UpdateHostkeys: fixed/better detection of host keys that
     
-    OpenBSD-Commit-ID: 5cdaafab38bbdea0d07e24777d00bfe6f972568a
+    exist under other names and addresses; spotted by and debugged with lots of
+    help from jca@
+    
+    OpenBSD-Commit-ID: 5113d7f550bbd48243db1705afbf16b63792d4b7
 
-commit b2491c289dd1b557a18a2aca04eeff5c157fc5ef
-Author: Nico Kadel-Garcia <nkadel@gmail.com>
-Date:   Sat Oct 12 17:51:01 2019 -0400
+commit a575cf44e59a65506c67bddb62a712208a7a279c
+Author: Duncan Eastoe <duncan.eastoe@att.com>
+Date:   Wed Oct 21 10:11:10 2020 +0100
 
-    Switch %define to %global for redhat/openssh.spec
+    session.c: use "denylist" terminology
+    
+    Follow upstream (6d755706a0059eb9e2d63517f288b75cbc3b4701) language
+    improvements in this portable-specific code.
 
-commit b18dcf6cca7c7aba1cc22e668e04492090ef0255
-Author: mkontani <itoama@live.jp>
-Date:   Fri Feb 21 00:54:49 2020 +0900
+commit 33267feaffd5d98aa56d2f0b3a99ec352effe938
+Author: Damien Miller <djm@mindrot.org>
+Date:   Tue Oct 27 16:46:31 2020 +1100
 
-    fix some typos and sentence
+    Remove checks for strict POSIX mkdtemp()
+    
+    We needed a mkdtemp() that accepted template paths that did not
+    end in XXXXXX a long time ago for KRB4, but that code is long
+    deprecated. We no longer need to replace mkdtemp() for strictly
+    following POSIX. ok dtucker@
 
-commit 0001576a096f788d40c2c0a39121cff51bf961ad
+commit 492d70e18bad5a8c97d05f5eddac817171e88d2c
 Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Feb 21 00:04:43 2020 +0000
+Date:   Mon Oct 26 00:39:04 2020 +0000
 
-    upstream: Fix some typos and an incorrect word in docs. Patch from
+    upstream: Minor man page fixes (capitalization, commas) identified by
     
-    itoama at live.jp via github PR#172.
+    the manpage-l10n project via bz#3223.  feedback deraadt@, ok jmc@
     
-    OpenBSD-Commit-ID: 166ee8f93a7201fef431b9001725ab8b269d5874
+    OpenBSD-Commit-ID: ab83af0daf18369244a72daaec6c4a58a9eb7e2c
 
-commit 99ff8fefe4b2763a53778d06b5f74443c8701615
+commit eab2888cfc6cc4e2ef24bd017da9835a0f365f3f
 Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Thu Feb 20 05:58:08 2020 +0000
+Date:   Mon Oct 19 22:49:23 2020 +0000
 
-    upstream: Update moduli generation script to new ssh-keygen
+    upstream: Adapt XMSS to new logging infrastructure. With markus@, ok
     
-    generation and screening command line flags.
+    djm@.
     
-    OpenBSD-Commit-ID: 5010ff08f7ad92082e87dde098b20f5c24921a8f
+    OpenBSD-Commit-ID: 9c35ec3aa0f710e4e3325187ceff4fa3791686de
 
-commit 700d16f5e534d6de5a3b7105a74a7a6f4487b681
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Thu Feb 20 05:41:51 2020 +0000
+commit f7bd11e4941620991f3e727cd0131b01f0311a58
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Oct 19 08:07:08 2020 +0000
 
-    upstream: Import regenerated moduli.
+    upstream: fix SEGV on fatal() errors spotted by dtucker@
     
-    OpenBSD-Commit-ID: 7b7b619c1452a459310b0cf4391c5757c6bdbc0f
+    OpenBSD-Commit-ID: 75f155a1ac61e364ed00dc379e2c42df81067ce2
 
-commit 4753b74ba0f09e4aacdaab5e184cd540352004d5
+commit 7715a3b171049afa1feffb1d5a1245dfac36ce99
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Thu Feb 20 16:42:50 2020 +1100
-
-    Import regenerated moduli.
-
-commit 11d427162778c18fa42917893a75d178679a2389
-Author: HARUYAMA Seigo <haruyama@unixuser.org>
-Date:   Fri Feb 14 16:14:23 2020 +0900
+Date:   Mon Oct 19 10:54:41 2020 +1100
 
-    Fix typos in INSTALL: s/avilable/available/ s/suppports/supports/
+    Use fatal_fr not fatal_r when passing r.
+    
+    Caught by the PAM -Werror tinderbox build.
 
-commit 264a966216137c9f4f8220fd9142242d784ba059
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Tue Feb 18 08:58:33 2020 +0000
+commit 816036f142ecd284c12bb3685ae316a68d2ef190
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Oct 18 11:32:01 2020 +0000
 
-    upstream: Ensure that the key lifetime provided fits within the
+    upstream: use the new variant log macros instead of prepending
     
-    values allowed by the wire format (u32). Prevents integer wraparound of the
-    timeout values. bz#3119, ok markus@ djm@
+    __func__ and appending ssh_err(r) manually; ok markus@
     
-    OpenBSD-Commit-ID: 8afe6038b5cdfcf63360788f012a7ad81acc46a2
+    OpenBSD-Commit-ID: 1f14b80bcfa85414b2a1a6ff714fb5362687ace8
 
-commit de1f3564cd85915b3002859873a37cb8d31ac9ce
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Tue Feb 18 08:49:49 2020 +0000
+commit 9e2c4f64224f68fb84c49b5182e449f94b0dc985
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Oct 18 11:21:59 2020 +0000
 
-    upstream: Detect and prevent simple configuration loops when using
+    upstream: variants of the log methods that append a ssherr.h string
     
-    ProxyJump. bz#3057, ok djm@
+    from a supplied error code; ok markus@
     
-    OpenBSD-Commit-ID: 077d21c564c886c98309d871ed6f8ef267b9f037
+    OpenBSD-Commit-ID: aed98c4435d48d036ae6740300f6a8357b7cc0bf
 
-commit 30144865bfa06b12239cfabc37c45e5ddc369d97
-Author: naddy@openbsd.org <naddy@openbsd.org>
-Date:   Sun Feb 16 21:15:43 2020 +0000
+commit 28cb0a4b03940d1ee576eb767a81a4113bdc917e
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Oct 18 11:14:27 2020 +0000
 
-    upstream: document -F none; with jmc@
+    upstream: remove a level of macro indirection; ok markus@
     
-    OpenBSD-Commit-ID: 0eb93b75473d2267aae9200e02588e57778c84f2
-
-commit 011052de73f3dbc53f50927ccf677266a9ade4f6
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Mon Feb 17 22:55:51 2020 +1100
-
-    Remove unused variable warning.
+    OpenBSD-Commit-ID: 0c529d06e902c5d1a6b231e1bec6157f76dc67c9
 
-commit 31c9348c5e4e94e9913ec64b3ca6e15f68ba19e5
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Mon Feb 17 22:53:24 2020 +1100
+commit 9cac1db52e6c4961c447910fe02cd68a3b2f9460
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Oct 18 11:13:45 2020 +0000
 
-    Constify aix_krb5_get_principal_name.
+    upstream: add some variant log.h calls that prepend the calling
+    
+    function name; ok markus@
     
-    Prevents warning about discarding type qualifiers on AIX.
+    OpenBSD-Commit-ID: 4be1b2e2455b271ddb7457bc195c5367644f4e48
 
-commit 290c994336a2cfe03c5496bebb6580863f94b232
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Mon Feb 17 22:51:36 2020 +1100
+commit d55dfed34ef6ef1f028d552a90d5f3dba8dd6f7b
+Author: Damien Miller <djm@mindrot.org>
+Date:   Sat Oct 17 22:55:24 2020 +1100
 
-    Check if TILDE is already defined and undef.
-    
-    Prevents redefinition warning on AIX.
+    missing header
 
-commit 41a2e64ae480eda73ee0e809bbe743d203890938
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Mon Feb 17 22:51:00 2020 +1100
+commit 999d7cb79a3a73d92a6dfbf174c33da0d984c7a2
+Author: Damien Miller <djm@mindrot.org>
+Date:   Sat Oct 17 22:47:52 2020 +1100
 
-    Prevent unused variable warning.
+    sync regress/misc/sk-dummy/fatal.c
 
-commit d4860ec4efd25ba194337082736797fce0bda016
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Mon Feb 17 22:48:50 2020 +1100
+commit 3554b4afa38b3483a3302f1be18eaa6f843bb260
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Oct 17 01:28:20 2020 +0000
 
-    Check if getpeereid is actually declared.
+    upstream: make the log functions that exit (sshlogdie(),
+    
+    sshfatal(), etc) have identical signatures. Makes things a bit more
+    consistent...
     
-    Check in sys/socket.h (AIX) and unistd.h (FreeBSD, DragonFLy and OS X).
-    Prevents undeclared function warning on at least some versions of AIX.
+    OpenBSD-Commit-ID: bd0ae124733389d7c0042e135c71ee9091362eb9
 
-commit 8aa3455b16fddea4c0144a7c4a1edb10ec67dcc8
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Feb 14 00:39:20 2020 +0000
+commit 616029a85ad7529b24bb8c4631d9607c0d6e7afe
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Fri Oct 16 14:34:33 2020 +0000
 
-    upstream: openssh-8.2
+    upstream: add space between macro arg and punctuation;
     
-    OpenBSD-Commit-ID: 0a1340ff65fad0d84b997ac58dd1b393dec7c19b
+    OpenBSD-Commit-ID: bb81e2ed5a77832fe62ab30a915ae67cda57633e
 
-commit 72f0ce33f0d5a37f31bad5800d1eb2fbdb732de6
+commit f812a36cee5727147bc897d34ab9af068dd4561e
 Author: Damien Miller <djm@mindrot.org>
-Date:   Wed Feb 12 09:28:35 2020 +1100
+Date:   Sat Oct 17 12:03:34 2020 +1100
 
-    crank version numbers
+    check for and require a C99 capable compiler
+    
+    recent logging changes use __VA_ARGS__.
 
-commit b763ed05bd1f1f15ae1727c86a4498546bc36ca8
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Tue Feb 11 12:51:24 2020 +1100
+commit f9ea6515202b59a1e2d5b885cafc1b12eff33016
+Author: Damien Miller <djm@mindrot.org>
+Date:   Sat Oct 17 11:51:20 2020 +1100
 
-    Minor documentation update:
-    
-     - remove duplication of dependency information (it's all in INSTALL).
-     - SSHFP is now an RFC.
+    logging is now macros, remove function pointers
 
-commit 14ccfdb7248e33b1dc8bbac1425ace4598e094cb
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Sun Feb 9 11:23:35 2020 +1100
+commit 0f938f998626e8359324f803157cd7c9f8f403e2
+Author: Damien Miller <djm@mindrot.org>
+Date:   Sat Oct 17 11:42:26 2020 +1100
 
-    Check if UINT32_MAX is defined before redefining.
+    adapt sk-dummy's fatal implementation to changes
 
-commit be075110c735a451fd9d79a864e01e2e0d9f19d2
+commit afbd9ec9e2dbad04834ce7ce53e58740434f32a5
 Author: Damien Miller <djm@mindrot.org>
-Date:   Fri Feb 7 15:07:27 2020 +1100
+Date:   Sat Oct 17 11:33:13 2020 +1100
 
-    typo; reported by Phil Pennock
+    fix netcat build problem
 
-commit 963d71851e727ffdd2a97fe0898fad61d4a70ba1
+commit 793b583d097381730adaf6f68bed3c343139a013
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Feb 7 03:57:31 2020 +0000
+Date:   Fri Oct 16 13:26:13 2020 +0000
 
-    upstream: sync the description of the $SSH_SK_PROVIDER environment
-    
-    variable with that of the SecurityKeyProvider ssh/sshd_config(5) directive,
-    as the latter was more descriptive.
+    upstream: LogVerbose keyword for ssh and sshd
     
-    OpenBSD-Commit-ID: 0488f09530524a7e53afca6b6e1780598022552f
-
-commit d4d9e1d40514e2746f9e05335d646512ea1020c6
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Feb 7 03:54:44 2020 +0000
-
-    upstream: Add ssh -Q key-sig for all key and signature types.
+    Allows forcing maximum debug logging by file/function/line pattern-
+    lists.
     
-    Teach ssh -Q to accept ssh_config(5) and sshd_config(5) algorithm keywords as
-    an alias for the corresponding query.  Man page help jmc@, ok djm@.
+    ok markus@
     
-    OpenBSD-Commit-ID: 1e110aee3db2fc4bc5bee2d893b7128fd622e0f8
+    OpenBSD-Commit-ID: c294c25732d1b4fe7e345cb3e044df00531a6356
 
-commit fd68dc27864b099b552a6d9d507ca4b83afd6a76
+commit 752250caabda3dd24635503c4cd689b32a650794
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Feb 7 03:27:54 2020 +0000
+Date:   Fri Oct 16 13:24:45 2020 +0000
 
-    upstream: fix two PIN entry bugs on FIDO keygen: 1) it would allow more
+    upstream: revised log infrastructure for OpenSSH
     
-    than the intended number of prompts (3) and 2) it would SEGV too many
-    incorrect PINs were entered; based on patch by Gabriel Kihlman
+    log functions receive function, filename and line number of caller.
+    We can use this to selectively enable logging via pattern-lists.
+    
+    ok markus@
     
-    OpenBSD-Commit-ID: 9c0011f28ba8bd8adf2014424b64960333da1718
+    OpenBSD-Commit-ID: 51a472610cbe37834ce6ce4a3f0e0b1ccc95a349
 
-commit 96bd895a0a0b3a36f81c14db8c91513578fc5563
+commit acadbb3402b70f72f14d9a6930ad41be97c2f9dc
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Thu Feb 6 22:48:23 2020 +0000
+Date:   Fri Oct 16 02:37:12 2020 +0000
 
-    upstream: When using HostkeyAlgorithms to merely append or remove
+    upstream: use do_log2 instead of function pointers to different log
     
-    algorithms from the default set (i.e. HostkeyAlgorithms=+/-...), retain the
-    default behaviour of preferring those algorithms that have existing keys in
-    known_hosts; ok markus
+    functions
     
-    OpenBSD-Commit-ID: 040e7fcc38ea00146b5d224ce31ce7a1795ee6ed
+    OpenBSD-Commit-ID: 88077b826d348c58352a6b394755520f4e484480
 
-commit c7288486731734a864b58d024b1395029b55bbc5
+commit 95b0bcfd1531d59e056ae8af27bb741391f26ab0
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Thu Feb 6 22:46:31 2020 +0000
+Date:   Wed Oct 14 00:55:17 2020 +0000
 
-    upstream: expand HostkeyAlgorithms prior to config dump, matching
+    upstream: make UpdateHostkeys still more conservative: refuse to
+    
+    proceed if one of the keys offered by the server is already in known_hosts
+    under another name. This avoid collisions between address entries for
+    different host aliases when CheckHostIP=yes
     
-    other algorithm lists; ok markus@
+    Also, do not attempt to fix known_hosts with incomplete host/ip matches
+    when there are no new or deprecated hostkeys.
     
-    OpenBSD-Commit-ID: a66f0fca8cc5ce30405a2867bc115fff600671d0
+    OpenBSD-Commit-ID: 95c19842f7c41f9bd9c92aa6441a278c0fd0c4a3
 
-commit a6ac5d36efc072b15690c65039754f8e44247bdf
-Author: naddy@openbsd.org <naddy@openbsd.org>
-Date:   Thu Feb 6 22:34:58 2020 +0000
+commit a336ce8c2c55547cc00e0070a18c55f30bb53fb6
+Author: kn@openbsd.org <kn@openbsd.org>
+Date:   Mon Oct 12 08:36:36 2020 +0000
 
-    upstream: Add Include to the list of permitted keywords after a
+    upstream: Zap unused family parameter from ssh_connect_direct()
+    
+    sshconnect.c r1.241 from 2013 made it unused;  found while reading code.
     
-    Match keyword. ok markus@
+    OK djm
     
-    OpenBSD-Commit-ID: 342e940538b13dd41e0fa167dc9ab192b9f6e2eb
+    OpenBSD-Commit-ID: 219ba6d7f9925d0b7992918612680399d86712b5
 
-commit a47f6a6c0e06628eed0c2a08dc31a8923bcc37ba
-Author: naddy@openbsd.org <naddy@openbsd.org>
-Date:   Thu Feb 6 22:30:54 2020 +0000
+commit e545d94b713effab8e6c7dfabbfb76c1d84d7498
+Author: Philip Hands <phil@hands.com>
+Date:   Sun Oct 4 00:15:46 2020 +0200
 
-    upstream: Replace "security key" with "authenticator" in program
-    
-    messages.
+    shift contents of long $() into filter_ids()
     
-    This replaces "security key" in error/usage/verbose messages and
-    distinguishes between "authenticator" and "authenticator-hosted key".
+    This was prompted by the fact that posh does not deal with $()
+    that contains comments where the comment includes an odd number
+    of single-quotes. It seems to get befuddled into trying to find
+    the matching quote.
+    Regardless, making a function for filtering the unneeded ids
+    seems much neater than avoiding apostrophes,
+    so that's what I've done.
     
-    ok djm@
+    SSH-Copy-ID-Upstream: 3dab3366a584427045c8a690a93282f02c09cf24
+
+commit fd360174596047b52aa1cddda74d85012a03ca4b
+Author: Philip Hands <phil@hands.com>
+Date:   Sat Oct 3 23:15:16 2020 +0200
+
+    combine if/elif to avoid duplication of the action
     
-    OpenBSD-Commit-ID: 7c63800e9c340c59440a054cde9790a78f18592e
+    SSH-Copy-ID-Upstream: 42aeb1cc53d3f7f6e78edc210fb121fda0834914
 
-commit 849a9b87144f8a5b1771de6c85e44bfeb86be9a9
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Thu Feb 6 11:28:14 2020 +1100
+commit f7c3a39b016dd77709ecbf18da8282f967b86cd7
+Author: Philip Hands <phil@hands.com>
+Date:   Sat Oct 3 21:45:16 2020 +0200
 
-    Don't look for UINT32_MAX in inttypes.h
+    shellcheck tidyage
     
-    ... unless we are actually going to use it.  Fixes build on HP-UX
-    without the potential impact to other platforms of a header change
-    shortly before release.
+    SSH-Copy-ID-Upstream: 5b08f840e78ac544288b3983010a1b0585e966fd
 
-commit a2437f8ed0c3be54ddd21630a93c68ebd168286f
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Feb 6 12:02:22 2020 +1100
+commit 108676c3f26be6c873db0dd8754063699908727b
+Author: Philip Hands <phil@hands.com>
+Date:   Sat Oct 3 21:10:03 2020 +0200
 
-    depend
+    tidy up test of $SCRATCH_DIR creation
+    
+    SSH-Copy-ID-Upstream: 2d8b22d96c105d87743ffe8874887b06f8989b93
 
-commit 9716e8c4956acdd7b223d1642bfa376e07e7503d
-Author: Michael Forney <mforney@mforney.org>
-Date:   Wed Nov 27 19:17:26 2019 -0800
+commit a9c9e91a82bc1a2cf801b4e3ef27a941dbd27717
+Author: Philip Hands <phil@hands.com>
+Date:   Wed Sep 16 16:13:30 2020 +0200
 
-    Fix sha2 MAKE_CLONE no-op definition
+    add -s flag: to install keys via SFTP
     
-    The point of the dummy declaration is so that MAKE_CLONE(...) can have
-    a trailing semicolon without introducing an empty declaration. So,
-    the macro replacement text should *not* have a trailing semicolon,
-    just like DEF_WEAK.
-
-commit d596b1d30dc158915a3979fa409d21ff2465b6ee
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Feb 4 09:58:04 2020 +0000
-
-    upstream: require FIDO application strings to start with "ssh:"; ok
+    This is prompted by:
     
-    markus@
+     https://bugzilla.mindrot.org/show_bug.cgi?id=3201
+    
+    Thanks go to Matthias Blümel for the idea, and the helpful patch, from
+    which this patch grew.
     
-    OpenBSD-Commit-ID: 94e9c1c066d42b76f035a3d58250a32b14000afb
+    SSH-Copy-ID-Upstream: f7c76dc64427cd20287a6868f672423b62057614
 
-commit 501f3582438cb2cb1cb92be0f17be490ae96fb23
+commit f92424970c02b78852ff149378c7f2616ada4ccf
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Feb 3 23:47:57 2020 +0000
+Date:   Sun Oct 11 22:14:38 2020 +0000
 
-    upstream: revert enabling UpdateHostKeys by default - there are still
-    
-    corner cases we need to address; ok markus
+    upstream: UpdateHostkeys: check for keys under other names
     
-    OpenBSD-Commit-ID: ff7ad941bfdc49fb1d8baa95fd0717a61adcad57
-
-commit 072f3b832d2a4db8d9880effcb6c4d0dad676504
-Author: jmc@openbsd.org <jmc@openbsd.org>
-Date:   Mon Feb 3 08:15:37 2020 +0000
-
-    upstream: use better markup for challenge and write-attestation, and
+    Stop UpdateHostkeys from automatically removing deprecated keys from
+    known_hosts files if the same keys exist under a different name or
+    address to the host that is being connected to.
     
-    rejig the challenge text a little;
+    This avoids UpdateHostkeys from making known_hosts inconsistent in
+    some cases. For example, multiple host aliases sharing address-based
+    known_hosts on different lines, or hosts that resolves to multiple
+    addresses.
     
-    ok djm
+    ok markus@
     
-    OpenBSD-Commit-ID: 9f351e6da9edfdc907d5c3fdaf2e9ff3ab0a7a6f
-
-commit 262eb05a22cb1fabc3bc1746c220566490b80229
-Author: Damien Miller <djm@mindrot.org>
-Date:   Mon Feb 3 21:22:15 2020 +1100
-
-    mention libfido2 in dependencies section
+    OpenBSD-Commit-ID: 6444a705ba504c3c8ccddccd8d1b94aa33bd11c1
 
-commit ccd3b247d59d3bde16c3bef0ea888213fbd6da86
-Author: Damien Miller <djm@mindrot.org>
-Date:   Mon Feb 3 19:40:12 2020 +1100
+commit d98f14b5328922ae3085e07007d820c4f655b57a
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Oct 11 22:13:37 2020 +0000
 
-    add clock_gettime64(2) to sandbox allowed syscalls
+    upstream: UpdateHostkeys: better CheckHostIP handling
     
-    bz3093
-
-commit adffbe1c645ad2887ba0b6d24c194aa7a40c5735
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Sun Feb 2 09:45:34 2020 +0000
-
-    upstream: Output (none) in debug in the case in the CheckHostIP=no case
+    When preparing to update the known_hosts file, fully check both
+    entries for both the host and the address (if CheckHostIP enabled)
+    and ensure that, at the end of the operation, entries for both are
+    recorded.
     
-    as suggested by markus@
+    Make sure this works with HashKnownHosts too, which requires maintaining
+    a list of entry-types seen across the whole file for each key.
     
-    OpenBSD-Commit-ID: 4ab9117ee5261cbbd1868717fcc3142eea6385cf
-
-commit 58c819096a2167983e55ae686486ce317b69b2d1
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Sun Feb 2 09:22:22 2020 +0000
-
-    upstream: Prevent possible null pointer deref of ip_str in debug.
+    ok markus@
     
-    OpenBSD-Commit-ID: 37b252e2e6f690efed6682437ef75734dbc8addf
+    OpenBSD-Commit-ID: 374dc263103f6b343d9671f87dbf81ffd0d6abdd
 
-commit 0facae7bc8d3f8f9d02d0f6bed3d163ff7f39806
-Author: jmc@openbsd.org <jmc@openbsd.org>
-Date:   Sun Feb 2 07:36:50 2020 +0000
+commit af5941ae9b013aac12585e84c4cf494f3728982f
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Oct 11 22:12:44 2020 +0000
 
-    upstream: shuffle the challenge keyword to keep the -O list sorted;
+    upstream: UpdateHostkeys: better detect manual host entries
     
-    OpenBSD-Commit-ID: 08efad608b790949a9a048d65578fae9ed5845fe
-
-commit 6fb3dd0ccda1c26b06223b87bcd1cab9ec8ec3cc
-Author: jmc@openbsd.org <jmc@openbsd.org>
-Date:   Sat Feb 1 06:53:12 2020 +0000
-
-    upstream: tweak previous;
+    Disable UpdateHostkeys if the known_hosts line has more than two
+    entries in the pattern-list. ssh(1) only writes "host" or "host,ip"
+    lines so anything else was added by a different tool or by a human.
     
-    OpenBSD-Commit-ID: 0c42851cdc88583402b4ab2b110a6348563626d3
-
-commit 92725d4d3fde675acc0ca040b48f3d0c7be73b7f
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Sat Feb 1 17:25:09 2020 +1100
-
-    Use sys-queue.h from compat library.
+    ok markus@
     
-    Fixes build on platforms that don't have sys/queue.h (eg MUSL).
+    OpenBSD-Commit-ID: e434828191fb5f3877d4887c218682825aa59820
 
-commit 677d0ece67634262b3b96c3cd6410b19f3a603b7
+commit 6247812c76f70b2245f3c23f5074665b3d436cae
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Jan 31 23:25:08 2020 +0000
+Date:   Thu Oct 8 01:15:16 2020 +0000
 
-    upstream: regress test for sshd_config Include directive; from Jakub
+    upstream: don't misdetect comma-separated hostkey names as wildcards;
     
-    Jelen
+    spotted by naddy@
     
-    OpenBSD-Regress-ID: 0d9224de3297c7a5f51ba68d6e3725a2a9345fa4
+    OpenBSD-Commit-ID: 4b874edfec7fc324a21b130bdb42f912177739ce
 
-commit d4f4cdd681ab6408a98419f398b75a55497ed324
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Jan 31 23:13:04 2020 +0000
+commit 67146c7d022a170be3cdad2f5f40259a663fb266
+Author: wangxp006 <wangxiaopeng7@huawei.com>
+Date:   Thu Oct 8 17:49:59 2020 +0800
 
-    upstream: whitespace
-    
-    OpenBSD-Commit-ID: 564cf7a5407ecf5da2d94ec15474e07427986772
+    fix TEST_MALLOC_OPTIONS var
 
-commit 245399dfb3ecebc6abfc2ef4ee2e650fa9f6942b
+commit 3205eaa3f8883a34fa4559ddef6c90d1067c5cce
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Jan 31 23:11:25 2020 +0000
+Date:   Thu Oct 8 00:31:05 2020 +0000
 
-    upstream: force early logging to stderr if debug_flag (-d) is set;
-    
-    avoids missing messages from re-exec config passing
+    upstream: clarify conditions for UpdateHostkeys
     
-    OpenBSD-Commit-ID: 02484b8241c1f49010e7a543a7098e6910a8c9ff
+    OpenBSD-Commit-ID: 9cba714cf6aeed769f998ccbe8c483077a618e27
 
-commit 7365f28a66d1c443723fbe6f4a2612ea6002901e
+commit e8dfca9bfeff05de87160407fb3e6a5717fa3dcb
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Jan 31 23:08:08 2020 +0000
+Date:   Wed Oct 7 06:38:16 2020 +0000
 
-    upstream: mistake in previous: filling the incorrect buffer
+    upstream: remove GlobalKnownHostsFile for this test after
+    
+    UpdateHostkeys change
     
-    OpenBSD-Commit-ID: 862ee84bd4b97b529f64aec5d800c3dcde952e3a
+    OpenBSD-Regress-ID: a940ad79d59343319613ba8fc46b6ef24aa3f8e1
 
-commit c2bd7f74b0e0f3a3ee9d19ac549e6ba89013abaf
+commit 4aa2717d7517cff4bc423a6cfba3a2defb055aea
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Jan 31 22:42:45 2020 +0000
+Date:   Wed Oct 7 02:26:28 2020 +0000
 
-    upstream: Add a sshd_config "Include" directive to allow inclusion
+    upstream: Disable UpdateHostkeys when hostkey checking fails
     
-    of files. This has sensible semantics wrt Match blocks and accepts glob(3)
-    patterns to specify the included files. Based on patch by Jakub Jelen in
-    bz2468; feedback and ok markus@
+    If host key checking fails (i.e. a wrong host key is recorded for the
+    server) and the user elects to continue (via StrictHostKeyChecking=no),
+    then disable UpdateHostkeys for the session.
     
-    OpenBSD-Commit-ID: 36ed0e845b872e33f03355b936a4fff02d5794ff
-
-commit ba261a1dd33266168ead4f8f40446dcece4d1600
-Author: jmc@openbsd.org <jmc@openbsd.org>
-Date:   Fri Jan 31 22:25:59 2020 +0000
-
-    upstream: spelling fix;
+    reminded by Mark D. Baushke; ok markus@
     
-    OpenBSD-Commit-ID: 3c079523c4b161725a4b15dd06348186da912402
+    OpenBSD-Commit-ID: 98b524f121f4252309dd21becd8c4cacb0c6042a
 
-commit 771891a044f763be0711493eca14b6b0082e030f
+commit 04c06d04475f1f673e9d9743710d194453fe3888
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Thu Jan 30 22:25:34 2020 +0000
+Date:   Wed Oct 7 02:25:43 2020 +0000
 
-    upstream: document changed default for UpdateHostKeys
+    upstream: Fix UpdateHostkeys/HashKnownHosts/CheckHostIP bug
     
-    OpenBSD-Commit-ID: 25c390b21d142f78ac0106241d13441c4265fd2c
+    When all of UpdateHostkeys, HashKnownHosts and ChechHostIP
+    were enabled and new host keys were learned, known_hosts IP
+    entries were not being recorded for new host keys.
+    
+    reported by matthieu@ ok markus@
+    
+    OpenBSD-Commit-ID: a654a8290bd1c930aac509e8158cf85e42e49cb7
 
-commit d53a518536c552672c00e8892e2aea28f664148c
+commit b70e33711291f3081702133175a41cccafc0212a
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Thu Jan 30 22:19:32 2020 +0000
+Date:   Wed Oct 7 02:24:51 2020 +0000
 
-    upstream: enable UpdateKnownHosts=yes if the configuration
+    upstream: don't UpdateHostkeys when the hostkey is verified by the
     
-    specifies only the default known_hosts files, otherwise select
-    UpdateKnownHosts=ask; ok markus@
+    GlobalKnownHostsFile file, support only UserKnownHostsFile matches
     
-    OpenBSD-Commit-ID: ab401a5ec4a33d2e1a9449eae6202e4b6d427df7
-
-commit bb63ff844e818d188da4fed3c016e0a4eecbbf25
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Thu Jan 30 18:54:42 2020 +1100
-
-    Look in inttypes.h for UINT32_MAX.
+    suggested by Mark D. Baushke; feedback and ok markus@
     
-    Should prevent warnings on at least some AIX versions.
+    OpenBSD-Commit-ID: eabb771a6add676c398d38a143a1aff5f04abbb9
 
-commit afeb6a960da23f0a5cbc4b80cca107c7504e932a
+commit aa623142e426ca1ab9db77b06dcc9b1b70bd102b
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Thu Jan 30 07:21:38 2020 +0000
+Date:   Wed Oct 7 02:22:23 2020 +0000
 
-    upstream: use sshpkt_fatal() instead of plain fatal() for
+    upstream: revert kex->flags cert hostkey downgrade back to a plain
+    
+    key (commitid VtF8vozGOF8DMKVg). We now do this a simpler way that needs less
+    plumbing.
     
-    ssh_packet_write_poll() failures here too as the former yields better error
-    messages; ok dtucker@
+    ok markus@
     
-    OpenBSD-Commit-ID: 1f7a6ca95bc2b716c2e948fc1370753be772d8e3
+    OpenBSD-Commit-ID: fb92d25b216bff8c136da818ac2221efaadf18ed
 
-commit 65d6fd0a8a6f31c3ddf0c1192429a176575cf701
+commit f4f14e023cafee1cd9ebe4bb0db4029e6e1fafac
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Thu Jan 30 07:20:57 2020 +0000
+Date:   Wed Oct 7 02:20:35 2020 +0000
 
-    upstream: check the return value of ssh_packet_write_poll() and
+    upstream: simply disable UpdateHostkeys when a certificate
+    
+    successfully authenticated the host; simpler than the complicated plumbing
+    via kex->flags we have now.
     
-    call sshpkt_fatal() if it fails; avoid potential busy-loop under some
-    circumstances. Based on patch by Mike Frysinger; ok dtucker@
+    ok markus@
     
-    OpenBSD-Commit-ID: c79fe5cf4f0cd8074cb6db257c1394d5139408ec
+    OpenBSD-Commit-ID: 80e39644eed75717d563a7f177e8117a0e14f42c
 
-commit dce74eab0c0f9010dc84c62500a17771d0131ff3
+commit e79957e877db42c4c68fabcf6ecff2268e53acb5
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Thu Jan 30 07:20:05 2020 +0000
+Date:   Wed Oct 7 02:18:45 2020 +0000
 
-    upstream: have sshpkt_fatal() save/restore errno before we
+    upstream: disable UpdateHostkeys by default if VerifyHostKeyDNS is
     
-    potentially call strerror() (via ssh_err()); ok dtucker
+    enabled; suggested by Mark D. Baushke
     
-    OpenBSD-Commit-ID: 5590df31d21405498c848245b85c24acb84ad787
+    OpenBSD-Commit-ID: 85a1b88592c81bc85df7ee7787dbbe721a0542bf
 
-commit 14ef4efe2bf4180e085ea6738fdbebc199458b0c
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Jan 29 08:17:49 2020 +0000
+commit 3d4c2016bae1a6f14b48c1150a4c79ca4c9968bd
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Tue Oct 6 07:12:04 2020 +0000
 
-    upstream: markus suggests a simplification to previous
+    upstream: Agent protocol draft is now at rev 4. ok djm@
     
-    OpenBSD-Commit-ID: 10bbfb6607ebbb9a018dcd163f0964941adf58de
+    OpenBSD-Commit-ID: 8c01ea3aae48aab45e01b7421b0fca2dad5e7837
 
-commit 101ebc3a8cfa78d2e615afffbef9861bbbabf1ff
+commit af889a40ffc113af9105c03d7b32131eb4372d50
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Jan 29 07:51:30 2020 +0000
+Date:   Sun Oct 4 09:45:01 2020 +0000
 
-    upstream: give more context to UpdateHostKeys messages, mentioning
+    upstream: when ordering host key algorithms in the client, consider
     
-    that the changes are validated by the existing trusted host key. Prompted by
-    espie@ feedback and ok markus@
+    the ECDSA key subtype; ok markus@
     
-    OpenBSD-Commit-ID: b3d95f4a45f2692f4143b9e77bb241184dbb8dc5
+    OpenBSD-Commit-ID: 3097686f853c61ff61772ea35f8b699931392ece
 
-commit 24c0f752adf9021277a7b0a84931bb5fe48ea379
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Jan 28 08:01:34 2020 +0000
+commit 2d39fc9f7e039351daa3d6aead1538ac29258add
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Sun Oct 4 03:04:02 2020 +0000
 
-    upstream: changes to support FIDO attestation
+    upstream: Allow full range of UIDs and GIDs for sftp chown and
     
-    Allow writing to disk the attestation certificate that is generated by
-    the FIDO token at key enrollment time. These certificates may be used
-    by an out-of-band workflow to prove that a particular key is held in
-    trustworthy hardware.
+    chgrp on 32bit platforms instead of being limited by LONG_MAX.  bz#3206,
+    found by booking00 at sina.cn, ok markus@
     
-    Allow passing in a challenge that will be sent to the card during
-    key enrollment. These are needed to build an attestation workflow
-    that resists replay attacks.
+    OpenBSD-Commit-ID: 373b7bbf1f15ae482d39567ce30d18b51c9229b5
+
+commit 396d32f3a1a16e54df2a76b2a9b237868580dcbe
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Oct 3 09:22:26 2020 +0000
+
+    upstream: There are lots of place where we want to redirect stdin,
     
+    stdout and/or stderr to /dev/null. Factor all these out to a single
+    stdfd_devnull() function that allows selection of which of these to redirect.
     ok markus@
     
-    OpenBSD-Commit-ID: 457dc3c3d689ba39eed328f0817ed9b91a5f78f6
+    OpenBSD-Commit-ID: 3033ba5a4c47cacfd5def020d42cabc52fad3099
 
-commit 156bef36f93a48212383235bb8e3d71eaf2b2777
+commit 1286981d08b8429a64613215ce8bff3f6b32488a
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Jan 28 07:24:15 2020 +0000
+Date:   Sat Oct 3 08:30:47 2020 +0000
 
-    upstream: disable UpdateHostKeys=ask when in quiet mode; "work for
+    upstream: enable UpdateHostkeys by default when the configuration
     
-    me" matthieu@
+    has not overridden UserKnownHostsFile; ok markus@ "The timing is perfect"
+    deraadt@
     
-    OpenBSD-Commit-ID: 60d7b5eb91accf935ed9852650a826d86db2ddc7
+    OpenBSD-Commit-ID: 62df71c9c5242da5763cb473c2a2deefbd0cef60
 
-commit ec8a759b4045e54d6b38e690ffee4cbffc53c7b7
-Author: Damien Miller <djm@mindrot.org>
-Date:   Tue Jan 28 12:57:25 2020 +1100
+commit 332f21537293d66508f7342dc643bc7fe45f0f69
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Oct 3 08:12:59 2020 +0000
 
-    compat for missing IPTOS_DSCP_LE in system headers
+    upstream: disable UpdateHostkeys when a wildcard hostname pattern
+    
+    is encountered or when a certificate host key is in use. feedback/ok markus@
+    
+    OpenBSD-Commit-ID: b6e5575af7e6732322be82ec299e09051a5413bd
 
-commit 4594c7627680c4f41c2ad5fe412e55b7cc79b10c
+commit 13cee44ef907824083d89cb9395adbbd552e46c1
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Jan 28 01:49:36 2020 +0000
+Date:   Sat Oct 3 08:11:28 2020 +0000
 
-    upstream: make IPTOS_DSCP_LE available via IPQoS directive; bz2986,
+    upstream: record when the host key checking code downgrades a
     
-    based on patch by veegish AT cyberstorm.mu
+    certificate host key to a plain key. This occurs when the user connects to a
+    host with a certificate host key but no corresponding CA key configured in
+    known_hosts; feedback and ok markus@
     
-    OpenBSD-Commit-ID: 9902bf4fbb4ea51de2193ac2b1d965bc5d99c425
+    OpenBSD-Commit-ID: 2ada81853ff9ee7824c62f440bcf4ad62030c901
 
-commit da22216b5db3613325aa7b639f40dc017e4c6f69
-Author: markus@openbsd.org <markus@openbsd.org>
-Date:   Mon Jan 27 20:51:32 2020 +0000
+commit 12ae8f95e2e0c273e9e7ef930b01a028ef796a3f
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Oct 3 04:15:06 2020 +0000
 
-    upstream: disable UpdateHostKeys=ask if command is specified; ok
+    upstream: prefer ed25519 signature algorithm variants to ECDSA; ok
     
-    djm@ sthen@
+    markus@
     
-    OpenBSD-Commit-ID: e5bcc45eadb78896637d4143d289f1e42c2ef5d7
+    OpenBSD-Commit-ID: 82187926fca96d35a5b5afbc091afa84e0966e5b
 
-commit 1e1db0544fdd788e2e3fc21d972a7ccb7de6b4ae
+commit e5ed753add7aa8eed6b167e44db6240a76404db2
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sun Jan 26 00:09:50 2020 +0000
+Date:   Sat Oct 3 03:40:38 2020 +0000
 
-    upstream: unbreak unittests for recent API / source file changes
+    upstream: want time.h here too
     
-    OpenBSD-Regress-ID: 075a899a01bbf7781d38bf0b33d8366faaf6d3c0
+    OpenBSD-Commit-ID: fafee8f1108c64ad8b282f9a1ed5ea830d8c58a7
 
-commit 0d1144769151edf65f74aee9a4c8545c37861695
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Sun Jan 26 15:09:15 2020 +1100
+commit 66bd9fdf8b7762eb6a85cabbb1ae4ed955679f60
+Author: deraadt@openbsd.org <deraadt@openbsd.org>
+Date:   Sat Oct 3 02:18:33 2020 +0000
 
-    Move definition of UINT32_MAX.
+    upstream: split introductory paragraph, and insert ominous words about
+    
+    the glob issue, which cannot be fully fixed and really requires completely
+    replacing scp with a completely different subsystem. team effort to find the
+    right words..
     
-    This allows us to always define it if needed not just if we also
-    define the type ourself.
+    OpenBSD-Commit-ID: 58e1f72d292687f63eb357183036ee242513691c
 
-commit f73ab8a811bc874c2fb403012aa8e4bfdcaf5ec7
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sun Jan 26 00:09:50 2020 +0000
+commit 86cc8ce002ea10e88a4c5d622a8fdfab8a7d261f
+Author: Damien Miller <djm@mindrot.org>
+Date:   Sat Oct 3 13:38:55 2020 +1000
 
-    upstream: unbreak unittests for recent API / source file changes
-    
-    OpenBSD-Regress-ID: 075a899a01bbf7781d38bf0b33d8366faaf6d3c0
+    use relative rather than system include here
 
-commit 0373f9eba2b63455dceedbd3ac3d5dca306789ff
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Sun Jan 26 14:09:17 2020 +1100
+commit 922cfac5ed5ead9f796f7d39f012dd653dc5c173
+Author: Damien Miller <djm@mindrot.org>
+Date:   Sat Oct 3 13:38:41 2020 +1000
 
-    Include signal.h to prevent redefintion of _NSIG.
+    add some openbsd-compat licenses we missed
 
-commit 638a45b5c1e20a8539100ca44166caad8abf26f8
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Sun Jan 26 13:40:51 2020 +1100
+commit ce941c75ea9cd6c358508a5b206809846c8d9240
+Author: Philip Hands <phil@hands.com>
+Date:   Sat Oct 3 00:20:07 2020 +0200
 
-    Wrap stdint.h in tests inside HAVE_STDINT_H.
+    un-nest $() to make ksh cheerful
 
-commit 74dfc2c859c906eaab1f88a27fd883115ffb928f
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sun Jan 26 00:14:45 2020 +0000
+commit 18ea5f4b88e303677d2003b95e5cb864b439e442
+Author: Philip Hands <phil@hands.com>
+Date:   Fri Oct 2 21:30:10 2020 +0200
 
-    upstream: for UpdateHostKeys, don't report errors for unsupported
-    
-    key types - just ignore them. spotted by and ok dtucker@
+    ksh doesn't grok 'local'
     
-    OpenBSD-Commit-ID: 91769e443f6197c983932fc8ae9d39948727d473
+    and AFAICT it's not actually doing anything useful in the code, so let's
+    see how things go without it.
 
-commit b59618246c332e251160be0f1e0e88a7d4e2b0ae
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sun Jan 26 00:13:20 2020 +0000
+commit d9e727dcc04a52caaac87543ea1d230e9e6b5604
+Author: Oleg <Fallmay@users.noreply.github.com>
+Date:   Thu Oct 1 12:09:08 2020 +0300
 
-    upstream: downgrade error() for missing subsequent known_hosts
-    
-    files to debug() as it was intended to be; spotted by dtucker@
-    
-    OpenBSD-Commit-ID: 18cfea382cb52f2da761be524e309cc3d5354ef9
+    Fix `EOF: command not found` error in ssh-copy-id
 
-commit 469df611f778eec5950d556aabfe1d4efc227915
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sat Jan 25 23:33:27 2020 +0000
+commit a1a856d50c89be3206f320baa4bfb32fff4e826f
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Wed Sep 30 09:11:39 2020 +0000
 
-    upstream: clarify that BatchMode applies to all interactive prompts
-    
-    (e.g. host key confirmation) and not just password prompts.
+    upstream: Regen moduli.
     
-    OpenBSD-Commit-ID: 97b001883d89d3fb1620d2e6b747c14a26aa9818
+    OpenBSD-Commit-ID: 04967f8c43e9854ac34b917bcd6f5ac96c53a693
 
-commit de40876c4a5d7c519d3d7253557572fdfc13db76
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sat Jan 25 23:28:06 2020 +0000
+commit fa1fe3ead7069d90d3c67d62137ad66acfcc9f48
+Author: HARUYAMA Seigo <haruyama@unixuser.org>
+Date:   Sun Sep 27 20:06:20 2020 +0900
 
-    upstream: tidy headers; some junk snuck into sshbuf-misc.c and
-    
-    sshbuf-io.c doesn't need SSHBUF_INTERNAL set
-    
-    OpenBSD-Commit-ID: 27a724d2e0b2619c1a1490f44093bbd73580d9e6
+    Restore first section title of INSTALL
 
-commit 6a107606355fa9547884cad6740e6144a7a7955b
+commit 279261e1ea8150c7c64ab5fe7cb4a4ea17acbb29
 Author: Damien Miller <djm@mindrot.org>
-Date:   Sun Jan 26 10:28:21 2020 +1100
+Date:   Sun Sep 27 17:25:01 2020 +1000
 
-    depend
+    update version numbers
 
-commit 59d01f1d720ebede4da42882f592d1093dac7adc
+commit 58ca6ab6ff035ed12b5078e3e9c7199fe72c8587
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sat Jan 25 23:13:09 2020 +0000
+Date:   Sun Sep 27 07:22:05 2020 +0000
 
-    upstream: improve the error message for u2f enrollment errors by
-    
-    making ssh-keygen be solely responsible for printing the error message and
-    convertint some more common error responses from the middleware to a useful
-    ssherr.h status code. more detail remains visible via -v of course.
-    
-    also remove indepedent copy of sk-api.h declarations in sk-usbhid.c
-    and just include it.
-    
-    feedback & ok markus@
+    upstream: openssh 8.4
     
-    OpenBSD-Commit-ID: a4a8ffa870d9a3e0cfd76544bcdeef5c9fb1f1bb
+    OpenBSD-Commit-ID: a29e5b372d2c00e297da8a35a3b87c9beb3b4a58
 
-commit 99aa8035554ddb976348d2a9253ab3653019728d
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sat Jan 25 23:02:13 2020 +0000
+commit 9bb8a303ce05ff13fb421de991b495930be103c3
+Author: Damien Miller <djm@mindrot.org>
+Date:   Tue Sep 22 10:07:43 2020 +1000
 
-    upstream: factor out reading/writing sshbufs to dedicated
-    
-    functions; feedback and ok markus@
-    
-    OpenBSD-Commit-ID: dc09e5f1950b7acc91b8fdf8015347782d2ecd3d
+    sync with upstream ssh-copy-id rev f0da1a1b7
 
-commit 065064fcf455778b0918f783033b374d4ba37a92
+commit 0a4a5571ada76b1b012bec9cf6ad1203fc19ec8d
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sat Jan 25 22:49:38 2020 +0000
+Date:   Mon Sep 21 07:29:09 2020 +0000
 
-    upstream: add a comment describing the ranges of channel IDs that
-    
-    we use; requested by markus@
+    upstream: close stdin when forking after authentication too; ok markus
     
-    OpenBSD-Commit-ID: 83a1f09810ffa3a96a55fbe32675b34ba739e56b
+    OpenBSD-Commit-ID: 43db17e4abc3e6b4a7b033aa8cdab326a7cb6c24
 
-commit 69334996ae203c51c70bf01d414c918a44618f8e
+commit d14fe25e6c3b89f8af17e2894046164ac3b45688
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sat Jan 25 22:41:01 2020 +0000
+Date:   Sun Sep 20 23:31:46 2020 +0000
 
-    upstream: make sshd_config:ClientAliveCountMax=0 disable the
+    upstream: close stdout/stderr after "ssh -f ..." forking
     
-    connection killing behaviour, rather than killing the connection after
-    sending the first liveness test probe (regardless of whether the client was
-    responsive) bz2627; ok markus
+    bz#3137, ok markus
     
-    OpenBSD-Commit-ID: 5af79c35f4c9fa280643b6852f524bfcd9bccdaf
+    OpenBSD-Commit-ID: e2d83cc4dea1665651a7aa924ad1ed6bcaaab3e2
 
-commit bf986a9e2792555e0879a3145fa18d2b49436c74
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sat Jan 25 22:36:22 2020 +0000
+commit 53a33a0d745179c02108589e1722457ca8ae4372
+Author: Damien Miller <djm@mindrot.org>
+Date:   Sun Sep 20 15:57:09 2020 +1000
 
-    upstream: clarify order of AllowUsers/DenyUsers vs
-    
-    AllowGroups/DenyGroups; bz1690, ok markus@
-    
-    OpenBSD-Commit-ID: 5637584ec30db9cf64822460f41b3e42c8f9facd
+    .depend
 
-commit 022ce92fa0daa9d78830baeb2bd2dc3f83c724ba
+commit 107eb3eeafcd390e1fa7cc7672a05e994d14013e
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sat Jan 25 07:17:18 2020 +0000
+Date:   Sun Sep 20 05:47:25 2020 +0000
 
-    upstream: when AddKeysToAgent=yes is set and the key contains no
-    
-    comment, add the key to the agent with the key's path as the comment. bz2564
+    upstream: cap channel input buffer size at 16MB; avoids high memory use
     
-    OpenBSD-Commit-ID: 8dd8ca9340d7017631a27f4ed5358a4cfddec16f
-
-commit 0b813436bbf6546638b10c1fa71f54691bcf5e63
-Author: tedu@openbsd.org <tedu@openbsd.org>
-Date:   Sat Jan 25 07:09:14 2020 +0000
-
-    upstream: group14-sha1 is no longer a default algorithm
+    when peer advertises a large window but is slow to consume the data we send
+    (e.g. because of a slow network)
     
-    OpenBSD-Commit-ID: a96f04d5e9c2ff760c6799579dc44f69b4ff431d
-
-commit 3432b6e05d5c583c91c566c5708fed487cec79ac
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sat Jan 25 07:02:51 2020 +0000
-
-    upstream: reword HashKnownHosts description a little more; some
+    reported by Pierre-Yves David
     
-    people found the wording confusing (bz#2560)
+    fix with & ok markus@
     
-    OpenBSD-Commit-ID: ac30896598694f07d498828690aecd424c496988
+    OpenBSD-Commit-ID: 1452771f5e5e768876d3bfe2544e3866d6ade216
 
-commit f80d7d6aa98d6eddc5df02412efee6db75673d4c
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sat Jan 25 07:01:00 2020 +0000
+commit acfe2ac5fe033e227ad3a56624fbbe4af8b5da04
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Sep 18 22:02:53 2020 +1000
 
-    upstream: weaken the language for what HashKnownHosts provides with
-    
-    regards to known_hosts name privacy, it's not practical for this option to
-    offer any guarantee that hostnames cannot be recovered from a disclosed
-    known_hosts file (e.g. by brute force).
-    
-    OpenBSD-Commit-ID: 13f1e3285f8acf7244e9770074296bcf446c6972
+    libfido2 1.5.0 is recommended
 
-commit 846446bf3e7421e6671a4afd074bdf15eecd7832
+commit 52a03e9fca2d74eef953ddd4709250f365ca3975
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sat Jan 25 06:40:20 2020 +0000
+Date:   Fri Sep 18 08:16:38 2020 +0000
 
-    upstream: the GatewayPorts vs -R listen address selection logic is
+    upstream: handle multiple messages in a single read()
     
-    still confusing people, so add another comment explaining the special
-    handling of "localhost"; bz#3258
+    PR#183 by Dennis Kaarsemaker; feedback and ok markus@
     
-    OpenBSD-Commit-ID: e6bf0f0fbf1c7092bf0dbd9c6eab105970b5b53a
+    OpenBSD-Commit-ID: 8570bb4d02d00cf70b98590716ea6a7d1cce68d1
 
-commit 734f2f83f5ff86f2967a99d67be9ce22dd0394dd
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sat Jan 25 06:03:10 2020 +0000
+commit dc098405b2939146e17567a25b08fc6122893cdf
+Author: pedro martelletto <pedro@ambientworks.net>
+Date:   Fri Sep 18 08:57:29 2020 +0200
 
-    upstream: mention that permitopen=/PermitOpen do no name to address
+    configure.ac: add missing includes
     
-    translation; prompted by bz3099
+    when testing, make sure to include the relevant header files that
+    declare the types of the functions used by the test:
     
-    OpenBSD-Commit-ID: 0dda8e54d566b29855e76bebf9cfecce573f5c23
-
-commit e1e97cae19ff07b7a7f7e82556bc048c3c54af63
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sat Jan 25 16:30:22 2020 +1100
-
-    include tunnel device path in error message
+    - stdio.h for printf();
+    - stdlib.h for exit();
+    - string.h for strcmp();
+    - unistd.h for unlink(), _exit(), fork(), getppid(), sleep().
 
-commit 0ecd20bc9f0b9c7c697c9eb014613516c8f65834
+commit b3855ff053f5078ec3d3c653cdaedefaa5fc362d
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sat Jan 25 04:48:26 2020 +0000
+Date:   Fri Sep 18 05:23:03 2020 +0000
 
-    upstream: unrevert this:
+    upstream: tweak the client hostkey preference ordering algorithm to
     
-    > revision 1.217
-    > date: 2019/11/27 03:34:04;  author: dtucker;  state: Exp;  lines: +5 -7;  commitid: wkiMn49XJyjzoJIs;
-    > Make channel_id u_int32_t and remove unnecessary check and cast that were
-    > left over from the type conversion.  Noted by t-hashida@amiya.co.jp in
-    > bz#3098, ok markus@ djm@
+    prefer the default ordering if the user has a key that matches the
+    best-preference default algorithm.
     
-    Darren was right the first time; ok dtucker@ "agreed" markus@
+    feedback and ok markus@
     
-    OpenBSD-Commit-ID: 641dd1b99a6bbd85b7160da462ae1be83432c7c8
+    OpenBSD-Commit-ID: a92dd7d7520ddd95c0a16786a7519e6d0167d35f
 
-commit a0c81d2402eedc514b9c9f25ef9604eb0576b86a
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Sat Jan 25 02:57:53 2020 +0000
+commit f93b187ab900c7d12875952cc63350fe4de8a0a8
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Sep 18 14:55:48 2020 +1000
 
-    upstream: Move setting $NC into test-exec since it's now used by
-    
-    multiple tests, and in -portable we use our own local copy to avoid
-    portability problems.
+    control over the colours in gnome-ssh-askpass[23]
     
-    OpenBSD-Regress-ID: ceb78445fcaac317bec2fc51b3f0d9589048c114
+    Optionally set the textarea colours via $GNOME_SSH_ASKPASS_FG_COLOR and
+    $GNOME_SSH_ASKPASS_BG_COLOR. These accept the usual three or six digit
+    hex colours.
 
-commit e16dfa94f86358033531c4a97dcb51508ef84d49
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Sat Jan 25 13:05:42 2020 +1100
+commit 9d3d36bdb10b66abd1af42e8655502487b6ba1fa
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Sep 18 14:50:38 2020 +1000
 
-    Put EC key export inside OPENSSL_HAS_ECC.
+    focus improvement for gnome-ssh-askpass[23]
     
-    Fixes link error when building against an OpenSSL that does not have
-    ECC.
+    When serving a SSH_ASKPASS_PROMPT=none information dialog, ensure
+    then <enter> doesn't immediately close the dialog. Instead, require an
+    explicit <tab> to reach the close button, or <esc>.
 
-commit 94a2e5951b374e1a89761ceaff72e66eb1946807
+commit d6f507f37e6c75a899db0ef8224e72797c5563b6
 Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Sat Jan 25 00:27:56 2020 +0000
+Date:   Wed Sep 16 03:07:31 2020 +0000
 
-    upstream: Wait a bit longer for the multiplex master to become ready
+    upstream: Remove unused buf, last user was removed when switching
     
-    since on very slow hosts the current delay is not sufficient and the test
-    will fail.
+    to the sshbuf API. Patch from Sebastian Andrzej Siewior.
     
-    OpenBSD-Regress-ID: 6d90c7475d67ac3a95610b64af700629ece51a48
+    OpenBSD-Commit-ID: 250fa17f0cec01039cc4abd95917d9746e24c889
 
-commit b2df804f571d77b07059f087b90955ffbc2f67d4
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Jan 24 10:08:17 2020 +0000
+commit c3c786c3a0973331ee0922b2c51832a3b8d7f20f
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Sep 9 21:57:27 2020 +0000
 
-    upstream: Add a connection test for proxycommand. This would have
+    upstream: For the hostkey confirmation message:
+    
+    > Are you sure you want to continue connecting (yes/no/[fingerprint])?
     
-    caught the problem caused by ssh.c rev 1.507 wherein Host and Hostname were
-    swapped.  Prompted by beck@
+    compare the fingerprint case sensitively; spotted Patrik Lundin
+    ok dtucker
     
-    OpenBSD-Regress-ID: d218500ae6aca4c479c27318fb5b09ebc00f7aae
+    OpenBSD-Commit-ID: 73097afee1b3a5929324e345ba4a4a42347409f2
 
-commit c6f06fd38a257b9fcc7d6760f8fb6d505dccb628
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sat Jan 25 00:22:31 2020 +0000
+commit f2950baf0bafe6aa20dfe2e8d1ca4b23528df617
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Sep 11 14:45:23 2020 +1000
 
-    upstream: set UpdateKnownHosts=ask by default; bz#2894; ok
-    
-    markus@
-    
-    OpenBSD-Commit-ID: f09cb3177f3a14c96428e14f347e976a8a531fee
+    New config-build-time dependency on automake.
 
-commit 7955633a554397bc24913cec9fd7285002935f7e
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sat Jan 25 00:21:08 2020 +0000
+commit 600c1c27abd496372bd0cf83d21a1c119dfdf9a5
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Sun Sep 6 21:56:36 2020 +1000
 
-    upstream: allow UpdateKnownHosts=yes to function when multiple
-    
-    known_hosts files are in use. When updating host keys, ssh will now search
-    subsequent known_hosts files, but will add new/changed host keys to the first
-    specified file only. bz#2738
-    
-    ok markus@
+    Add aclocal.m4 and config.h.in~ to .gitignore.
     
-    OpenBSD-Commit-ID: 6ded6d878a03e57d5aa20bab9c31f92e929dbc6c
+    aclocal.m4 is now generated by autoreconf.
 
-commit e5a278a62ab49dffe96929fa8d8506c6928dba90
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sat Jan 25 00:06:48 2020 +0000
+commit 4bf7e1d00b1dcd3a6b3239f77465c019e61c6715
+Author: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
+Date:   Sat Sep 5 17:50:03 2020 +0200
 
-    upstream: process security key provider via realpath() in agent,
+    Quote the definition of OSSH_CHECK_HEADER_FOR_FIELD
     
-    avoids malicious client from being able to cause agent to load arbitrary
-    libraries into ssh-sk-helper.
+    autoreconf complains about underquoted definition of
+    OSSH_CHECK_HEADER_FOR_FIELD after aclocal.m4 has been and now is beeing
+    recreated.
     
-    reported by puck AT puckipedia.com; ok markus
+    Quote OSSH_CHECK_HEADER_FOR_FIELD as suggested.
     
-    OpenBSD-Commit-ID: 1086643df1b7eee4870825c687cf0c26a6145d1c
+    Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
 
-commit 89a8d4525e8edd9958ed3df60cf683551142eae0
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sat Jan 25 00:03:36 2020 +0000
+commit a2f3ae386b5f7938ed3c565ad71f30c4f7f010f1
+Author: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
+Date:   Sat Sep 5 17:50:02 2020 +0200
 
-    upstream: expose PKCS#11 key labels/X.509 subjects as comments
-    
-    Extract the key label or X.509 subject string when PKCS#11 keys
-    are retrieved from the token and plumb this through to places where
-    it may be used as a comment.
-    
-    based on https://github.com/openssh/openssh-portable/pull/138
-    by Danielle Church
+    Move the local m4 macros
     
-    feedback and ok markus@
+    The `aclocal' step is skipped during `autoreconf' because aclocal.m4 is
+    present.
+    Move the current aclocal.m4 which contains local macros into the m4/
+    folder. With this change the aclocal.m4 will be re-created during
+    changes to the m4/ macro.
+    This is needed so the `aclocal' can fetch m4 macros from the system if
+    they are references in the configure script. This is a prerequisite to
+    use PKG_CHECK_MODULES.
     
-    OpenBSD-Commit-ID: cae1fda10d9e10971dea29520916e27cfec7ca35
+    Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
 
-commit a8c05c640873621681ab64d2e47a314592d5efa2
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Jan 24 23:56:01 2020 +0000
+commit 8372bff3a895b84fd78a81dc39da10928b662f5a
+Author: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
+Date:   Sat Sep 5 17:50:01 2020 +0200
 
-    upstream: tweak proctitle to include sshd arguments, as these are
+    Remove HAVE_MMAP and BROKEN_MMAP
     
-    frequently used to distinguish between multiple independent instances of the
-    server. New proctitle looks like this:
+    BROKEN_MMAP is no longer defined since commit
+       1cfd5c06efb12 ("Remove portability support for mmap")
     
-    $ pgrep -lf sshd
-    12844 sshd: /usr/sbin/sshd -f /etc/ssh/sshd_config [listener] 0 of 10-100 startups
+    this commit also removed other HAVE_MMAP user. I didn't find anything
+    that defines HAVE_MMAP. The check does not trigger because compression
+    on server side is by default COMP_DELAYED (2) so it never triggers.
     
-    requested by sthen@ and aja@; ok aja@
+    Remove remaining HAVE_MMAP and BROKEN_MMAP bits.
     
-    OpenBSD-Commit-ID: cf235a561c655a3524a82003cf7244ecb48ccc1e
+    Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
 
-commit 8075fccbd4f70a4371acabcfb47562471ff0de6f
+commit bbf20ac8065905f9cb9aeb8f1df57fcab52ee2fb
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Jan 24 23:54:40 2020 +0000
+Date:   Wed Sep 9 03:10:21 2020 +0000
 
-    upstream: add xextendf() to extend a string with a format
-    
-    (reallocating as necessary). ok aja@ as part of a larger diff
+    upstream: adapt to SSH_SK_VERSION_MAJOR crank
     
-    OpenBSD-Commit-ID: 30796b50d330b3e0e201747fe40cdf9aa70a77f9
+    OpenBSD-Regress-ID: 0f3e76bdc8f9dbd9d22707c7bdd86051d5112ab8
 
-commit d15c8adf2c6f1a6b4845131074383eb9c3d05c3d
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Jan 24 05:33:01 2020 +0000
+commit 9afe2a150893b20bdf9eab764978d817b9a7b783
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Aug 28 03:17:13 2020 +0000
 
-    upstream: minor tweaks to ssh-keygen -Y find-principals:
-    
-    emit matched principals one per line to stdout rather than as comma-
-    separated and with a free-text preamble (easy confusion opportunity)
-    
-    emit "not found" error to stderr
+    upstream: Ensure that address/mask mismatches are flagged at
     
-    fix up argument testing for -Y operations and improve error message for
-    unsupported operations
+    config-check time. ok djm@
     
-    OpenBSD-Commit-ID: 3d9c9a671ab07fc04a48f543edfa85eae77da69c
+    OpenBSD-Regress-ID: 8f5f4c2c0bf00e6ceae7a1755a444666de0ea5c2
 
-commit c3368a5d5ec368ef6bdf9971d6330ca0e3bdca06
+commit c76773524179cb654ff838dd43ba1ddb155bafaa
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Jan 24 00:28:57 2020 +0000
+Date:   Wed Sep 9 03:08:01 2020 +0000
 
-    upstream: remove ssh-rsa (SHA1) from the list of allowed CA
+    upstream: when writing an attestation blob for a FIDO key, record all
+    
+    the data needed to verify the attestation. Previously we were missing the
+    "authenticator data" that is included in the signature.
     
-    signature algorithms ok markus
+    spotted by Ian Haken
+    feedback Pedro Martelletto and Ian Haken; ok markus@
     
-    OpenBSD-Commit-ID: da3481fca8c81e6951f319a86b7be67502237f57
+    OpenBSD-Commit-ID: 8439896e63792b2db99c6065dd9a45eabbdb7e0a
 
-commit 4a41d245d6b13bd3882c8dc058dbd2e2b39a9f67
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Jan 24 00:27:04 2020 +0000
+commit c1c44eeecddf093a7983bd91e70b446de789b363
+Author: pedro martelletto <pedro@ambientworks.net>
+Date:   Tue Sep 1 17:01:55 2020 +0200
 
-    upstream: when signing a certificate with an RSA key, default to
-    
-    a safe signature algorithm (rsa-sha-512) if not is explicitly specified by
-    the user; ok markus@
+    configure.ac: fix libfido2 back-compat
     
-    OpenBSD-Commit-ID: e05f638f0be6c0266e1d3d799716b461011e83a9
+    - HAVE_FIDO_CRED_PROD -> HAVE_FIDO_CRED_PROT;
+    - check for fido_dev_get_touch_begin(), so that
+      HAVE_FIDO_DEV_GET_TOUCH_BEGIN gets defined.
 
-commit 8dfb6a202c96cdf037c8ce05e53e32e0e0b7b454
+commit 785f0f315bf7ac5909e988bb1ac3e019fb5e1594
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Jan 24 00:00:31 2020 +0000
+Date:   Mon Aug 31 04:33:17 2020 +0000
 
-    upstream: allow PEM export of DSA and ECDSA keys; bz3091, patch
+    upstream: refuse to add verify-required (PINful) FIDO keys to
     
-    from Jakub Jelen ok markus@
+    ssh-agent until the agent supports them properly
     
-    OpenBSD-Commit-ID: a58edec8b9f07acab4b962a71a5125830d321b51
+    OpenBSD-Commit-ID: 125bd55a8df32c87c3ec33c6ebe437673a3d037e
 
-commit 72a8bea2d748c8bd7f076a8b39a52082c79ae95f
+commit 39e88aeff9c7cb6862b37ad1a87a03ebbb38c233
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Thu Jan 23 23:31:52 2020 +0000
+Date:   Mon Aug 31 00:17:41 2020 +0000
 
-    upstream: ssh-keygen -Y find-principals fixes based on feedback
-    
-    from Markus:
-    
-    use "principals" instead of principal, as allowed_signers lines may list
-    multiple.
-    
-    When the signing key is a certificate, emit only principals that match
-    the certificate principal list.
-    
-    NB. the command -Y name changes: "find-principal" => "find-principals"
-    
-    ok markus@
+    upstream: Add RCS IDs to the few files that are missing them; from
     
-    OpenBSD-Commit-ID: ab575946ff9a55624cd4e811bfd338bf3b1d0faf
-
-commit 0585b5697201f5d8b32e6f1b0fee7e188268d30d
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Jan 24 01:29:23 2020 +0000
-
-    upstream: Do not warn about permissions on symlinks.
+    Pedro Martelletto
     
-    OpenBSD-Regress-ID: 339d4cbae224bd8743ffad9c3afb0cf3cb66c357
+    OpenBSD-Commit-ID: 39aa37a43d0c75ec87f1659f573d3b5867e4a3b3
 
-commit 415192348a5737a960f6d1b292a17b64d55b542c
+commit 72730249b38a676da94a1366b54a6e96e6928bcb
 Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Thu Jan 23 11:19:12 2020 +0000
+Date:   Fri Aug 28 03:15:52 2020 +0000
 
-    upstream: Handle zlib compression being disabled now that it's
-    
-    optional.
+    upstream: Check that the addresses supplied to Match Address and
     
-    OpenBSD-Regress-ID: 0af4fbc5168e62f89d0350de524bff1cb00e707a
-
-commit fbce7c1a898ae75286349822950682cf46346121
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Thu Jan 23 10:53:04 2020 +0000
-
-    upstream: Fix typo in comment.
+    Match LocalAddress are valid when parsing in config-test mode.  This will
+    catch address/mask mismatches before they cause problems at runtime. Found by
+    Daniel Stocker, ok djm@
     
-    OpenBSD-Commit-ID: d1d7a6553208bf439378fd1cf686a828aceb353a
+    OpenBSD-Commit-ID: 2d0b10c69fad5d8fda4c703e7c6804935289378b
 
-commit ba247af8e9e302910e22881ef9d307a8afeef036
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Thu Jan 23 10:19:59 2020 +0000
+commit 2a3a9822311a565a9df48ed3b6a3c972f462bd7d
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Thu Aug 27 12:34:00 2020 +0000
 
-    upstream: When checking for unsafe directories, ignore non-directories
-    
-    (ie symlinks, where permissions are not relevant).
+    upstream: sentence fix; from pedro martelletto
     
-    OpenBSD-Regress-ID: fb6cfc8b022becb62b2dcb99ed3f072b3326e501
-
-commit 74deb7029be4c00810443114aac9308875a81dae
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Thu Jan 23 22:17:24 2020 +1100
-
-    zlib is now optional.
+    OpenBSD-Commit-ID: f95b84a1e94e9913173229f3787448eea2f8a575
 
-commit 633a2af47ee90291aaf93969aeee1e5046074c7c
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Thu Jan 23 22:16:51 2020 +1100
+commit ce178be0d954b210c958bc2b9e998cd6a7aa73a9
+Author: Damien Miller <djm@mindrot.org>
+Date:   Thu Aug 27 20:01:52 2020 +1000
 
-    Plumb WITH_ZLIB into configure.
-    
-    This allows zlib support to be disabled by ./configure --without-zlib.
+    tweak back-compat for older libfido2
 
-commit 7f8e66fea8c4e2a910df9067cb7638999b7764d5
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Thu Jan 23 10:24:29 2020 +0000
+commit d6f45cdde031acdf434bbb27235a1055621915f4
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Aug 27 09:46:04 2020 +0000
 
-    upstream: Make zlib optional. This adds a "ZLIB" build time option
+    upstream: debug()-print a little info about FIDO-specific key
     
-    that allows building without zlib compression and associated options.  With
-    feedback from markus@, ok djm@
+    fields via "ssh-keygen -vyf /path/key"
     
-    OpenBSD-Commit-ID: 44c6e1133a90fd15a3aa865bdedc53bab28b7910
+    OpenBSD-Commit-ID: cf315c4fe77db43947d111b00155165cb6b577cf
 
-commit 69ac4e33023b379e9a8e9b4b6aeeffa6d1fcf6fa
+commit b969072cc3d62d05cb41bc6d6f3c22c764ed932f
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Thu Jan 23 07:54:04 2020 +0000
+Date:   Thu Aug 27 09:43:28 2020 +0000
 
-    upstream: remove trailing period characters from pub/priv key
+    upstream: skip a bit more FIDO token selection logic when only a
     
-    pathnames - they make them needlessly more difficult to cut and paste without
-    error; ok markus@ & dtucker@
+    single token is attached.
     
-    OpenBSD-Commit-ID: abdcfd1a5723fcac0711feee7665edc66ae2335a
-
-commit 945bf52c3c815d95b1e842ebf6c910c3524bd5bb
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Thu Jan 23 21:06:45 2020 +1100
-
-    Fix a couple of mysig_t leftovers.
-
-commit 84226b447d45fe4542613de68c2ca59a890d7c01
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Thu Jan 23 18:55:24 2020 +1100
-
-    Remove mysignal wrapper.
+    with Pedro Martelletto
     
-    We switched the main code to use sigaction(), so the wrapper is no
-    longer used.
+    OpenBSD-Commit-ID: e4a324bd9814227ec1faa8cb619580e661cca9ac
 
-commit 5533c2fb7ef21172fa3708d66b03faa2c6b3d93f
+commit 744df42a129d7d7db26947b7561be32edac89f88
 Author: jmc@openbsd.org <jmc@openbsd.org>
-Date:   Thu Jan 23 07:16:38 2020 +0000
-
-    upstream: new sentence, new line;
-    
-    OpenBSD-Commit-ID: b6c3f2f36ec77e99198619b38a9f146655281925
-
-commit 3bf2a6ac791d64046a537335a0f1d5e43579c5ad
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Thu Jan 23 07:10:22 2020 +0000
+Date:   Thu Aug 27 06:15:22 2020 +0000
 
-    upstream: Replace all calls to signal(2) with a wrapper around
-    
-    sigaction(2). This wrapper blocks all other signals during the handler
-    preventing races between handlers, and sets SA_RESTART which should reduce
-    the potential for short read/write operations.
+    upstream: tweak previous;
     
-    OpenBSD-Commit-ID: 5e047663fd77a40d7b07bdabe68529df51fd2519
+    OpenBSD-Commit-ID: 92714b6531e244e4da401b2defaa376374e24be7
 
-commit e027c044c796f3a01081a91bee55741204283f28
+commit e32479645ce649b444ba5c6e7151304306a09654
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Thu Jan 23 04:54:34 2020 +0000
+Date:   Thu Aug 27 03:55:22 2020 +0000
 
-    upstream: missing header change from previous; spotted by dtucker@
+    upstream: adapt to API changes
     
-    OpenBSD-Commit-ID: 321ce74c0a5bbd0f02fa3f20cb5cf2a952c6b96f
+    OpenBSD-Regress-ID: 5f147990cb67094fe554333782ab268a572bb2dd
 
-commit 7e1323102b1b04eef391b01e180710a2d408a7ab
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Thu Jan 23 03:42:41 2020 +0000
+commit bbcc858ded3fbc46abfa7760e40389e3ca93884c
+Author: Damien Miller <djm@mindrot.org>
+Date:   Thu Aug 27 12:37:12 2020 +1000
 
-    upstream: Check for and warn about StrictModes permission problems. ok tb@
-    
-    OpenBSD-Regress-ID: 4841704ccdee50ee7efc6035bc686695c6ac2991
+    degrade semi-gracefully when libfido2 is too old
 
-commit 84de1c27f845d15c859db44e7070a46f45504b66
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Thu Jan 23 03:35:07 2020 +0000
+commit 9cbbdc12cb6a2ab1e9ffe9974cca91d213c185c2
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Aug 27 01:15:36 2020 +0000
 
-    upstream: Also test PuTTY chacha20.
+    upstream: dummy firmware needs to match API version numner crank (for
+    
+    verify-required resident keys) even though it doesn't implement this feature
     
-    OpenBSD-Regress-ID: 7af6a0e8763b05f1f8eee6bca5f31fcb16151040
+    OpenBSD-Regress-ID: 86579ea2891e18e822e204413d011b2ae0e59657
 
-commit c7ed15a39695ecd5f1f21842d8d9cd22246d4ee2
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Thu Jan 23 03:24:38 2020 +0000
+commit c1e76c64956b424ba260fd4eec9970e5b5859039
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Aug 27 02:11:09 2020 +0000
 
-    upstream: Also test PuTTY ecdh kex methods.
+    upstream: remove unreachable code I forgot to delete in r1.334
     
-    OpenBSD-Regress-ID: ec4017dce612131842398a03e93007a869c2c133
+    OpenBSD-Commit-ID: 9ed6078251a0959ee8deda443b9ae42484fd8b18
 
-commit c4b3a128954ee1b7fbcbda167baf8aca1a3d1c84
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Thu Jan 23 02:46:49 2020 +0000
+commit 0caff05350bd5fc635674c9e051a0322faba5ae3
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Aug 27 01:08:45 2020 +0000
 
-    upstream: Remove unsupported algorithms from list of defaults at run
+    upstream: Request PIN ahead of time for certain FIDO actions
     
-    time and remove ifdef and distinct settings for OPENSSL=no case.
+    When we know that a particular action will require a PIN, such as
+    downloading resident keys or generating a verify-required key, request
+    the PIN before attempting it.
     
-    This will make things much simpler for -portable where the exact set
-    of algos depends on the configuration of both OpenSSH and the libcrypto
-    it's linked against (if any).  ok djm@
+    joint work with Pedro Martelletto; ok markus@
     
-    OpenBSD-Commit-ID: e0116d0183dcafc7a9c40ba5fe9127805c5dfdd2
+    OpenBSD-Commit-ID: 863182d38ef075bad1f7d20ca485752a05edb727
 
-commit 56cffcc09f8a2e661d2ba02e61364ae6f998b2b1
+commit b649b3daa6d4b8ebe1bd6de69b3db5d2c03c9af0
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Thu Jan 23 02:43:48 2020 +0000
+Date:   Thu Aug 27 01:08:19 2020 +0000
 
-    upstream: add a new signature operations "find-principal" to look
-    
-    up the principal associated with a signature from an allowed-signers file.
-    Work by Sebastian Kinne; ok dtucker@
+    upstream: preserve verify-required for resident FIDO keys
     
-    OpenBSD-Commit-ID: 6f782cc7e18e38fcfafa62af53246a1dcfe74e5d
-
-commit 65cf8730de6876a56595eef296e07a86c52534a6
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Wed Jan 22 07:38:30 2020 +0000
-
-    upstream: Ignore whitespace when checking explict fingerprint.
+    When downloading a resident, verify-required key from a FIDO token,
+    preserve the verify-required in the private key that is written to
+    disk. Previously we weren't doing that because of lack of support
+    in the middleware API.
     
-    When confirming a host key using the fingerprint itself, ignore leading and
-    trailing whitespace. ok deraadt@ djm@
+    from Pedro Martelletto; ok markus@ and myself
     
-    OpenBSD-Commit-ID: cafd7f803bbdcd40c3a8f8f1a77747e6b6d8c011
+    OpenBSD-Commit-ID: 201c46ccdd227cddba3d64e1bdbd082afa956517
 
-commit 8d3af6ebdf524b34087a0a3ae415b5141ba10572
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Wed Jan 22 07:31:27 2020 +0000
+commit 642e06d0df983fa2af85126cf4b23440bb2985bf
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Aug 27 01:07:51 2020 +0000
 
-    upstream: Increase keyscan timeout from default. On slow hosts 3
-    
-    concurrent keyscans can hit the default 5 second timeout, so increase to 15
-    seconds.
+    upstream: major rework of FIDO token selection logic
     
-    OpenBSD-Regress-ID: 16383dec166af369b7fb9948572856f5d544c93f
-
-commit 6c30c9adbeeed09a8a9e7a69974cfa1f1ddd1e9e
-Author: tedu@openbsd.org <tedu@openbsd.org>
-Date:   Wed Jan 22 04:58:23 2020 +0000
-
-    upstream: remove diffie-hellman-group14-sha1 from default kex to
+    When PINs are in use and multiple FIDO tokens are attached to a host, we
+    cannot just blast requests at all attached tokens with the PIN specified
+    as this will cause the per-token PIN failure counter to increment. If
+    this retry counter hits the token's limit (usually 3 attempts), then the
+    token will lock itself and render all (web and SSH) of its keys invalid.
+    We don't want this.
     
-    see what happens. general mostly ok
+    So this reworks the key selection logic for the specific case of
+    multiple keys being attached. When multiple keys are attached and the
+    operation requires a PIN, then the user must touch the key that they
+    wish to use first in order to identify it.
     
-    OpenBSD-Commit-ID: 216b7b8462d2ef5f4531f26cb2cb839b2153dad9
-
-commit 4a32c0ca44a2dc2a358f69b5d43c08e528b44b39
-Author: claudio@openbsd.org <claudio@openbsd.org>
-Date:   Wed Jan 22 04:51:51 2020 +0000
-
-    upstream: For ssh-keygen -lF only add a space after key fingerprint
+    This may require multiple touches, but only if there are multiple keys
+    attached AND (usually) the operation requires a PIN. The usual case of a
+    single key attached should be unaffected.
     
-    when there is a comment. This makes copy-paste of fingerprints into ssh
-    easier. OK djm@
+    Work by Pedro Martelletto; ok myself and markus@
     
-    OpenBSD-Commit-ID: fa01d95624f65c1eb4dc7c575d20d77c78010dfd
+    OpenBSD-Commit-ID: 637d3049ced61b7a9ee796914bbc4843d999a864
 
-commit 37d3b736506760e4ebc7fe56255f7b8ea823a00c
+commit 801c9f095e6d8b7b91aefd98f5001c652ea13488
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Jan 22 04:49:16 2020 +0000
+Date:   Thu Aug 27 01:07:09 2020 +0000
 
-    upstream: some __func__ and strerror(errno) here; no functional
+    upstream: support for requiring user verified FIDO keys in sshd
     
-    change
+    This adds a "verify-required" authorized_keys flag and a corresponding
+    sshd_config option that tells sshd to require that FIDO keys verify the
+    user identity before completing the signing/authentication attempt.
+    Whether or not user verification was performed is already baked into the
+    signature made on the FIDO token, so this is just plumbing that flag
+    through and adding ways to require it.
     
-    OpenBSD-Commit-ID: 6c3ddd5f848b99ea560b31d3fba99ceed66cef37
-
-commit e2031b05c74c98b141179ceab13a323cf17d01e5
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Jan 22 02:25:21 2020 +0000
-
-    upstream: factor out parsing of allowed-signers lines
+    feedback and ok markus@
     
-    OpenBSD-Commit-ID: 85ee6aeff608371826019ea85e55bfa87f79d06e
-
-commit 47160e1de8c2f638f0ef41cef42c976417b61778
-Author: Damien Miller <djm@mindrot.org>
-Date:   Wed Jan 22 10:30:13 2020 +1100
-
-    unbreak fuzzer support for recent ssh-sk.h changes
+    OpenBSD-Commit-ID: 3a2313aae153e043d57763d766bb6d55c4e276e6
 
-commit 70d38c3cfd4550e8ee66cc3bf1b91aa339c91df5
+commit 9b8ad93824c682ce841f53f3b5762cef4e7cc4dc
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Jan 21 22:39:57 2020 +0000
+Date:   Thu Aug 27 01:06:18 2020 +0000
 
-    upstream: expose the number of currently-authenticating connections
+    upstream: support for user-verified FIDO keys
     
-    along with the MaxStartups limit in the proctitle; suggestion from Philipp
-    Marek, w/ feedback from Craig Miskell ok dtucker@
+    FIDO2 supports a notion of "user verification" where the user is
+    required to demonstrate their identity to the token before particular
+    operations (e.g. signing). Typically this is done by authenticating
+    themselves using a PIN that has been set on the token.
     
-    OpenBSD-Commit-ID: a4a6db2dc1641a5df8eddf7d6652176e359dffb3
-
-commit a78c66d5d2144bd49779bc80a647346bd3d7233d
-Author: naddy@openbsd.org <naddy@openbsd.org>
-Date:   Tue Jan 21 12:40:04 2020 +0000
-
-    upstream: document the default value of the ControlPersist option;
+    This adds support for generating and using user verified keys where
+    the verification happens via PIN (other options might be added in the
+    future, but none are in common use now). Practically, this adds
+    another key generation option "verify-required" that yields a key that
+    requires a PIN before each authentication.
     
-    ok dtucker@ djm@
+    feedback markus@ and Pedro Martelletto; ok markus@
     
-    OpenBSD-Commit-ID: 0788e7f2b5a9d4e36d3d2ab378f73329320fef66
-
-commit b46a6325849e40aa2e4b0d962a6f00f708f6576a
-Author: Damien Miller <djm@mindrot.org>
-Date:   Wed Jan 22 09:28:32 2020 +1100
-
-    remove accidental change in f8c11461
+    OpenBSD-Commit-ID: 57fd461e4366f87c47502c5614ec08573e6d6a15
 
-commit 80d3bebcab96fe1d177e45906e10db16895da01d
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Jan 21 11:06:09 2020 +0000
+commit 1196d7f49d4fbc90f37e550de3056561613b0960
+Author: cheloha@openbsd.org <cheloha@openbsd.org>
+Date:   Wed Aug 12 01:23:45 2020 +0000
 
-    upstream: don't #ifdef out the KRL code when compiling without
+    upstream: ssh-keyscan(1): simplify conloop() with timercmp(3),
     
-    libcrypto support; it works just fine and disabling it breaks a few tests. ok
-    dtucker@
+    timersub(3); ok djm@
     
-    OpenBSD-Commit-ID: 65f6272c4241eb4b04de78b012fe98b2b555ad44
+    OpenBSD-Commit-ID: a102acb544f840d33ad73d40088adab4a687fa27
 
-commit f8c11461aa6db168fc5e7eeae448b4cbbf59642a
+commit d0a195c89e26766d3eb8f3e4e2a00ebc98b57795
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Jan 21 08:06:27 2020 +0000
+Date:   Tue Aug 11 09:49:57 2020 +0000
 
-    upstream: pass SSH_SK_HELPER explicitly past $SUDO to avoid it getting
+    upstream: let ssh_config(5)'s AddKeysToAgent keyword accept a time
     
-    cleared; with dtucker@
+    limit for keys in addition to its current flag options. Time-limited keys
+    will automatically be removed from ssh-agent after their expiry time has
+    passed; ok markus@
     
-    OpenBSD-Regress-ID: 03178a0580324bf0dff28f7eac6c3edbc5407f8e
+    OpenBSD-Commit-ID: 792e71cacbbc25faab5424cf80bee4a006119f94
 
-commit b5fcb0ac1cc0ef01aeec1c089146298654ab3ae0
+commit e9c2002891a7b8e66f4140557a982978f372e5a3
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Jan 21 07:07:31 2020 +0000
+Date:   Tue Aug 11 09:45:54 2020 +0000
 
-    upstream: check access(ssh-sk-helper, X_OK) to provide friendly
+    upstream: let the "Confirm user presence for key ..." ssh-askpass
     
-    error message for misconfigured helper paths
+    notification respect $SSH_ASKPASS_REQUIRE; ok markus@
     
-    OpenBSD-Commit-ID: 061bcc262155d12e726305c91394ac0aaf1f8341
+    OpenBSD-Commit-ID: 7c1a616b348779bda3b9ad46bf592741f8e206c1
 
-commit 56bced43c14dc6fa2bfa1816007e441644105609
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Tue Jan 21 06:09:56 2020 +0000
+commit eaf8672b1b52db2815a229745f4e4b08681bed6d
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Aug 21 00:04:13 2020 +1000
 
-    upstream: Document sntrup4591761x25519-sha512@tinyssh.org. Patch
-    
-    from jtesta@positronsecurity.com via github PR#151.
+    Remove check for 'ent' command.
     
-    OpenBSD-Commit-ID: f3d48168623045c258245c340a5a2af7dbb74edc
+    It was added in 8d1fd57a9 for measuring entropy of ssh_prng_cmds which
+    has long since been removed and there are no other references to it.
 
-commit 4a05d789b86314fef7303824f69defbc6b96ed60
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Jan 21 05:56:56 2020 +0000
+commit 05c215de8d224e094a872d97d45f37f60c06206b
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Mon Aug 17 21:34:32 2020 +1000
 
-    upstream: fix ssh-keygen not displaying authenticator touch
-    
-    prompt; reported by jmc@
-    
-    OpenBSD-Commit-ID: 04d4f582fc194eb3897ebcbfe286c49958ba2859
+    Wrap stdint.h include in ifdef HAVE_STDINT_H.
 
-commit 881aded0389d999375f926051491a944c6d8752b
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Jan 21 05:56:27 2020 +0000
+commit eaf2765efe8bc74feba85c34295d067637fc6635
+Author: Damien Miller <djm@mindrot.org>
+Date:   Mon Aug 10 13:24:09 2020 +1000
 
-    upstream: a little more verbosity in sign_and_send_pubkey() debug
-    
-    messages
-    
-    OpenBSD-Commit-ID: 6da47a0e6373f6683006f49bc2a516d197655508
+    sync memmem.c with OpenBSD
 
-commit b715fdc71bbd009d0caff691ab3fc04903c4aee8
-Author: naddy@openbsd.org <naddy@openbsd.org>
-Date:   Sat Jan 18 21:16:43 2020 +0000
+commit ed6bef77f5bb5b8f9ca2914478949e29f2f0a780
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Aug 7 17:12:16 2020 +1000
 
-    upstream: one more replacement "(security) key" -> "(FIDO)
-    
-    authenticator"
+    Always send any PAM account messages.
     
-    OpenBSD-Commit-ID: 031bca03c1d1f878ab929facd561911f1bc68dfd
+    If the PAM account stack reaturns any messages, send them to the user
+    not just if the check succeeds.  bz#2049, ok djm@
 
-commit 84911da1beeb6ed258a43468efb316cd39fb6855
-Author: naddy@openbsd.org <naddy@openbsd.org>
-Date:   Sat Jan 18 15:45:41 2020 +0000
+commit a09e98dcae1e26f026029b7142b0e0d10130056f
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Aug 7 15:37:37 2020 +1000
 
-    upstream: undo merge error and replace the term "security key"
-    
-    again
-    
-    OpenBSD-Commit-ID: 341749062c089cc360a7877e9ee3a887aecde395
+    Output test debug logs on failure.
 
-commit e8c06c4ee708720efec12cd1a6f78a3c6d76b7f0
-Author: naddy@openbsd.org <naddy@openbsd.org>
-Date:   Fri Jan 17 20:13:47 2020 +0000
+commit eb122b1eebe58b29a83a507ee814cbcf8aeded1b
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Aug 7 15:11:42 2020 +1000
 
-    upstream: Document loading of resident keys from a FIDO
-    
-    authenticator.
-    
-    * Rename -O to -K to keep "-O option" available.
-    * Document -K.
-    * Trim usage() message down to synopsis, like all other commands.
-    
-    ok markus@
-    
-    OpenBSD-Commit-ID: 015c2c4b28f8e19107adc80351b44b23bca4c78a
+    Add ability to specify exact test target.
 
-commit 0d005d6372a067b59123dec8fc6dc905f2c09e1e
-Author: naddy@openbsd.org <naddy@openbsd.org>
-Date:   Tue Jan 14 15:07:30 2020 +0000
+commit c2ec7a07f8caabb4d8e00c66e7cd46bf2cd1e922
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Aug 7 14:21:15 2020 +1000
 
-    upstream: sync ssh-keygen.1 and ssh-keygen's usage() with each
-    
-    other and reality ok markus@
-    
-    OpenBSD-Commit-ID: cdf64454f2c3604c25977c944e5b6262a3bcce92
+    Document --without-openssl and --without-zlib.
 
-commit b8a4ca2ebfddab862f7eb1ea2a07fb9f70330429
-Author: naddy@openbsd.org <naddy@openbsd.org>
-Date:   Sat Jan 11 16:23:10 2020 +0000
+commit 651bb3a31949bbdc3a78b2ede95a77bce0c72984
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Aug 7 14:15:11 2020 +1000
 
-    upstream: revise the fix for reversed arguments on
-    
-    expand_proxy_command()
-    
-    Always put 'host' before 'host_arg' for consistency.  ok markus@ djm@
-    
-    OpenBSD-Commit-ID: 1ba5b25472779f1b1957295fcc6907bb961472a3
+    Add without-openssl without-zlib test target.
 
-commit 57b181eaf2d34fd0a1b51ab30cb6983df784de5a
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Jan 10 23:43:26 2020 +0000
+commit 9499f2bb01dc1032ae155999b2d7764b9491341f
+Author: Stefan Schindler <dns2utf8@estada.ch>
+Date:   Wed Aug 5 19:00:52 2020 +0200
 
-    upstream: pass the log-on-stderr flag and log level through to
+    Add CI with prepare script
     
-    ssh-sk-helper, making debugging a bit easier. ok markus@
+    * Only use heimdal kerberos implementation
+    * Fetch yubico/libfido2 (see: https://github.com/Yubico/libfido2)
+    * Add one target for
+        * all features
+        * each feature alone
+        * no features
+
+commit ea1f649046546a860f68b97ddc3015b7e44346ca
+Author: Damien Miller <djm@mindrot.org>
+Date:   Wed Aug 5 08:58:57 2020 +1000
+
+    support NetBSD's utmpx.ut_ss address field
     
-    OpenBSD-Commit-ID: 2e7aea6bf5770d3f38b7c7bba891069256c5a49a
+    bz#960, ok dtucker
 
-commit a8bd5fdbdb7581afc7123a042a7cd6ca25357388
+commit 32c63e75a70a0ed9d6887a55fcb0e4531a6ad617
 Author: Damien Miller <djm@mindrot.org>
-Date:   Tue Jan 21 12:32:16 2020 +1100
+Date:   Tue Aug 4 14:59:21 2020 +1000
 
-    Wrap copy_environment_blacklist() in #ifdef
+    wrap a declaration in the same ifdefs as its use
     
-    It's only needed for USE_PAM or HAVE_CYGWIN cases and will cause compiler
-    warnings otherwise.
+    avoids warnings on NetBSD
 
-commit 10ecc647fc1db8d2dde9f6b9b826b201dfc48b62
+commit c9e3be9f4b41fda32a2a0138d54c7a6b563bc94d
 Author: Damien Miller <djm@mindrot.org>
-Date:   Tue Jan 21 12:20:05 2020 +1100
+Date:   Tue Aug 4 14:58:46 2020 +1000
 
-    depend
+    undef TAILQ_CONCAT and friends
+    
+    Needed for NetBSD. etc that supply these macros
 
-commit b3f7009c9ffa5891283ed96e043001e09934a8d4
-Author: Ruben Kerkhof <ruben@rubenkerkhof.com>
-Date:   Mon Jan 20 11:56:48 2020 +0100
+commit 2d8a3b7e8b0408dfeb933ac5cfd3a58f5bac49af
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Aug 3 02:53:51 2020 +0000
 
-    Fix missing prototype warning for copy_environment
+    upstream: ensure that certificate extensions are lexically sorted.
+    
+    Previously if the user specified a custom extension then the everything would
+    be in order except the custom ones. bz3198 ok dtucker markus
     
-    This function is only used in this file, and only on Cygwin, so make
-    it static and hide it behind HAVE_CYGWIN.  Prevents missing prototype
-    warning.
+    OpenBSD-Commit-ID: d97deb90587b06cb227c66ffebb2d9667bf886f0
 
-commit 0c428c0e991e2c4fabc48cf5d9b8f84c9412e0c3
-Author: Ruben Kerkhof <ruben@rubenkerkhof.com>
-Date:   Mon Jan 20 13:58:11 2020 +0100
+commit a8732d74cb8e72f0c6366015687f1e649f60be87
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Aug 3 02:43:41 2020 +0000
 
-    configure.ac: fix ldns test
+    upstream: allow -A to explicitly enable agent forwarding in scp and
+    
+    sftp. The default remains to not forward an agent, even when ssh_config
+    enables it. ok jmc dtucker markus
     
-    When running ./configure --with-ldns, if ldns-config cannot be found, we
-    add -Iyes/include to CPPFLAGS and -Lyes/lib to LDFLAGS. Fix that.
+    OpenBSD-Commit-ID: 36cc526aa3b0f94e4704b8d7b969dd63e8576822
 
-commit 6089abf715e2784751c9f62697e09bb103295b93
-Author: Ruben Kerkhof <ruben@rubenkerkhof.com>
-Date:   Mon Jan 20 12:13:26 2020 +0100
+commit ab9105470a83ed5d8197959a1b1f367399958ba1
+Author: deraadt@openbsd.org <deraadt@openbsd.org>
+Date:   Mon Aug 3 02:42:49 2020 +0000
 
-    Make sshpam_password_change_required static.
+    upstream: clang -Wimplicit-fallthrough does not recognise /*
     
-    sshpam_password_change_required is only used in auth-pam.c, so make it
-    static to prevent a mising prototype warning.
-
-commit 5a9b9c82851b7bc219dc3a65962a80803c76c102
-Author: Ruben Kerkhof <ruben@rubenkerkhof.com>
-Date:   Mon Jan 20 12:24:51 2020 +0100
-
-    sandbox-darwin.c: fix missing prototypes.
+    FALLTHROUGH */ comments, which is the style we currently use, and gives too
+    many boring warnings. ok djm
     
-    Include the right header just like the other sandbox files.
-    Fixes missing prototype warnings for ssh_sandbox_* functions.
+    OpenBSD-Commit-ID: 07b5031e9f49f2b69ac5e85b8da4fc9e393992a0
 
-commit 335dc93526942a650f6c69666b3f6ca44d0a2910
-Author: Ruben Kerkhof <ruben@rubenkerkhof.com>
-Date:   Mon Jan 20 11:09:27 2020 +0100
+commit ced327b9fb78c94d143879ef4b2a02cbc5d38690
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Jul 31 04:19:37 2020 +0000
 
-    Fix a few warnings when on Mac OS X.
+    upstream: Also compare username when checking for JumpHost loops.
     
-    Include stdlib.h for calloc, malloc, free and setenv.
-
-commit 0488dc2d3050ea1a99ef5cf44afc50ffbf3f1315
-Author: Ruben Kerkhof <ruben@rubenkerkhof.com>
-Date:   Mon Jan 20 10:32:23 2020 +0100
-
-    Fix building without openssl.
+    bz#3057, ok djm@
     
-    This fixes the following when there are no openssl headers on the system:
-    ssh-ecdsa-sk.c:34:10: fatal error: 'openssl/bn.h' file not found
-
-commit e6b7157b4ef29c83ec3a2d1d7c927e4b8898f9bb
-Author: Ruben Kerkhof <ruben@rubenkerkhof.com>
-Date:   Wed Jan 15 16:08:55 2020 +0100
-
-    Add config.log to .gitignore
-
-commit 515e10ddf9644010b88cfd7ecf601f4306d42232
-Author: Ruben Kerkhof <ruben@rubenkerkhof.com>
-Date:   Wed Jan 15 16:16:31 2020 +0100
-
-    Fix typo in README.md, s/crytpo/crypto/
-
-commit 1af3354aea3c4bfa5b5ecfb5d1ff3ad231c2073c
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Wed Jan 15 16:22:36 2020 +1100
-
-    Wrap stdint.h in ifdef HAVE_STDINT_H.
-
-commit 429170f273ce1b0140f8111a45ba69390d98de3a
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Tue Jan 14 14:41:47 2020 +1100
-
-    Wrap stdint.h inside HAVE_STDINT_H.
+    OpenBSD-Commit-ID: 9bbc1d138adb34c54f3c03a15a91f75dbf418782
 
-commit a0989b60211b6f1c2313e1397c526d883a23a075
+commit ae7527010c44b3376b85d036a498f136597b2099
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Tue Jan 14 14:26:41 2020 +1100
+Date:   Fri Jul 31 15:19:04 2020 +1000
 
-    Include compat header for definitions.
+    Remove AC_REVISION.
+    
+    It hasn't been useful since we switched to git in 2014.  ok djm@
 
-commit e0cedcad51fe02683943bf4f1ad2961aa3f35313
+commit 89fc3f414be0ce4e8008332a9739a7d721269e50
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Tue Jan 14 09:42:52 2020 +1100
+Date:   Tue Jul 28 19:40:30 2020 +1000
 
-    Improve search for 'struct timespec'.
+    Use argv in OSSH_CHECK_CFLAG_COMPILE test.
     
-    Make struct timespec test consistent with existing timeval test.
-    Include time.h for timespec in compat header where required.
+    configure.ac is not detecting -Wextra in compilers that implement the
+    option. The problem is that -Wextra implies -Wunused-parameter, and the
+    C excerpt used by aclocal.m4 does not use argv.  Patch from pedro at
+    ambientworks.net, ok djm@
 
-commit acaf9e058594310001ce64468ed2923dc6323e81
+commit 62c81ef531b0cc7ff655455dd34f5f0c94f48e82
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Tue Jan 14 12:43:03 2020 +1100
+Date:   Mon Jul 20 22:12:07 2020 +1000
 
-    Update depend to remove rmd160.h.
+    Skip ECDSA-SK webauthn test when built w/out ECC
 
-commit 26b2675b0c3e3efea11a52609073aec01736ec84
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Tue Jan 14 07:24:46 2020 +1100
+commit 3ec9a6d7317236a9994887d8bd5d246af403a00d
+Author: Damien Miller <djm@mindrot.org>
+Date:   Mon Jul 20 13:09:25 2020 +1000
 
-    Remove configure test & compat code for ripemd160.
+    Add ssh-sk-helper and manpage to RPM spec file
     
-    RIPEMD160 support was removed upstream in 2017, however we still had
-    a configure test and compat code for it, so clean those up now.
+    Based on patch from Fabio Pedretti
 
-commit ed3ad71b17adcd1fb4431d145f53cee1c6a1135e
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Thu Jan 9 03:28:38 2020 +0000
+commit a2855c048b3f4b17d8787bd3f24232ec0cd79abe
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Jul 17 07:09:24 2020 +0000
 
-    upstream: fix reversed arguments on expand_proxy_command(); spotted
+    upstream: Add %k to the TOKENs for Match Exec for consistency with
     
-    by anton@
+    the other keywords that recently got %k.
     
-    OpenBSD-Commit-ID: db1c32478a01dfbc9c4db171de0f25907bea5775
+    OpenBSD-Commit-ID: 1857d1c40f270cbc254fca91e66110641dddcfdb
 
-commit cd53476383f0cf475f40ba8ac8deb6b76dd5ce4e
+commit 69860769fa9f4529d8612ec055ae11912f7344cf
 Author: jmc@openbsd.org <jmc@openbsd.org>
-Date:   Mon Jan 6 07:43:28 2020 +0000
+Date:   Fri Jul 17 05:59:05 2020 +0000
 
-    upstream: put the fido options in a list, and tidy up the text a
-    
-    little; ok djm
+    upstream: fix macro slip in previous;
     
-    OpenBSD-Commit-ID: 491ce15ae52a88b7a6a2b3b6708a14b4aacdeebb
+    OpenBSD-Commit-ID: 624e47ab209450ad9ad5c69f54fa69244de5ed9a
 
-commit 30f704ebc0e9e32b3d12f5d9e8c1b705fdde2c89
-Author: Jeremy Drake <github@jdrake.com>
-Date:   Fri Oct 11 18:31:05 2019 -0700
+commit 40649bd0822883b684183854b16d0b8461d5697b
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Jul 17 07:10:24 2020 +0000
 
-    Deny (non-fatal) ipc in preauth privsep child.
+    upstream: Add test for '%k' (HostKeyAlias) TOKEN.
     
-    As noted in openssh/openssh-portable#149, i386 does not have have
-    _NR_shmget etc.  Instead, it has a single ipc syscall (see man 2 ipc,
-    https://linux.die.net/man/2/ipc).  Add this syscall, if present, to the
-    list of syscalls that seccomp will deny non-fatally.
+    OpenBSD-Regress-ID: 8ed1ba1a811790031aad3fcea860a34ad7910456
 
-commit b110cefdfbf5a20f49b774a55062d6ded2fb6e22
-Author: Khem Raj <raj.khem@gmail.com>
-Date:   Tue Jan 7 16:26:45 2020 -0800
+commit 6736fe680704a3518cb4f3f8f6723b00433bd3dd
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Jul 17 03:26:58 2020 +0000
 
-    seccomp: Allow clock_gettime64() in sandbox.
+    upstream: Add tests for expansions on UserKnownHostsFile.
     
-    This helps sshd accept connections on mips platforms with
-    upcoming glibc ( 2.31 )
+    OpenBSD-Regress-ID: bccf8060306c841bbcceb1392644f906a4d6ca51
 
-commit 3cc60c899a92a469e5118310ba6b74cb57215618
+commit 287dc6396e0f9cb2393f901816dbd7f2a7dfbb5f
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Jan 6 02:39:30 2020 +0000
+Date:   Fri Jul 17 03:51:32 2020 +0000
 
-    upstream: missing else in check_enroll_options()
+    upstream: log error message for process_write() write failures
     
-    OpenBSD-Commit-ID: e058fb918fda56ddbbf0bee910101004cec421d4
+    OpenBSD-Commit-ID: f733d7b3b05e3c68967dc18dfe39b9e8fad29851
 
-commit ff5784e2698d6c41e9f39ce4df24968c1beeb2bb
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Jan 6 02:24:28 2020 +0000
+commit 8df5774a42d2eaffe057bd7f293fc6a4b1aa411c
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Jul 17 03:43:42 2020 +0000
 
-    upstream: fix error message
+    upstream: Add a '%k' TOKEN that expands to the effective HostKey of
+    
+    the destination.  This allows, eg, keeping host keys in individual files
+    using "UserKnownHostsFile ~/.ssh/known_hosts.d/%k". bz#1654, ok djm@, jmc@
+    (man page bits)
     
-    OpenBSD-Commit-ID: 1eb52025658eb78ea6223181e552862198d3d505
+    OpenBSD-Commit-ID: 7084d723c9cc987a5c47194219efd099af5beadc
 
-commit dd2acc8b862c09751621995fba2d5fa6f4e24cc9
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Jan 6 02:07:50 2020 +0000
+commit c4f239944a4351810fd317edf408bdcd5c0102d9
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Jul 17 03:23:10 2020 +0000
 
-    upstream: adapt sk-dummy to SK API changes
+    upstream: Add %-TOKEN, environment variable and tilde expansion to
     
-    also, make it pull prototypes directly from sk-api.c and #error
-    if the expected version changes. This will make any future regress
-    test breakage because of SK API changes much more apparent
+    UserKnownHostsFile, allowing the file to be automagically split up in the
+    configuration (eg bz#1654).  ok djm@, man page parts jmc@
     
-    OpenBSD-Regress-ID: 79b07055de4feb988e31da71a89051ad5969829d
+    OpenBSD-Commit-ID: 7e1b406caf147638bb51558836a72d6cc0bd1b18
 
-commit c312ca077cd2a6c15545cd6b4d34ee2f69289174
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Jan 6 02:00:46 2020 +0000
+commit dbaaa01daedb423c38124a72c471982fb08a16fb
+Author: solene@openbsd.org <solene@openbsd.org>
+Date:   Wed Jul 15 07:50:46 2020 +0000
 
-    upstream: Extends the SK API to accept a set of key/value options
-    
-    for all operations. These are intended to future-proof the API a little by
-    making it easier to specify additional fields for without having to change
-    the API version for each.
-    
-    At present, only two options are defined: one to explicitly specify
-    the device for an operation (rather than accepting the middleware's
-    autoselection) and another to specify the FIDO2 username that may
-    be used when generating a resident key. These new options may be
-    invoked at key generation time via ssh-keygen -O
+    upstream: - Add [-a rounds] in ssh-keygen man page and usage() -
     
-    This also implements a suggestion from Markus to avoid "int" in favour
-    of uint32_t for the algorithm argument in the API, to make implementation
-    of ssh-sk-client/helper a little easier.
+    Reorder parameters list in the first usage() case - Sentence rewording
     
-    feedback, fixes and ok markus@
+    ok dtucker@
+    jmc@ noticed usage() missed -a flag too
     
-    OpenBSD-Commit-ID: 973ce11704609022ab36abbdeb6bc23c8001eabc
+    OpenBSD-Commit-ID: f06b9afe91cc96f260b929a56e9930caecbde246
 
-commit 2ab335712d084d9ccaf3f53afc3fa9535329da87
-Author: beck@openbsd.org <beck@openbsd.org>
-Date:   Sun Jan 5 16:28:22 2020 +0000
+commit 69924a92c3af7b99a7541aa544a2334ec0fb092c
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Wed Jul 15 05:40:05 2020 +0000
 
-    upstream: fix CanonicalizeHostname, broken by rev 1.507
-    
-    Issue noticed and reported by Pierre-Olivier Martel <pom@apple.com>
-    ok dtucker@ markus@ djm@
+    upstream: start sentence with capital letter;
     
-    OpenBSD-Commit-ID: 749f3168ec520609c35b0c4e1984e5fa47f16094
+    OpenBSD-Commit-ID: ab06581d51b2b4cc1b4aab781f7f3cfa56cad973
 
-commit 69e44ba701b90b0f530d64c3fe4363ea86e50cd3
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Mon Jan 6 09:02:53 2020 +1100
+commit 5b56bd0affea7b02b540bdbc4d1d271b0e4fc885
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Jul 17 13:15:50 2020 +1000
 
-    Fix typo: 'you' -> 'your'.
+    detect Linux/X32 systems
     
-    bz#3108 from jmckitrick@gmail.com.
+    This is a frankenstein monster of AMD64 instructions/calling conventions
+    but with a 4GB address space. Allegedly deprecated but people still run
+    into it causing weird sandbox failures, e.g. bz#3085
 
-commit 7652a57662969bd5c61448b3843ec6d407ad12be
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Mon Jan 6 08:56:46 2020 +1100
+commit 9c9ddc1391d6af8d09580a2424ab467d0a5df3c7
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Wed Jul 15 06:43:16 2020 +0000
 
-    Remove auth-skey.c.
+    upstream: Fix previous by calling the correct function.
     
-    S/Key support was removed in OpenSSH 7.8 but this file was missed.
+    OpenBSD-Regress-ID: 821cdd1dff9c502cceff4518b6afcb81767cad5a
 
-commit c593cc5e826c9f4ec506e22b629d37cabfaacff9
-Author: jmc@openbsd.org <jmc@openbsd.org>
-Date:   Fri Jan 3 07:33:33 2020 +0000
+commit f1a4798941b4372bfe5e46f1c0f8672fe692d9e4
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Wed Jul 15 05:36:50 2020 +0000
 
-    upstream: the download resident keys option is -K (upper) not -k
-    
-    (lower); ok djm
+    upstream: Update test to match recent change in match.c
     
-    OpenBSD-Commit-ID: 71dc28a3e1fa7c553844abc508845bcf5766e091
+    OpenBSD-Regress-ID: 965bda1f95f09a765050707340c73ad755f41167
 
-commit ff31f15773ee173502eec4d7861ec56f26bba381
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Jan 3 03:02:26 2020 +0000
+commit d7e71be4fd57b7c7e620d733cdf2333b27bfa924
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Wed Jul 15 15:30:43 2020 +1000
 
-    upstream: what bozo decided to use 2020 as a future date in a regress
-    
-    test?
+    Adjust portable code to match changes in 939d787d,
+
+commit fec89f32a84fd0aa1afc81deec80a460cbaf451a
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Wed Jul 15 04:27:34 2020 +0000
+
+    upstream: Add default for number of rounds (-a). ok djm@
     
-    OpenBSD-Regress-ID: 3b953df5a7e14081ff6cf495d4e8d40e153cbc3a
+    OpenBSD-Commit-ID: cb7e9aa04ace01a98e63e4bd77f34a42ab169b15
 
-commit 680eb7749a39d0e4d046e66cac4e51e8e3640b75
+commit aaa8b609a7b332be836cd9a3b782422254972777
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Jan 3 02:46:19 2020 +0000
+Date:   Tue Jul 14 23:57:01 2020 +0000
 
-    upstream: implement recent SK API change to support resident keys
+    upstream: allow some additional control over the use of ssh-askpass
     
-    and PIN prompting in the dummy middleware that we use for the tests. Should
-    fix breakage spotted by dtucker@
+    via $SSH_ASKPASS_REQUIRE, including force-enable/disable. bz#69 ok markus@
     
-    OpenBSD-Regress-ID: 379cf9eabfea57aaf7f3f59dafde59889566c484
+    OpenBSD-Commit-ID: 3a1e6cbbf6241ddc4405c4246caa2c249f149eb2
 
-commit 86834fe6b54ac57b8528c30cf0b27e5cac5b7af7
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Thu Jan 2 13:25:38 2020 +0000
+commit 6368022cd4dd508671c4999a59ec5826df098530
+Author: deraadt@openbsd.org <deraadt@openbsd.org>
+Date:   Tue Jul 7 02:47:21 2020 +0000
 
-    upstream: Update keygen moduli screen test to match recent command
-    
-    line option change to ssh-keygen(1).
+    upstream: correct recently broken comments
     
-    OpenBSD-Regress-ID: 744a72755004377e9669b662c13c6aa9ead8a0c3
+    OpenBSD-Commit-ID: 964d9a88f7de1d0eedd3f8070b43fb6e426351f1
 
-commit 9039971887cccd95b209c479296f772a3a93e8e7
+commit 6d755706a0059eb9e2d63517f288b75cbc3b4701
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Thu Jan 2 22:40:09 2020 +0000
+Date:   Sun Jul 5 23:59:45 2020 +0000
 
-    upstream: ability to download FIDO2 resident keys from a token via
-    
-    "ssh-keygen -K". This will save public/private keys into the current
-    directory.
-    
-    This is handy if you move a token between hosts.
-    
-    feedback & ok markus@
+    upstream: some language improvements; ok markus
     
-    OpenBSD-Commit-ID: d57c1f9802f7850f00a117a1d36682a6c6d10da6
+    OpenBSD-Commit-ID: 939d787d571b4d5da50b3b721fd0b2ac236acaa8
 
-commit 878ba4350d57e905d6bb1865d8ff31bdfe5deab4
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Thu Jan 2 22:38:33 2020 +0000
+commit b0c1e8384d5e136ebdf895d1434aea7dd8661a1c
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Fri Jul 3 10:12:26 2020 +0000
 
-    upstream: add sshkey_save_public(), to save a public key; ok
-    
-    markus@
+    upstream: update setproctitle after re-exec; ok djm
     
-    OpenBSD-Commit-ID: 5d6f96a966d10d7fa689ff9aa9e1d6767ad5a076
+    OpenBSD-Commit-ID: bc92d122f9184ec2a9471ade754b80edd034ce8b
 
-commit 3b1382ffd5e71eff78db8cef0f3cada22ff29409
-Author: jmc@openbsd.org <jmc@openbsd.org>
-Date:   Mon Dec 30 16:10:00 2019 +0000
+commit cd119a5ec2bf0ed5df4daff3bd14f8f7566dafd3
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Fri Jul 3 10:11:33 2020 +0000
 
-    upstream: simplify the list for moduli options - no need for
-    
-    -compact;
+    upstream: keep ignoring HUP after fork+exec; ok djm
     
-    OpenBSD-Commit-ID: 6492c72280482c6d072be46236b365cb359fc280
+    OpenBSD-Commit-ID: 7679985a84ee5ceb09839905bb6f3ddd568749a2
 
-commit 0248ec7c763dee9ff730a589e3d166eac5c74d7c
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Jan 2 13:41:31 2020 +1100
+commit 8af4a743693ccbea3e15fc9e93edbeb610fa94f4
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Fri Jul 3 10:10:17 2020 +0000
 
-    ssh-sk-null.cc needs extern "C" {}
+    upstream: don't exit the listener on send_rexec_state errors; ok
+    
+    djm
+    
+    OpenBSD-Commit-ID: 57cbd757d130d3f45b7d41310b3a15eeec137d5c
 
-commit 5ca4b414effe4b56f0cfe3058c92391aa8a43871
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Jan 2 10:56:29 2020 +1100
+commit 03da4c2b70468f04ed1c08518ea0a70e67232739
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Wed Jul 15 04:55:47 2020 +0000
 
-    add dummy ssh-sk API for linking with fuzzers
+    upstream: Use $OBJ to find key files. Fixes test when run on an obj
+    
+    directory (on OpenBSD) or out of tree (in Portable).
+    
+    OpenBSD-Regress-ID: 938fa8ac86adaa527d64a305bd2135cfbb1c0a17
 
-commit c4b2664be7ba25e4c233315b25212dec29b727ab
-Author: Damien Miller <djm@mindrot.org>
-Date:   Mon Dec 30 21:04:09 2019 +1100
+commit 73f20f195ad18f1cf633eb7d8be95dc1b6111eea
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Sat Jul 4 23:11:23 2020 +1000
 
-    refresh depend
+    Wrap stdint.h in ifdef HAVE_STDINT_H.
 
-commit 3093d12ff80927cf45da08d9f262a26680fb14ee
+commit aa6fa4bf3023fa0e5761cd8f4b2cd015d2de74dd
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Dec 30 09:49:52 2019 +0000
+Date:   Fri Jul 3 07:25:18 2020 +0000
 
-    upstream: Remove the -x option currently used for
-    
-    FIDO/U2F-specific key flags. Instead these flags may be specified via -O.
+    upstream: put back the mux_ctx memleak fix, but only for channels of
     
-    ok markus@
+    type SSH_CHANNEL_MUX_LISTENER; Specifically SSH_CHANNEL_MUX_PROXY channels
+    should not have this structure freed.
     
-    OpenBSD-Commit-ID: f23ebde2a8a7e1bf860a51055a711cffb8c328c1
+    OpenBSD-Commit-ID: f3b213ae60405f77439e2b06262f054760c9d325
 
-commit ef65e7dbaa8fac3245aa2bfc9f7e09be7cba0d9d
+commit d8195914eb43b20b13381f4e5a74f9f8a14f0ded
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Dec 30 09:25:29 2019 +0000
+Date:   Fri Jul 3 07:17:35 2020 +0000
 
-    upstream: document SK API changes in PROTOCOL.u2f
+    upstream: revert r1.399 - the lifetime of c->mux_ctx is more complex;
     
-    ok markus@
+    simply freeing it here causes other problems
     
-    OpenBSD-Commit-ID: 52622363c103a3c4d3d546050480ffe978a32186
+    OpenBSD-Commit-ID: c6fee8ca94e2485faa783839541962be2834c5ed
 
-commit 43ce96427b76c4918e39af654e2fc9ee18d5d478
+commit 20b5fab9f773b3d3c7f06cb15b8f69a2c081ee80
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Dec 30 09:24:45 2019 +0000
+Date:   Fri Jul 3 07:02:37 2020 +0000
 
-    upstream: translate and return error codes; retry on bad PIN
-    
-    Define some well-known error codes in the SK API and pass
-    them back via ssh-sk-helper.
-    
-    Use the new "wrong PIN" error code to retry PIN prompting during
-    ssh-keygen of resident keys.
+    upstream: avoid tilde_expand_filename() in expanding ~/.ssh/rc - if
     
-    feedback and ok markus@
+    sshd is in chroot mode, the likely absence of a password database will cause
+    tilde_expand_filename() to fatal; ok dtucker@
     
-    OpenBSD-Commit-ID: 9663c6a2bb7a0bc8deaccc6c30d9a2983b481620
+    OpenBSD-Commit-ID: e20aee6159e8b79190d18dba1513fc1b7c8b7ee1
 
-commit d433596736a2cd4818f538be11fc94783f5c5236
+commit c8935081db35d73ee6355999142fa0776a2af912
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Dec 30 09:24:03 2019 +0000
+Date:   Fri Jul 3 06:46:41 2020 +0000
 
-    upstream: improve some error messages; ok markus@
+    upstream: when redirecting sshd's log output to a file, undo this
+    
+    redirection after the session child process is forked(); ok dtucker@
     
-    OpenBSD-Commit-ID: 4ccd8ddabb8df4f995107dd3b7ea58220e93cb81
+    OpenBSD-Commit-ID: 6df86dd653c91f5bc8ac1916e7680d9d24690865
 
-commit c54cd1892c3e7f268b21e1f07ada9f0d9816ffc0
+commit 183c4aaef944af3a1a909ffa01058c65bac55748
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Dec 30 09:23:28 2019 +0000
+Date:   Fri Jul 3 06:29:57 2020 +0000
 
-    upstream: SK API and sk-helper error/PIN passing
+    upstream: start ClientAliveInterval bookkeeping before first pass
     
-    Allow passing a PIN via the SK API (API major crank) and let the
-    ssh-sk-helper API follow.
+    through select() loop; fixed theoretical case where busy sshd may ignore
+    timeouts from client; inspired by and ok dtucker
     
-    Also enhance the ssh-sk-helper API to support passing back an error
-    code instead of a complete reply. Will be used to signal "wrong PIN",
-    etc.
+    OpenBSD-Commit-ID: 96bfc4b1f86c7da313882a84755b2b47eb31957f
+
+commit 6fcfd303d67f16695198cf23d109a988e40eefb6
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Jul 3 15:28:27 2020 +1000
+
+    add check for fido_cred_set_prot() to configure
+
+commit f11b23346309e4d5138e733a49321aedd6eeaa2f
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Jul 3 05:09:06 2020 +0000
+
+    upstream: Only reset the serveralive check when we receive traffic from
     
-    feedback and ok markus@
+    the server and ignore traffic from a port forwarding client, preventing a
+    client from keeping a connection alive when it should be terminated.  Based
+    on a patch from jxraynor at gmail.com via openssh-unix-dev and bz#2265, ok
+    djm@
     
-    OpenBSD-Commit-ID: a1bd6b0a2421646919a0c139b8183ad76d28fb71
+    OpenBSD-Commit-ID: a941a575a5cbc244c0ef5d7abd0422bbf02c2dcd
 
-commit 79fe22d9bc2868c5118f032ec1200ac9c2e3aaef
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Dec 30 09:22:49 2019 +0000
+commit adfdbf1211914b631c038f0867a447db7b519937
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Jul 3 15:15:15 2020 +1000
 
-    upstream: implement loading resident keys in ssh-add
-    
-    "ssh-add -O" will load resident keys from a FIDO2 token and add them
-    to a ssh-agent.
-    
-    feedback and ok markus@
+    sync sys-queue.h with OpenBSD upstream
     
-    OpenBSD-Commit-ID: 608104ae957a7d65cb84e0a3a26c8f60e0df3290
+    needed for TAILQ_CONCAT
 
-commit 27753a8e21887d47fe6b5c78a4aed0efe558a850
+commit 1b90ddde49e2ff377204082b6eb130a096411dc1
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Dec 30 09:21:59 2019 +0000
+Date:   Fri Jul 3 05:08:41 2020 +0000
 
-    upstream: implement loading of resident keys in ssh-sk-helper
+    upstream: fix memory leak of mux_ctx; patch from Sergiy Lozovsky
     
-    feedback and ok markus@
+    via bz3189 ok dtucker
     
-    OpenBSD-Commit-ID: b273c23769ea182c55c4a7b8f9cbd9181722011a
+    OpenBSD-Commit-ID: db249bd4526fd42d0f4f43f72f7b8b7705253bde
 
-commit 14cea36df397677b8f8568204300ef654114fd76
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Dec 30 09:21:16 2019 +0000
+commit 55ef3e9cbd5b336bd0f89205716924886fcf86de
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Wed Jul 1 16:28:31 2020 +0000
 
-    upstream: resident keys support in SK API
-    
-    Adds a sk_load_resident_keys() function to the security key
-    API that accepts a security key provider and a PIN and returns
-    a list of keys.
-    
-    Implement support for this in the usbhid middleware.
-    
-    feedback and ok markus@
+    upstream: free kex in ssh_packet_close; ok djm semarie
     
-    OpenBSD-Commit-ID: 67e984e4e87f4999ce447a6178c4249a9174eff0
+    OpenBSD-Commit-ID: dbc181e90d3d32fd97b10d75e68e374270e070a2
 
-commit 2fe05fcb4a2695f190b4fcf27770b655586ab349
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Dec 30 09:20:36 2019 +0000
+commit e1c401109b61f7dbc199b5099933d579e7fc5dc9
+Author: bket@openbsd.org <bket@openbsd.org>
+Date:   Sat Jun 27 13:39:09 2020 +0000
 
-    upstream: Factor out parsing of struct sk_enroll_response
-    
-    We'll reuse this for extracting resident keys from a device.
+    upstream: Replace TAILQ concatenation loops with TAILQ_CONCAT
     
-    feedback and ok markus@
+    OK djm@
     
-    OpenBSD-Commit-ID: 9bc1efd9c6897eac4df0983746cf6578c1542273
+    OpenBSD-Commit-ID: 454b40e09a117ddb833794358970a65b14c431ef
 
-commit 4532bd01d57ee13c3ca881eceac1bf9da96a4d7e
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Dec 30 09:19:52 2019 +0000
+commit 14beca57ac92d62830c42444c26ba861812dc837
+Author: semarie@openbsd.org <semarie@openbsd.org>
+Date:   Fri Jun 26 11:26:01 2020 +0000
 
-    upstream: basic support for generating FIDO2 resident keys
+    upstream: backout 1.293 fix kex mem-leak in ssh_packet_close at markus
     
-    "ssh-keygen -t ecdsa-sk|ed25519-sk -x resident" will generate a
-    device-resident key.
+    request
     
-    feedback and ok markus@
+    the change introduced a NULL deref in sshpkt_vfatal() (uses of ssh->kex after
+    calling ssh_packet_clear_keys())
     
-    OpenBSD-Commit-ID: 8e1b3c56a4b11d85047bd6c6c705b7eef4d58431
+    OpenBSD-Commit-ID: 9c9a6721411461b0b1c28dc00930d7251a798484
 
-commit 3e60d18fba1b502c21d64fc7e81d80bcd08a2092
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Dec 30 03:30:09 2019 +0000
+commit 598c3a5e3885080ced0d7c40fde00f1d5cdbb32b
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Jun 26 16:07:12 2020 +1000
 
-    upstream: remove single-letter flags for moduli options
-    
-    Move all moduli generation options to live under the -O flag.
-    
-    Frees up seven single-letter flags.
-    
-    NB. this change break existing ssh-keygen commandline syntax for moduli-
-    related operations. Very few people use these fortunately.
-    
-    feedback and ok markus@
-    
-    OpenBSD-Commit-ID: d498f3eaf28128484826a4fcb343612764927935
+    document a PAM spec problem in a frustrated comment
 
-commit 1e645fe767f27725dc7fd7864526de34683f7daf
+commit 976c4f86286d52a0cb2aadf4a095d379c0da752e
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Dec 30 03:28:41 2019 +0000
+Date:   Fri Jun 26 05:42:16 2020 +0000
 
-    upstream: prepare for use of ssh-keygen -O flag beyond certs
-    
-    Move list of available certificate options in ssh-keygen.1 to the
-    CERTIFICATES section.
-    
-    Collect options specified by -O but delay parsing/validation of
-    certificate options until we're sure that we're acting as a CA.
+    upstream: avoid spurious error message when ssh-keygen creates files
     
-    ok markus@
+    outside ~/.ssh; with dtucker@
     
-    OpenBSD-Commit-ID: 33e6bcc29cfca43606f6fa09bd84b955ee3a4106
+    OpenBSD-Commit-ID: ac0c662d44607e00ec78c266ee60752beb1c7e08
 
-commit 20ccd854245c598e2b47cc9f8d4955d645195055
-Author: jmc@openbsd.org <jmc@openbsd.org>
-Date:   Fri Dec 27 08:28:44 2019 +0000
+commit 32b2502a9dfdfded1ccdc1fd6dc2b3fe41bfc205
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Jun 26 15:30:06 2020 +1000
 
-    upstream: sort -Y internally in the options list, as is already
-    
-    done in synopsis;
-    
-    OpenBSD-Commit-ID: 86d033c5764404057616690d7be992e445b42274
+    missing ifdef SELINUX; spotted by dtucker
 
-commit 5b6c954751dd3677466cda7adb92e4f05446c96c
-Author: jmc@openbsd.org <jmc@openbsd.org>
-Date:   Fri Dec 27 08:25:07 2019 +0000
+commit e073106f370cdd2679e41f6f55a37b491f0e82fe
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Jun 26 05:12:21 2020 +0000
 
-    upstream: in the options list, sort -Y and -y;
+    upstream: regress test for ssh-add -d; ok dtucker@
     
-    OpenBSD-Commit-ID: 24c2e6a3aeab6e050a0271ffc73fdff91c10dcaa
+    OpenBSD-Regress-ID: 3a2e044be616afc7dd4f56c100179e83b33d8abf
 
-commit 141df487ba699cfd1ec3dcd98186e7c956e99024
-Author: naddy@openbsd.org <naddy@openbsd.org>
-Date:   Sat Dec 21 20:22:34 2019 +0000
+commit c809daaa1bad6b1c305b0e0b5440360f32546c84
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Wed Jun 24 15:16:23 2020 +0000
 
-    upstream: Replace the term "security key" with "(FIDO)
-    
-    authenticator".
-    
-    The polysemous use of "key" was too confusing.  Input from markus@.
-    ok jmc@
+    upstream: add test for mux w/-Oproxy; ok djm
     
-    OpenBSD-Commit-ID: 12eea973a44c8232af89f86e4269d71ae900ca8f
+    OpenBSD-Regress-ID: 764d5c696e2a259f1316a056e225e50023abb027
 
-commit fbd9729d4eadf2f7097b6017156387ac64302453
+commit 3d06ff4bbd3dca8054c238d2a94c0da563ef7eee
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sat Dec 21 02:33:07 2019 +0000
+Date:   Fri Jun 26 05:16:38 2020 +0000
 
-    upstream: unit tests for ForwardAgent=/path; from Eric Chiang
+    upstream: handle EINTR in waitfd() and timeout_connect() helpers;
     
-    OpenBSD-Regress-ID: 24f693f78290b2c17725dab2c614dffe4a88c8da
-
-commit e5b7cf8edca7e843adc125621e1dab14507f430a
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Dec 16 02:39:05 2019 +0000
-
-    upstream: test security key host keys in addition to user keys
+    bz#3071; ok dtucker@
     
-    OpenBSD-Regress-ID: 9fb45326106669a27e4bf150575c321806e275b1
+    OpenBSD-Commit-ID: 08fa87be50070bd8b754d9b1ebb1138d7bc9d8ee
 
-commit 40be78f503277bd91c958fa25ea9ef918a2ffd3d
+commit fe2ec0b9c19adeab0cd9f04b8152dc17f31c31e5
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sat Dec 21 02:19:13 2019 +0000
+Date:   Fri Jun 26 05:04:07 2020 +0000
 
-    upstream: Allow forwarding a different agent socket to the path
-    
-    specified by $SSH_AUTH_SOCK, by extending the existing ForwardAgent option to
-    accepting an explicit path or the name of an environment variable in addition
-    to yes/no.
+    upstream: allow "ssh-add -d -" to read keys to be deleted from
     
-    Patch by Eric Chiang, manpage by me; ok markus@
+    stdin bz#3180; ok dtucker@
     
-    OpenBSD-Commit-ID: 98f2ed80bf34ea54d8b2ddd19ac14ebbf40e9265
+    OpenBSD-Commit-ID: 15c7f10289511eb19fce7905c9cae8954e3857ff
 
-commit 416f15372bfb5be1709a0ad1d00ef5d8ebfb9e0e
-Author: naddy@openbsd.org <naddy@openbsd.org>
-Date:   Fri Dec 20 20:28:55 2019 +0000
+commit a3e0c376ffc11862fa3568b28188bd12965973e1
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Jun 26 05:03:36 2020 +0000
 
-    upstream: SSH U2F keys can now be used as host keys. Fix a garden
+    upstream: constify a few things; ok dtucker (as part of another
     
-    path sentence. ok markus@
+    diff)
     
-    OpenBSD-Commit-ID: 67d7971ca1a020acd6c151426c54bd29d784bd6b
+    OpenBSD-Commit-ID: 7c17fc987085994d752304bd20b1ae267a9bcdf6
 
-commit 68010acbcfe36167b3eece3115f3a502535f80df
+commit 74344c3ca42c3f53b00b025daf09ae7f6aa38076
 Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Dec 20 02:42:42 2019 +0000
+Date:   Fri Jun 26 05:02:03 2020 +0000
 
-    upstream: Move always unsupported keywords to be grouped with the other
+    upstream: Defer creation of ~/.ssh by ssh(1) until we attempt to
     
-    ones. Move oSecurityProvider to match the order in the OpCodes enum. Patch
-    from openbsd@academicsolutions.ch, ok djm@
+    write to it so we don't leave an empty .ssh directory when it's not needed.
+    Use the same function to replace the code in ssh-keygen that does the same
+    thing. bz#3156, ok djm@
     
-    OpenBSD-Commit-ID: 061e4505861ec1e02ba3a63e3d1b3be3cad458ec
+    OpenBSD-Commit-ID: 59c073b569be1a60f4de36f491a4339bc4ae870f
 
-commit 8784b02dc49e1c98df4e7aca466be2f652ed4ad1
+commit c9e24daac6324fcbdba171392c325bf9ccc3c768
 Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Dec 20 02:29:21 2019 +0000
+Date:   Fri Jun 26 04:45:11 2020 +0000
 
-    upstream: Remove obsolete opcodes from the configuation enum.
+    upstream: Expand path to ~/.ssh/rc rather than relying on it
     
-    Patch from openbsd@academicsolutions.ch, ok djm@
+    being relative to the current directory, so that it'll still be found if the
+    shell startup changes its directory.  Since the path is potentially longer,
+    make the cmd buffer that uses it dynamically sized.  bz#3185, with & ok djm@
     
-    OpenBSD-Commit-ID: 395c202228872ce8d9044cc08552ac969f51e01b
+    OpenBSD-Commit-ID: 36e33ff01497af3dc8226d0c4c1526fc3a1e46bf
 
-commit 345be6091bdc9be09c90a937d1320f97c01fab2a
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Dec 20 02:11:38 2019 +0000
+commit 07f5f369a25e228a7357ef6c57205f191f073d99
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Wed Jun 24 15:12:09 2020 +0000
 
-    upstream: Remove now-obsolete config options from example in
-    
-    comment.  Patch from openbsd@academicsolutions.ch, ok djm@
+    upstream: fix kex mem-leak in ssh_packet_close; ok djm
     
-    OpenBSD-Commit-ID: 35862beb0927b1cb0af476ec23cc07f6e3006101
+    OpenBSD-Commit-ID: e2e9533f393620383afd0b68ef435de8d5e8abe4
 
-commit ae024b22c4fd68e7f39681d605585889f9511108
-Author: naddy@openbsd.org <naddy@openbsd.org>
-Date:   Thu Dec 19 15:09:30 2019 +0000
+commit e35995088cd6691a712bfd586bae8084a3a922ba
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Wed Jun 24 15:10:38 2020 +0000
 
-    upstream: Document that security key-hosted keys can act as host
-    
-    keys.
-    
-    Update the list of default host key algorithms in ssh_config.5 and
-    sshd_config.5.  Copy the description of the SecurityKeyProvider
-    option to sshd_config.5.
+    upstream: fix ssh -O proxy w/mux which got broken by no longer
     
-    ok jmc@
+    making ssh->kex optional in packet.c revision 1.278 ok djm@
     
-    OpenBSD-Commit-ID: edadf3566ab5e94582df4377fee3b8b702c7eca0
+    OpenBSD-Commit-ID: 2b65df04a064c2c6277359921d2320c90ab7d917
 
-commit bc2dc091e0ac4ff6245c43a61ebe12c7e9ea0b7f
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Thu Dec 19 03:50:01 2019 +0000
+commit 250246fef22b87a54a63211c60a2def9be431fbd
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Wed Jun 24 15:09:53 2020 +0000
 
-    upstream: "Forward security" -> "Forward secrecy" since that's the
+    upstream: support loading big sshd_config files w/o realloc; ok
     
-    correct term. Add "MAC" since we use that acronym in other man pages.  ok
-    naddy@
+    djm
     
-    OpenBSD-Commit-ID: c35529e511788586725fb63bda3459e10738c5f5
+    OpenBSD-Commit-ID: ba9238e810074ac907f0cf8cee1737ac04983171
 
-commit e905f7260d72bc0e33ef5f10a0db737ff6e77ba7
-Author: naddy@openbsd.org <naddy@openbsd.org>
-Date:   Tue Dec 17 16:21:07 2019 +0000
+commit 89b54900ac61986760452f132bbe3fb7249cfdac
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Wed Jun 24 15:08:53 2020 +0000
 
-    upstream: cut obsolete lists of crypto algorithms from outline of
-    
-    how SSH works ok markus@ jmc@
+    upstream: allow sshd_config longer than 256k; ok djm
     
-    OpenBSD-Commit-ID: 8e34973f232ab48c4d4f5d07df48d501708b9160
+    OpenBSD-Commit-ID: 83f40dd5457a64c1d3928eb4364461b22766beb3
 
-commit f65cf1163ff01531ae02f3f9210391d0d692f699
-Author: tobhe@openbsd.org <tobhe@openbsd.org>
-Date:   Mon Dec 16 13:58:53 2019 +0000
+commit e3fa6249e6d9ceb57c14b04dd4c0cfab12fa7cd5
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Wed Jun 24 15:07:33 2020 +0000
 
-    upstream: strdup may return NULL if memory allocation fails. Use
-    
-    the safer xstrdup which fatals on allocation failures.
+    upstream: only call sshkey_xmss_init() once for KEY_XMSS_CERT; ok
     
-    ok markus@
+    djm
     
-    OpenBSD-Commit-ID: 8b608d387120630753cbcb8110e0b019c0c9a0d0
+    OpenBSD-Commit-ID: d0002ffb7f20f538b014d1d0735facd5a81ff096
 
-commit 57634bfc5708477826c0be265ddc59b9d83e4886
+commit 37f2da069c0619f2947fb92785051d82882876d7
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Dec 16 03:16:58 2019 +0000
+Date:   Mon Jun 22 23:44:27 2020 +0000
 
-    upstream: sort sk-* methods behind their plain key methods cousins
-    
-    for now
+    upstream: some clarifying comments
     
-    OpenBSD-Commit-ID: c97e22c2b28c0d12ee389b8b4ef5f2ada7908828
+    OpenBSD-Commit-ID: 5268479000fd97bfa30ab819f3517139daa054a2
 
-commit b8df8fe920e697edcc69c520390b78c3b7ad9d84
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Tue Dec 17 19:46:15 2019 +1100
+commit b659319a5bc9e8adf3c4facc51f37b670d2a7426
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Mon Jun 22 06:37:38 2020 +0000
 
-    Mac OS X has PAM too.
+    upstream: updated argument name for -P in first synopsis was
+    
+    missed in previous;
+    
+    OpenBSD-Commit-ID: 8d84dc3050469884ea91e29ee06a371713f2d0b7
 
-commit bf8de8b8251af69b5ce96a8faa69145af156af4d
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Tue Dec 17 19:37:06 2019 +1100
+commit 02a9222cbce7131d639984c2f6c71d1551fc3333
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Mon Jun 22 06:36:40 2020 +0000
 
-    Show portable tarball pattern in example.
+    upstream: supply word missing in previous;
+    
+    OpenBSD-Commit-ID: 16a38b049f216108f66c8b699aa046063381bd23
 
-commit a19ef613e98141cc37c8acdeebe285b9dbe2531e
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Tue Dec 17 19:35:59 2019 +1100
+commit 5098b3b6230852a80ac6cef5d53a785c789a5a56
+Author: Damien Miller <djm@mindrot.org>
+Date:   Mon Jun 22 16:54:02 2020 +1000
 
-    OpenSSL is now optional.
+    missing files for webauthn/sshsig unit test
 
-commit 1a7217ac063e48cf0082895aeee81ed2b8a57191
+commit 354535ff79380237924ac8fdc98f8cdf83e67da6
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sun Dec 15 18:58:33 2019 +0000
+Date:   Mon Jun 22 06:00:06 2020 +0000
 
-    upstream: adapt to ssh-sk-client change
+    upstream: add support for verification of webauthn sshsig signature,
+    
+    and example HTML/JS to generate webauthn signatures in SSH formats (also used
+    to generate the testdata/* for the test).
     
-    OpenBSD-Regress-ID: 40481999a5928d635ab2e5b029e8239c112005ea
+    OpenBSD-Regress-ID: dc575be5bb1796fdf4b8aaee0ef52a6671a0f6fb
 
-commit a7fc1df246e80bfdabd09b069b91c72f9c578ca8
+commit bb52e70fa5330070ec9a23069c311d9e277bbd6f
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Dec 11 18:47:14 2019 +0000
+Date:   Mon Jun 22 05:58:35 2020 +0000
 
-    upstream: it's no longer possible to disable privilege separation
+    upstream: Add support for FIDO webauthn (verification only).
     
-    in sshd, so don't double the tests' work by trying both off/on
+    webauthn is a standard for using FIDO keys in web browsers. webauthn
+    signatures are a slightly different format to plain FIDO signatures - this
+    support allows verification of these. Feedback and ok markus@
     
-    OpenBSD-Regress-ID: d366665466dbd09e9b707305da884be3e7619c68
+    OpenBSD-Commit-ID: ab7e3a9fb5782d99d574f408614d833379e564ad
 
-commit 3145d38ea06820a66c0f5e068f49af14fd2b7ac1
+commit 64bc121097f377142f1387ffb2df7592c49935af
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sun Dec 15 20:59:23 2019 +0000
+Date:   Mon Jun 22 05:56:23 2020 +0000
 
-    upstream: don't treat HostKeyAgent=none as a path either; avoids
+    upstream: refactor ECDSA-SK verification a little ahead of adding
     
-    spurious warnings from the cfgparse regress test
+    support for FIDO webauthn signature verification support; ok markus@
     
-    OpenBSD-Commit-ID: ba49ea7a5c92b8a16cb9c2e975dbb163853afc54
+    OpenBSD-Commit-ID: c9f478fd8e0c1bd17e511ce8694f010d8e32043e
 
-commit 747e25192f436e71dd39e15d65aa32bca967533a
+commit 12848191f8fe725af4485d3600e0842d92f8637f
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sun Dec 15 20:57:15 2019 +0000
+Date:   Mon Jun 22 05:54:10 2020 +0000
 
-    upstream: do not attempt to find an absolute path for sshd_config
-    
-    SecurityKeyProvider=internal - unbreaks cfgparse regress test
+    upstream: support for RFC4648 base64url encoding; ok markus
     
-    OpenBSD-Commit-ID: d2ddcf525c0dc3c8339522360c10b3c70f1fd641
+    OpenBSD-Commit-ID: 0ef22c55e772dda05c112c88412c0797fec66eb4
 
-commit 9b6e30b96b094ad787511a5b989253e3b8fe1789
+commit 473b4af43db12127137c7fc1a10928313f5a16d2
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sun Dec 15 19:47:10 2019 +0000
+Date:   Mon Jun 22 05:53:26 2020 +0000
 
-    upstream: allow ssh-keyscan to find security key hostkeys
+    upstream: better terminology for permissions; feedback & ok markus@
     
-    OpenBSD-Commit-ID: 1fe822a7f714df19a7e7184e3a3bbfbf546811d3
+    OpenBSD-Commit-ID: ff2a71803b5ea57b83cc3fa9b3be42b70e462fb9
 
-commit 56584cce75f3d20aaa30befc7cbd331d922927f3
+commit fc270baf264248c3ee3050b13a6c8c0919e6559f
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sun Dec 15 18:57:30 2019 +0000
+Date:   Mon Jun 22 05:52:05 2020 +0000
 
-    upstream: allow security keys to act as host keys as well as user
-    
-    keys.
-    
-    Previously we didn't do this because we didn't want to expose
-    the attack surface presented by USB and FIDO protocol handling,
-    but now that this is insulated behind ssh-sk-helper there is
-    less risk.
-    
-    ok markus@
+    upstream: better terminology for permissions; feedback & ok markus@
     
-    OpenBSD-Commit-ID: 77b068dd133b8d87e0f010987bd5131e640ee64c
+    OpenBSD-Commit-ID: ffb220b435610741dcb4de0e7fc68cbbdc876d2c
 
-commit 5af6fd5461bb709304e6979c8b7856c7af921c9e
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Mon Dec 16 13:55:56 2019 +1100
+commit 00531bb42f1af17ddabea59c3d9c4b0629000d27
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Jun 19 07:21:42 2020 +0000
 
-    Allow clock_nanosleep_time64 in seccomp sandbox.
+    upstream: Correct synopsis and usage for the options accepted when
+    
+    passing a command to ssh-agent.  ok jmc@
     
-    Needed on Linux ARM.  bz#3100, patch from jjelen@redhat.com.
+    OpenBSD-Commit-ID: b36f0679cb0cac0e33b361051b3406ade82ea846
 
-commit fff8ff6dd580e1a72ba09a6775d185175cdc8d13
+commit b4556c8ad7177e379f0b60305a0cd70f12180e7c
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Sun Dec 15 18:27:02 2019 +1100
+Date:   Fri Jun 19 19:22:00 2020 +1000
 
-    Put SK ECDSA bits inside ifdef OPENSSL_HAS_ECC.
-    
-    Fixes build when linking against OpenSSLs built with no-ec.
+    Add OPENBSD ORIGINAL marker to bcrypt_pbkdf.
 
-commit 9244990ecdcfa36bb9371058111685b05f201c1e
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sat Dec 14 09:21:46 2019 +1100
+commit 1babb8bb14c423011ca34c2f563bb1c51c8fbf1d
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Jun 19 19:10:47 2020 +1000
 
-    remove a bunch of ENABLE_SK #ifdefs
-    
-    The ssh-sk-helper client API gives us a nice place to disable
-    security key support when it is wasn't enabled at compile time,
-    so we don't need to check everywere.
+    Extra brackets around sizeof() in bcrypt.
     
-    Also, verification of security key signatures can remain enabled
-    all the time - it has no additional dependencies. So sshd can
-    accept security key pubkeys in authorized_keys, etc regardless of
-    the host's support for dlopen, etc.
-
-commit a33ab1688b5c460a7e2a301418241ce1b13b2638
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sat Dec 14 09:15:06 2019 +1100
-
-    ssh-sk-client.c needs includes.h
-
-commit 633778d567ad50b63d2a3bca5e1b97d279d236d9
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sat Dec 14 08:40:33 2019 +1100
-
-    only link ssh-sk-helper against libfido2
+    Prevents following warning from clang 10:
+    bcrypt_pbkdf.c:94:40: error: expression does not compute the number of
+      elements in this array; element type is ´uint32_tÂ[...]
+      place parentheses around the ´sizeof(uint64_t)´ expression to
+      silence this warning
 
-commit 7b47b40b170db4d6f41da0479575f6d99dd7228a
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sat Dec 14 08:20:52 2019 +1100
+commit 9e065729592633290e5ddb6852792913b2286545
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Jun 19 18:47:56 2020 +1000
 
-    adapt Makefile to ssh-sk-client everywhere
+    Add includes.h to new test.
+    
+    Fixes warnings eg "´bounded´ attribute directive ignor" from gcc.
 
-commit f45f3a8a12e2bee601046b916e6c5cd6eae08048
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sat Dec 14 07:53:11 2019 +1100
+commit e684b1ea365e070433f282a3c1dabc3e2311ce49
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Jun 19 18:38:39 2020 +1000
 
-    fixup
+    Skip OpenSSL specific tests w/out OpenSSL.
+    
+    Allows unit tests to pass when configure'ed --without-openssl.
 
-commit d21434766764d5babf99fc3937c19b625c0f6334
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Dec 13 20:16:56 2019 +0000
+commit 80610e97a76407ca982e62fd051c9be03622fe7b
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Jun 19 17:15:27 2020 +1000
 
-    upstream: actually commit the ssh-sk-helper client code; ok markus
-    
-    OpenBSD-Commit-ID: fd2ea776a5bbbf4d452989d3c3054cf25a5e0589
+    Hook sshsig tests up to Portable Makefiles.
 
-commit 611073fb40ecaf4ac65094e403edea3a08deb700
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Dec 13 19:11:14 2019 +0000
+commit 5dba1fcabacaab46693338ec829b42a1293d1f52
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Jun 19 05:07:09 2020 +0000
 
-    upstream: perform security key enrollment via ssh-sk-helper too.
-    
-    This means that ssh-keygen no longer needs to link against ssh-sk-helper, and
-    only ssh-sk-helper needs libfido2 and /dev/uhid* access;
+    upstream: Test that ssh-agent exits when running as as subprocess
     
-    feedback & ok markus@
+    of a specified command (ie "ssh-agent command").  Would have caught bz#3181.
     
-    OpenBSD-Commit-ID: 9464233fab95708d2ff059f8bee29c0d1f270800
+    OpenBSD-Regress-ID: 895b4765ba5153eefaea3160a7fe08ac0b6db8b3
 
-commit 612b1dd1ec91ffb1e01f58cca0c6eb1d47bf4423
+commit 68e8294f6b04f9590ea227e63d3e129398a49e27
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Dec 13 19:09:37 2019 +0000
+Date:   Fri Jun 19 04:34:21 2020 +0000
 
-    upstream: allow sshbuf_put_stringb(buf, NULL); ok markus@
+    upstream: run sshsig unit tests
     
-    OpenBSD-Commit-ID: 91482c1ada9adb283165d48dafbb88ae91c657bd
+    OpenBSD-Regress-ID: 706ef17e2b545b64873626e0e35553da7c06052a
 
-commit b52ec0ba3983859514aa7b57d6100fa9759fe696
+commit 5edfa1690e9a75048971fd8775f7c16d153779db
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Dec 13 19:09:10 2019 +0000
+Date:   Fri Jun 19 04:32:09 2020 +0000
 
-    upstream: use ssh-sk-helper for all security key signing operations
-    
-    This extracts and refactors the client interface for ssh-sk-helper
-    from ssh-agent and generalises it for use by the other programs.
-    This means that most OpenSSH tools no longer need to link against
-    libfido2 or directly interact with /dev/uhid*
+    upstream: basic unit test for sshsig.[ch], including FIDO keys
     
-    requested by, feedback and ok markus@
+    verification only so far
     
-    OpenBSD-Commit-ID: 1abcd3aea9a7460eccfbf8ca154cdfa62f1dc93f
+    OpenBSD-Regress-ID: fb1f946c8fc59206bc6a6666e577b5d5d7e45896
 
-commit c33d46868c3d88e04a92610cdb429094aeeb5847
+commit e95c0a0e964827722d29b4bc00d5c0ff4afe0ed2
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Dec 11 22:19:47 2019 +0000
+Date:   Fri Jun 19 03:48:49 2020 +0000
 
-    upstream: add a note about the 'extensions' field in the signed
-    
-    object
+    upstream: basic unit test for FIDO kep parsing
     
-    OpenBSD-Commit-ID: 67c01e0565b258e0818c1ccfe1f1aeaf9a0d4c7b
+    OpenBSD-Regress-ID: 8089b88393dd916d7c95422b442a6fd4cfe00c82
 
-commit a62f4e1960691f3aeb1f972e009788b29e2ae464
+commit 7775819c6de3e9547ac57b87c7dd2bfd28cefcc5
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Dec 10 23:37:31 2019 +0000
+Date:   Thu Jun 18 23:34:19 2020 +0000
 
-    upstream: some more corrections for documentation problems spotted
-    
-    by Ron Frederick
+    upstream: check public host key matches private; ok markus@ (as
     
-    document certifiate private key format
-    correct flags type for sk-ssh-ed25519@openssh.com keys
+    part of previous diff)
     
-    OpenBSD-Commit-ID: fc4e9a1ed7f9f7f9dd83e2e2c59327912e933e74
+    OpenBSD-Commit-ID: 65a4f66436028748b59fb88b264cb8c94ce2ba63
 
-commit 22d4beb79622fc82d7111ac941269861fc7aef8d
+commit c514f3c0522855b4d548286eaa113e209051a6d2
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Dec 10 23:21:56 2019 +0000
+Date:   Thu Jun 18 23:33:38 2020 +0000
 
-    upstream: loading security keys into ssh-agent used the extension
+    upstream: avoid spurious "Unable to load host key" message when
     
-    constraint "sk-provider@openssh.com", not "sk@openssh.com"; spotted by Ron
-    Frederick
+    sshd can load a private key but no public counterpart; with & ok markus@
     
-    OpenBSD-Commit-ID: dbfba09edbe023abadd5f59c1492df9073b0e51d
+    OpenBSD-Commit-ID: 0713cbdf9aa1ff8ac7b1f78b09ac911af510f81b
 
-commit 75f7f22a43799f6d25dffd9d6683de1601da05a3
+commit 7fafaeb5da365f4a408fec355dac04a774f27193
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Dec 10 22:43:19 2019 +0000
+Date:   Fri Jun 12 05:26:37 2020 +0000
 
-    upstream: add security key types to list of keys allowed to act as
-    
-    CAs; spotted by Ron Frederick
+    upstream: correct RFC number; from HARUYAMA Seigo via GH PR191
     
-    OpenBSD-Commit-ID: 9bb0dfff927b4f7aa70679f983f84c69d45656c3
+    OpenBSD-Commit-ID: 8d03b6c96ca98bfbc23d3754c3c33e1fe0852e10
 
-commit 516605f2d596884cedc2beed6b262716ec76f63d
+commit 3a7f654d5bcb20df24a134b6581b0d235da4564a
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Dec 10 22:37:20 2019 +0000
+Date:   Fri Jun 5 06:18:07 2020 +0000
 
-    upstream: when acting as a CA and using a security key as the CA
+    upstream: unbreak "sshd -ddd" - close of config passing fd happened too
     
-    key, remind the user to touch they key to authorise the signature.
+    early. ok markus@
     
-    OpenBSD-Commit-ID: fe58733edd367362f9766b526a8b56827cc439c1
+    OpenBSD-Commit-ID: 49346e945c6447aca3e904e65fc400128d2f8ed0
 
-commit c4036fe75ea5a4d03a2a40be1f3660dcbbfa01b2
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Dec 10 22:36:08 2019 +0000
+commit 3de02be39e5c0c2208d9682a3844991651620fcc
+Author: Andreas Schwab <schwab@suse.de>
+Date:   Mon May 25 11:10:44 2020 +0200
 
-    upstream: chop some unnecessary and confusing verbiage from the
-    
-    security key protocol description; feedback from Ron Frederick
-    
-    OpenBSD-Commit-ID: 048c9483027fbf9c995e5a51b3ac502989085a42
+    Add support for AUDIT_ARCH_RISCV64
 
-commit 59175a350fe1091af7528b2971e3273aa7ca7295
+commit ea547eb0329c2f8da77a4ac05f6c330bd49bdaab
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Dec 6 03:06:08 2019 +0000
+Date:   Fri Jun 5 03:25:35 2020 +0000
 
-    upstream: fix setting of $SSH_ASKPASS_PROMPT - it shouldn't be set
-    
-    when asking passphrases, only when confirming the use of a key (i.e. for
-    ssh-agent keys added with "ssh-add -c keyfile")
+    upstream: make sshbuf_putb(b, NULL) a no-op
     
-    OpenBSD-Commit-ID: 6643c82960d9427d5972eb702c917b3b838ecf89
+    OpenBSD-Commit-ID: 976fdc99b500e347023d430df372f31c1dd128f7
 
-commit 36eaa356d391a23a2d4e3a8aaa0223abc70b9822
+commit 69796297c812640415c6cea074ea61afc899cbaa
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Dec 6 02:55:21 2019 +0000
+Date:   Fri Jun 5 03:24:36 2020 +0000
 
-    upstream: bring the __func__
+    upstream: make sshbuf_dump() args const
     
-    OpenBSD-Commit-ID: 71a3a45b0fe1b8f680ff95cf264aa81f7abbff67
+    OpenBSD-Commit-ID: b4a5accae750875d665b862504169769bcf663bd
 
-commit 483cc723d1ff3b7fdafc6239348040a608ebc78d
-Author: jmc@openbsd.org <jmc@openbsd.org>
-Date:   Sat Nov 30 07:07:59 2019 +0000
+commit 670428895739d1f79894bdb2457891c3afa60a59
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Jun 5 03:24:16 2020 +0000
 
-    upstream: tweak the Nd lines for a bit of consistency; ok markus
+    upstream: wrap long line
     
-    OpenBSD-Commit-ID: 876651bdde06bc1e72dd4bd7ad599f42a6ce5a16
+    OpenBSD-Commit-ID: ed405a12bd27bdc9c52e169bc5ff3529b4ebbbb2
 
-commit afffd310360b155df2133d1f5f1ab2f4e939b570
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Wed Dec 11 13:22:06 2019 +1100
+commit 2f648cf222882719040906722b3593b01df4ad1a
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Jun 5 03:15:26 2020 +0000
 
-    Check if memmem is declared in system headers.
+    upstream: Correct historical comment: provos@ modified OpenSSH to
     
-    If the system (or one of the dependencies) implements memmem but does
-    not define the header, we would not declare it either resulting in
-    compiler warnings.  Check for declaration explicitly.  bz#3102.
-
-commit ad8cd420797695f3b580aea1034b9de60bede9b9
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Wed Dec 11 13:12:01 2019 +1100
-
-    Sort depends.
-
-commit 5e3abff39e01817f6866494416f2ada25c316018
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Wed Dec 11 13:09:34 2019 +1100
-
-    Sort .depend when rebuilding.
+    work with SSLeay (very quickly replaced by OpenSSL) not SSL in general.  ok
+    deraadt, historical context markus@
     
-    This makes diffs more stable between makedepend implementations.
-
-commit 5df9d1f5c0943367d9b68435f4c82224ce11a73f
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Wed Dec 11 13:06:43 2019 +1100
-
-    Update depend to include sk files.
+    OpenBSD-Commit-ID: 7209e07a2984b50411ed8ca5a4932da5030d2b90
 
-commit 9a967c5bbfca35835165f7d8a6165009f5b21872
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Mon Dec 9 20:25:26 2019 +1100
+commit 56548e4efcc3e3e8093c2eba30c75b23e561b172
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Wed Jun 3 08:23:18 2020 +0000
 
-    Describe how to build libcrypto as PIC.
+    upstream: Import regenerated moduli file.
     
-    While there, move the OpenSSL 1.1.0g caveat closer to the other version
-    information.
-
-commit b66fa5da25c4b5b67cf9f0ce7af513f5a6a6a686
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Mon Dec 9 17:23:22 2019 +1100
-
-    Recommend running LibreSSL or OpenSSL self-tests.
+    OpenBSD-Commit-ID: 52ff0e3205036147b2499889353ac082e505ea54
 
-commit fa7924008e838cded7e8a561356ffe5e06e0ed64
+commit 8da801f585dd9c534c0cbe487a3b1648036bf2fb
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Dec 6 14:17:26 2019 +1100
+Date:   Fri Jun 5 13:20:10 2020 +1000
 
-    Wrap ECC specific bits in ifdef.
+    Test fallthrough in OSSH_CHECK_CFLAG_COMPILE.
     
-    Fixes tests when built against an OpenSSL configured with no-ec.
+    clang 10's -Wimplicit-fallthrough does not understand /* FALLTHROUGH */
+    comments and we don't use the __attribute__((fallthrough)) that it's
+    looking for.  This has the effect of turning off -Wimplicit-fallthrough
+    where it does not currently help (particularly with -Werror).  ok djm@
 
-commit 2ff822eabd7d4461743f22d3b9ba35ab76069df5
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Nov 29 20:21:36 2019 +1100
+commit 049297de975b92adcc2db77e3fb7046c0e3c695d
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Wed Jun 3 08:23:18 2020 +0000
 
-    Wrap sha2.h include in ifdef.
+    upstream: Import regenerated moduli file.
     
-    Fixes build --without-openssl on at least Fedora.
+    OpenBSD-Commit-ID: 52ff0e3205036147b2499889353ac082e505ea54
 
-commit 443848155ffcda65a6077aac118c861b503a093f
-Author: Damien Miller <djm@mindrot.org>
-Date:   Fri Nov 29 15:10:21 2019 +1100
+commit b458423a38a3140ac022ffcffcb332609faccfe3
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Mon Jun 1 07:11:38 2020 +0000
 
-    compile sk-dummy.so with no-PIE version of LDFLAGS
+    upstream: Remove now-unused proto_spec and associated definitions.
     
-    This lets it pick up the -L path to libcrypto for example.
-
-commit 37f5b5346e4cc6a894245aa89d2930649bb7045b
-Author: Damien Miller <djm@mindrot.org>
-Date:   Fri Nov 29 14:48:46 2019 +1100
-
-    includes.h for sk-dummy.c, dummy
+    ok djm@
+    
+    OpenBSD-Commit-ID: 2e2b18e3aa6ee22a7b69c39f2d3bd679ec35c362
 
-commit b218055e59a7c1a1816f7a55ca18e3f3c05d63a4
-Author: Damien Miller <djm@mindrot.org>
-Date:   Fri Nov 29 12:32:23 2019 +1100
+commit 5ad3c3a33ef038b55a14ebd31faeeec46073db2c
+Author: millert@openbsd.org <millert@openbsd.org>
+Date:   Fri May 29 21:22:02 2020 +0000
 
-    (yet) another x-platform fix for sk-dummy.so
-    
-    Check for -fPIC support from compiler
+    upstream: Fix error message on close(2) and add printf format
     
-    Compile libopenbsd-compat -fPIC
+    attributes. From Christos Zoulas, OK markus@
     
-    Don't mix -fPIE and -fPIC when compiling
-
-commit 0dedb703adcd98d0dbc4479f5f312a2bd3df2850
-Author: Damien Miller <djm@mindrot.org>
-Date:   Fri Nov 29 11:53:57 2019 +1100
-
-    needs includes.h for WITH_OPENSSL
+    OpenBSD-Commit-ID: 41523c999a9e3561fcc7082fd38ea2e0629ee07e
 
-commit ef3853bb94c2c72e7eda0de6cec0bcb1da62058f
-Author: Damien Miller <djm@mindrot.org>
-Date:   Fri Nov 29 11:52:23 2019 +1100
+commit 712ac1efb687a945a89db6aa3e998c1a17b38653
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri May 29 11:17:56 2020 +0000
 
-    another attempt at sk-dummy.so working x-platform
-    
-    include a fatal() implementation to satisfy libopenbsd-compat
+    upstream: Make dollar_expand variadic and pass a real va_list to
     
-    clean up .lo and .so files
+    vdollar_percent_expand. Fixes build error on arm64 spotted by otto@.
     
-    .gitignore .lo and .so files
+    OpenBSD-Commit-ID: 181910d7ae489f40ad609b4cf4a20f3d068a7279
 
-commit d46ac56f1cbd5a855a2d5e7309f90d383dcf6431
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Nov 29 00:13:29 2019 +0000
+commit 837ffa9699a9cba47ae7921d2876afaccc027133
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri May 29 20:39:00 2020 +1000
 
-    upstream: lots of dependencies go away here with ed25519 no longer
-    
-    needing the ssh_digest API.
+    Omit ToS setting if we don't have IPV6_TCLASS too.
     
-    OpenBSD-Regress-ID: 785847ec78cb580d141e29abce351a436d6b5d49
+    Fixes tests on old BSDs.
 
-commit 7404b81f25a4a7847380c0f0cf7f1bea5f0a5cd3
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Nov 29 00:11:21 2019 +0000
+commit f85b118d2150847cc333895296bc230e367be6b5
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri May 29 09:02:44 2020 +0000
 
-    upstream: perform hashing directly in crypto_hash_sha512() using
+    upstream: Pass a NULL instead of zeroed out va_list from
     
-    libcrypto or libc SHA512 functions rather than calling ssh_digest_memory();
-    avoids many dependencies on ssh code that complicate standalone use of
-    ed25519, as we want to do in sk-dummy.so
+    dollar_expand.  The original intent was in case there's some platform where
+    va_list is not a pointer equivalent, but on i386 this chokes on the memset.
+    This unbreaks that build, but will require further consideration.
     
-    OpenBSD-Commit-ID: 5a3c37593d3ba7add037b587cec44aaea088496d
+    OpenBSD-Commit-ID: 7b90afcd8e1137a1d863204060052aef415baaf7
 
-commit d39a865b7af93a7a9b5a64cf7cf0ef4396c80ba3
+commit ec1d50b01c84ff667240ed525f669454c4ebc8e9
 Author: jmc@openbsd.org <jmc@openbsd.org>
-Date:   Thu Nov 28 12:24:31 2019 +0000
+Date:   Fri May 29 05:48:39 2020 +0000
 
-    upstream: improve the text for -A a little; input from naddy and
-    
-    djm
+    upstream: remove a stray .El;
     
-    OpenBSD-Commit-ID: f9cdfb1d6dbb9887c4bf3bb25f9c7a94294c988d
+    OpenBSD-Commit-ID: 58ddfe6f8a15fe10209db6664ecbe7896f1d167c
 
-commit 9a0e01bd0c61f553ead96b5af84abd73865847b8
-Author: jmc@openbsd.org <jmc@openbsd.org>
-Date:   Thu Nov 28 12:23:25 2019 +0000
+commit 058674a62ffe33f01d871d46e624bc2a2c22d91f
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri May 29 04:32:26 2020 +0000
 
-    upstream: reshuffle the text to read better; input from naddy,
+    upstream: Add regression and unit tests for ${ENV} style
     
-    djmc, and dtucker
+    environment variable expansion in various keywords (bz#3140).  ok djm@
     
-    OpenBSD-Commit-ID: a0b2aca2b67614dda3d6618ea097bf0610c35013
-
-commit 5ca52c0f2e5e7f7d01d8d557b994b5c2087bed00
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Nov 28 18:09:07 2019 +1100
-
-    $< doesn't work as` I thought; explicily list objs
+    OpenBSD-Regress-ID: 4d9ceb95d89365b7b674bc26cf064c15a5bbb197
 
-commit 18e84bfdc5906a73405c3b42d7f840013bbffe34
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Thu Nov 28 05:20:54 2019 +0000
+commit 0b15892fc47d6840eba1291a6be9be1a70bc8972
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri May 29 01:21:35 2020 +0000
 
-    upstream: tweak wording
+    upstream: Unit test for convtime. ok djm@
     
-    OpenBSD-Commit-ID: bd002ca1599b71331faca735ff5f6de29e32222e
-
-commit 8ef5bf9d03aa0f047711cff47f5ffbe3b33ff8c9
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Nov 28 13:12:30 2019 +1100
-
-    missing .SUFFIXES line makes make sad
-
-commit 323da82b8ea993b7f2c5793fd53b4f5ca105d19d
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Nov 28 09:53:42 2019 +1100
-
-    (hopefully) fix out of tree builds of sk-dummy.so
+    OpenBSD-Regress-ID: cec4239efa2fc4c7062064f07a847e1cbdbcd5dd
 
-commit d8b2838c5d19bf409d44ede4d32df8ee47aeb4cd
+commit 188e332d1c8f9f24e5b6659e9680bf083f837df9
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Nov 27 22:32:11 2019 +0000
+Date:   Fri May 29 05:37:03 2020 +0000
 
-    upstream: remove stray semicolon after closing brace of function;
+    upstream: mention that wildcards are processed in lexical order;
     
-    from Michael Forney
+    bz#3165
     
-    OpenBSD-Commit-ID: fda95acb799bb160d15e205ee126117cf33da3a7
+    OpenBSD-Commit-ID: 8856f3d1612bd42e9ee606d89386cae456dd165c
 
-commit 6e1d1bbf5a3eca875005e0c87f341a0a03799809
+commit 4a1b46e6d032608b7ec00ae51c4e25b82f460b05
 Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Wed Nov 27 05:38:43 2019 +0000
+Date:   Fri May 29 04:25:40 2020 +0000
 
-    upstream: Revert previous commit. The channels code still uses int
+    upstream: Allow some keywords to expand shell-style ${ENV}
     
-    in many places for channel ids so the INT_MAX check still makes sense.
+    environment variables on the client side.  The supported keywords are
+    CertificateFile, ControlPath, IdentityAgent and IdentityFile, plus
+    LocalForward and RemoteForward when used for Unix domain socket paths.  This
+    would for example allow forwarding of Unix domain socket paths that change at
+    runtime.  bz#3140, ok djm@
     
-    OpenBSD-Commit-ID: 532e4b644791b826956c3c61d6ac6da39bac84bf
+    OpenBSD-Commit-ID: a4a2e801fc2d4df2fe0e58f50d9c81b03822dffa
 
-commit 48989244658b9748b6801034ff4ffbdfc6b1520f
+commit c9bab1d3a9e183cef3a3412f57880a0374cc8cb2
 Author: Damien Miller <djm@mindrot.org>
-Date:   Wed Nov 27 16:03:12 2019 +1100
+Date:   Fri May 29 14:49:16 2020 +1000
 
-    wire sk-dummy.so into test suite
+    depend
 
-commit f79364bacaebde4f1c260318ab460fceacace02f
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Nov 27 05:00:17 2019 +0000
+commit 0b0d219313bf9239ca043f20b1a095db0245588f
+Author: sobrado <sobrado@openbsd.org>
+Date:   Thu Sep 3 23:06:28 2015 +0000
 
-    upstream: use error()+_exit() instead of fatal() to avoid running
-    
-    cleanup handlers in child process; spotted via weird regress failures in
-    portable
+    partial sync of regress/netcat.c with upstream
     
-    OpenBSD-Commit-ID: 6902a9bb3987c7d347774444f7979b8a9ba7f412
+    synchronize synopsis and usage.
 
-commit 70ec5e5e2681bcd409a9df94a2fec6f57a750945
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Wed Nov 27 03:34:04 2019 +0000
+commit 0f04c8467f589f85a523e19fd684c4f6c4ed9482
+Author: chl <chl@openbsd.org>
+Date:   Sun Jul 26 19:12:28 2015 +0000
 
-    upstream: Make channel_id u_int32_t and remove unnecessary check
-    
-    and cast that were left over from the type conversion.  Noted by
-    t-hashida@amiya.co.jp in bz#3098, ok markus@ djm@
+    partial sync of regress/netcat.c with upstream
     
-    OpenBSD-Commit-ID: 3ad105b6a905284e780b1fd7ff118e1c346e90b5
-
-commit ad44ca81bea83657d558aaef5a1d789a9032bac3
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Nov 26 23:43:10 2019 +0000
-
-    upstream: test FIDO2/U2F key types; ok markus@
+    remove unused variable
     
-    OpenBSD-Regress-ID: 367e06d5a260407619b4b113ea0bd7004a435474
+    ok tedu@
 
-commit c6efa8a91af1d4fdb43909a23a0a4ffa012155ad
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Nov 26 23:41:23 2019 +0000
+commit d6a81050ace2630b06c3c6dd39bb4eef5d1043f8
+Author: tobias <tobias@openbsd.org>
+Date:   Thu Mar 26 21:22:50 2015 +0000
 
-    upstream: add dummy security key middleware based on work by
-    
-    markus@
-    
-    This will allow us to test U2F/FIDO2 support in OpenSSH without
-    requiring real hardware.
+    partial sync of regress/netcat.c with upstream
     
-    ok markus@
+    The code in socks.c writes multiple times in a row to a socket. If the socket becomes invalid between these calls (e.g. connection closed), write will throw SIGPIPE. With this patch, SIGPIPE is ignored so we can handle write's -1 return value (errno will be EPIPE). Ultimately, it leads to program exit, too -- but with nicer error message. :)
     
-    OpenBSD-Regress-ID: 88b309464b8850c320cf7513f26d97ee1fdf9aae
+    with input by and ok djm
 
-commit 8635afa1cdc21366d61730d943f3cf61861899c8
-Author: jmc@openbsd.org <jmc@openbsd.org>
-Date:   Tue Nov 26 22:42:26 2019 +0000
+commit bf3893dddd35e16def04bf48ed2ee1ad695b8f82
+Author: tobias <tobias@openbsd.org>
+Date:   Thu Mar 26 10:36:03 2015 +0000
 
-    upstream: tweak previous;
+    partial sync of regress/netcat.c with upstream
+    
+    Check for short writes in fdpass(). Clean up while at it.
     
-    OpenBSD-Commit-ID: a4c097364c75da320f1b291568db830fb1ee4883
+    ok djm
 
-commit e0d38ae9bc8c0de421605b9021d8144e4d8ff22b
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Nov 26 03:04:27 2019 +0000
+commit e18435fec124b4c08eb6bbbbee9693dc04f4befb
+Author: jca <jca@openbsd.org>
+Date:   Sat Feb 14 22:40:22 2015 +0000
 
-    upstream: more debugging; behind DEBUG_SK
+    partial sync of regress/netcat.c with upstream
     
-    OpenBSD-Commit-ID: a978896227118557505999ddefc1f4c839818b60
-
-commit 9281d4311b8abc63b88259f354944c53f9b0b3c7
-Author: Damien Miller <djm@mindrot.org>
-Date:   Mon Nov 25 21:47:49 2019 +1100
-
-    unbreak fuzzers for recent security key changes
+    Support for nc -T on IPv6 addresses.
+    
+    ok sthen@
 
-commit c5f1cc993597fed0a9013743556b1567f476c677
+commit 4c607244054a036ad3b2449a6cb4c15feb846a76
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Nov 25 10:32:35 2019 +0000
+Date:   Fri May 29 03:14:02 2020 +0000
 
-    upstream: unbreak tests for recent security key changes
+    upstream: fix compilation on !HAVE_DLOPEN platforms; stub function
+    
+    was not updated to match API change. From Dale Rahn via beck@ ok markus@
     
-    OpenBSD-Regress-ID: 2cdf2fcae9962ca4d711338f3ceec3c1391bdf95
+    OpenBSD-Commit-ID: 2b8d054afe34c9ac85e417dae702ef981917b836
 
-commit 64988266820cc90a45a21672be9d762cbde8d34d
+commit 224418cf55611869a4ace1b8b07bba0dff77a9c3
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Nov 25 06:53:04 2019 +0000
+Date:   Fri May 29 03:11:54 2020 +0000
 
-    upstream: unbreak after security key support landed
+    upstream: fix exit status for downloading of FIDO resident keys;
+    
+    from Pedro Martelletto, ok markus@
     
-    OpenBSD-Regress-ID: 3ab578b0dbeb2aa6d9969b54a9c1bad329c0dcba
+    OpenBSD-Commit-ID: 0da77dc24a1084798eedd83c39a002a9d231faef
 
-commit e65e25c81e22ea622e89a142a303726a3882384f
-Author: tb@openbsd.org <tb@openbsd.org>
-Date:   Thu Nov 21 05:18:47 2019 +0000
+commit 1001dd148ed7c57bccf56afb40cb77482ea343a6
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri May 29 01:20:46 2020 +0000
 
-    upstream: Remove workaround for broken 'openssl rsa -text' output
-    
-    that was fixed in libcrypto/rsa/rsa_ameth.c r1.24.
+    upstream: Fix multiplier in convtime when handling seconds after
     
-    ok dtucker inoguchi
+    other units. bz#3171, spotted by ronf at timeheart.net, ok djm@.
     
-    OpenBSD-Regress-ID: c260edfac177daa8fcce90141587cf04a95c4f5f
+    OpenBSD-Commit-ID: 95b7a848e1083974a65fbb6ccb381d438e1dd5be
 
-commit 21377ec2a9378579ba4b44a681af7bbca77581f4
+commit 7af1e92cd289b7eaa9a683e9a6f2fddd98f37a01
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Nov 25 10:23:36 2019 +0000
+Date:   Wed May 27 22:37:53 2020 +0000
 
-    upstream: redundant test
+    upstream: fix Include before Match in sshd_config; bz#3122 patch
+    
+    from Jakub Jelen
     
-    OpenBSD-Commit-ID: 38fa7806c528a590d91ae560e67bd8b246c2d7a3
+    OpenBSD-Commit-ID: 1b0aaf135fe6732b5d326946042665dd3beba5f4
 
-commit 664deef95a2e770812533439b8bdd3f3c291ae59
+commit 0a9a611619b0a1fecd0195ec86a9885f5d681c84
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Nov 25 00:57:51 2019 +0000
+Date:   Wed May 27 21:59:11 2020 +0000
 
-    upstream: document the "no-touch-required" certificate extension;
+    upstream: Do not call process_queued_listen_addrs() for every
     
-    ok markus, feedback deraadt
+    included file from sshd_config; patch from Jakub Jelen
     
-    OpenBSD-Commit-ID: 47640122b13f825e9c404ea99803b2372246579d
+    OpenBSD-Commit-ID: 0ff603d6f06a7fab4881f12503b53024799d0a49
 
-commit 26cb128b31efdd5395153f4943f5be3eddc07033
+commit 16ea1fdbe736648f79a827219134331f8d9844fb
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Nov 25 00:57:27 2019 +0000
+Date:   Wed May 27 21:25:18 2020 +0000
 
-    upstream: Print a key touch reminder when generating a security
+    upstream: fix crash in recallocarray when deleting SendEnv
     
-    key. Most keys require a touch to authorize the operation.
+    variables; spotted by & ok sthen@
     
-    OpenBSD-Commit-ID: 7fe8b23edbf33e1bb81741b9f25e9a63be5f6b68
+    OpenBSD-Commit-ID: b881e8e849edeec5082b5c0a87d8d7cff091a8fd
 
-commit daeaf4136927c2a82af1399022103d67ff03f74a
+commit 47adfdc07f4f8ea0064a1495500244de08d311ed
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Nov 25 00:55:58 2019 +0000
+Date:   Wed May 27 22:35:19 2020 +0000
 
-    upstream: allow "ssh-keygen -x no-touch-required" when generating a
-    
-    security key keypair to request one that does not require a touch for each
-    authentication attempt. The default remains to require touch.
+    upstream: two new tests for Include in sshd_config, checking whether
     
-    feedback deraadt; ok markus@
+    Port directives are processed correctly and handling of Include directives
+    that appear before Match. Both tests currently fail. bz#3122 and bz#3169 -
+    patch from Jakub Jelen
     
-    OpenBSD-Commit-ID: 887e7084b2e89c0c62d1598ac378aad8e434bcbd
+    OpenBSD-Regress-ID: 8ad5a4a385a63f0a1c59c59c763ff029b45715df
+
+commit 47faad8f794516c33864d866aa1b55d88416f94c
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Wed May 27 23:26:23 2020 +1000
 
-commit 2e71263b80fec7ad977e098004fef7d122169d40
+    Document that libfido2 >= 1.4.0 is needed.
+
+commit 4be563994c0cbe9856e7dd3078909f41beae4a9c
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Nov 25 00:54:23 2019 +0000
+Date:   Tue May 26 01:59:46 2020 +0000
 
-    upstream: add a "no-touch-required" option for authorized_keys and
-    
-    a similar extension for certificates. This option disables the default
-    requirement that security key signatures attest that the user touched their
-    key to authorize them.
-    
-    feedback deraadt, ok markus
+    upstream: fix memleak of signature; from Pedro Martelletto
     
-    OpenBSD-Commit-ID: f1fb56151ba68d55d554d0f6d3d4dba0cf1a452e
+    OpenBSD-Commit-ID: d0a6eb07e77c001427d738b220dd024ddc64b2bb
 
-commit 0fddf2967ac51d518e300408a0d7e6adf4cd2634
+commit 0c111eb84efba7c2a38b2cc3278901a0123161b9
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Nov 25 00:52:46 2019 +0000
+Date:   Tue May 26 01:26:58 2020 +0000
 
-    upstream: Add a sshd_config PubkeyAuthOptions directive
+    upstream: Restrict ssh-agent from signing web challenges for FIDO
+    
+    keys.
+    
+    When signing messages in ssh-agent using a FIDO key that has an
+    application string that does not start with "ssh:", ensure that the
+    message being signed is one of the forms expected for the SSH protocol
+    (currently pubkey authentication and sshsig signatures).
+    
+    This prevents ssh-agent forwarding on a host that has FIDO keys
+    attached granting the ability for the remote side to sign challenges
+    for web authentication using those keys too.
     
-    This directive has a single valid option "no-touch-required" that
-    causes sshd to skip checking whether user presence was tested before
-    a security key signature was made (usually by the user touching the
-    key).
+    Note that the converse case of web browsers signing SSH challenges is
+    already precluded because no web RP can have the "ssh:" prefix in the
+    application string that we require.
     
     ok markus@
     
-    OpenBSD-Commit-ID: 46e434a49802d4ed82bc0aa38cb985c198c407de
+    OpenBSD-Commit-ID: 9ab6012574ed0352d2f097d307f4a988222d1b19
 
-commit b7e74ea072919b31391bc0f5ff653f80b9f5e84f
+commit 9c5f64b6cb3a68b99915202d318b842c6c76cf14
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Nov 25 00:51:37 2019 +0000
+Date:   Tue May 26 01:09:05 2020 +0000
 
-    upstream: Add new structure for signature options
-    
-    This is populated during signature verification with additional fields
-    that are present in and covered by the signature. At the moment, it is
-    only used to record security key-specific options, especially the flags
-    field.
+    upstream: improve logging for MaxStartups connection throttling:
     
-    with and ok markus@
+    have sshd log when it starts and stops throttling and periodically while in
+    this state. bz#3055 ok markus@
     
-    OpenBSD-Commit-ID: 338a1f0e04904008836130bedb9ece4faafd4e49
+    OpenBSD-Commit-ID: 2e07a09a62ab45d790d3d2d714f8cc09a9ac7ab9
 
-commit d2b0f88178ec9e3f11b606bf1004ac2fe541a2c3
+commit 756c6f66aee83a5862a6f936a316f761532f3320
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Nov 25 00:38:17 2019 +0000
+Date:   Tue May 26 01:06:52 2020 +0000
 
-    upstream: memleak in error path
+    upstream: add fmt_timeframe() (from bgpd) to format a time
+    
+    interval in a human- friendly format. Switch copyright for this file from BSD
+    to MIT to make it easier to add Henning's copyright for this function. ok
+    markus@
     
-    OpenBSD-Commit-ID: 93488431bf02dde85a854429362695d2d43d9112
+    OpenBSD-Commit-ID: 414a831c662df7e68893e5233e86f2cac081ccf9
 
-commit e2c0a21ade5e0bd7f0aab08d7eb9457f086681e9
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Nov 22 06:50:30 2019 +0000
+commit 2a63ce5cd6d0e782783bf721462239b03757dd49
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon May 18 04:29:35 2020 +0000
 
-    upstream: Wait for FD to be readable or writeable during a nonblocking
-    
-    connect, not just readable.  Prevents a timeout when the server doesn't
-    immediately send a banner (eg multiplexers like sslh) but is also slightly
-    quicker for other connections since, unlike ssh1, ssh2 doesn't specify
-    that the client should parse the server banner before sending its own.
-    Patch from mnissler@chromium.org, ok djm@
+    upstream: avoid possible NULL deref; from Pedro Martelletto
     
-    OpenBSD-Commit-ID: aba9cd8480d1d9dd31d0ca0422ea155c26c5df1d
+    OpenBSD-Commit-ID: e6099c3fbb70aa67eb106e84d8b43f1fa919b721
 
-commit 2f95d43dc222ce194622b706682e8de07c9cfb42
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Wed Nov 20 16:34:11 2019 +1100
+commit 4b307faf2fb0e63e51a550b37652f7f972df9676
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Fri May 15 08:34:03 2020 +0000
 
-    Include openssl compat header.
+    upstream: sshd listener must not block if reexecd sshd exits
+    
+    in write(2) on config_s[0] if the forked child exits early before finishing
+    recv_rexec_state (e.g. with fatal()) because config_s[1] stays open in the
+    parent. this prevents the parent from accepting new connections. ok djm,
+    deraadt
     
-    Fixes warning for ECDSA_SIG_set0 on OpenSSL versions prior to 1.1.
+    OpenBSD-Commit-ID: 92ccfeb939ccd55bda914dc3fe84582158c4a9ef
 
-commit a70d92f236576c032a45c39e68ca0d71e958d19d
+commit af8b16fb2cce880341c0ee570ceb0d84104bdcc0
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Nov 19 22:23:19 2019 +0000
+Date:   Fri May 15 03:57:33 2020 +0000
 
-    upstream: adjust on-wire signature encoding for ecdsa-sk keys to
+    upstream: fix off-by-one error that caused sftp downloads to make
     
-    better match ec25519-sk keys. Discussed with markus@ and Sebastian Kinne
+    one more concurrent request that desired. This prevented using sftp(1) in
+    unpipelined request/response mode, which is useful when debugging. Patch from
+    Stephen Goetze in bz#3054
     
-    NB. if you are depending on security keys (already?) then make sure you
-    update both your clients and servers.
+    OpenBSD-Commit-ID: 41b394ebe57037dbc43bdd0eef21ff0511191f28
+
+commit d7d753e2979f2d3c904b03a08d30856cd2a6e892
+Author: deraadt@openbsd.org <deraadt@openbsd.org>
+Date:   Wed May 13 22:38:41 2020 +0000
+
+    upstream: we are still aiming for pre-C99 ...
     
-    OpenBSD-Commit-ID: 53d88d8211f0dd02a7954d3af72017b1a79c0679
+    OpenBSD-Commit-ID: a240fc9cbe60bc4e6c3d24d022eb4ab01fe1cb38
 
-commit 26369a5f7d9c4e4ef44a3e04910126e1bcea43d8
+commit 2ad7b7e46408dbebf2a4efc4efd75a9544197d57
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Nov 19 22:21:15 2019 +0000
+Date:   Wed May 13 10:08:02 2020 +0000
 
-    upstream: a little more information from the monitor when signature
+    upstream: Enable credProtect extension when generating a resident
     
-    verification fails.
+    key.
     
-    OpenBSD-Commit-ID: e6a30071e0518cac512f9e10be3dc3500e2003f3
-
-commit 4402d6c9b5bf128dcfae2429f1d41cdaa8849b6b
-Author: jmc@openbsd.org <jmc@openbsd.org>
-Date:   Tue Nov 19 16:02:32 2019 +0000
-
-    upstream: revert previous: naddy pointed out what's meant to
+    The FIDO 2.1 Client to Authenticator Protocol introduced a "credProtect"
+    feature to better protect resident keys. This option allows (amone other
+    possibilities) requiring a PIN prior to all operations that may retrieve
+    the key handle.
     
-    happen. rethink needed...
+    Patch by Pedro Martelletto; ok djm and markus
     
-    OpenBSD-Commit-ID: fb0fede8123ea7f725fd65e00d49241c40bd3421
+    OpenBSD-Commit-ID: 013bc06a577dcaa66be3913b7f183eb8cad87e73
 
-commit 88056f881315233e990e4e04a815f8f96b4674e1
-Author: jmc@openbsd.org <jmc@openbsd.org>
-Date:   Tue Nov 19 14:54:47 2019 +0000
+commit 1e70dc3285fc9b4f6454975acb81e8702c23dd89
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed May 13 09:57:17 2020 +0000
 
-    upstream: -c and -s do not make sense with -k; reshuffle -k into
+    upstream: always call fido_init(); previous behaviour only called
     
-    the main synopsis/usage; ok djm
+    fido_init() when SK_DEBUG was defined. Harmless with current libfido2, but
+    this isn't guaranteed in the future.
     
-    OpenBSD-Commit-ID: f881ba253da015398ae8758d973e3390754869bc
+    OpenBSD-Commit-ID: c7ea20ff2bcd98dd12015d748d3672d4f01f0864
 
-commit 2cf262c21f35296c2ff718cfdb52e0473a1c3983
-Author: naddy@openbsd.org <naddy@openbsd.org>
-Date:   Mon Nov 18 23:17:48 2019 +0000
+commit f2d84f1b3fa68d77c99238d4c645d0266fae2a74
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed May 13 09:55:57 2020 +0000
 
-    upstream: document '$' environment variable expansion for
+    upstream: preserve group/world read permission on known_hosts
     
-    SecurityKeyProvider; ok djm@
+    file across runs of "ssh-keygen -Rf /path". The old behaviour was to remove
+    all rights for group/other. bz#3146 ok dtucker@
     
-    OpenBSD-Commit-ID: 76db507ebd336a573e1cd4146cc40019332c5799
+    OpenBSD-Commit-ID: dc369d0e0b5dd826430c63fd5f4b269953448a8a
 
-commit f0edda81c5ebccffcce52b182c3033531a1aab71
-Author: naddy@openbsd.org <naddy@openbsd.org>
-Date:   Mon Nov 18 23:16:49 2019 +0000
+commit 05a651400da6fbe12296c34e3d3bcf09f034fbbf
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed May 13 09:52:41 2020 +0000
 
-    upstream: more missing mentions of ed25519-sk; ok djm@
+    upstream: when ordering the hostkey algorithms to request from a
+    
+    server, prefer certificate types if the known_hosts files contain a key
+    marked as a @cert-authority; bz#3157 ok markus@
     
-    OpenBSD-Commit-ID: f242e53366f61697dffd53af881bc5daf78230ff
+    OpenBSD-Commit-ID: 8f194573e5bb7c01b69bbfaabc68f27c9fa5e0db
 
-commit 189550f5bc85148e85f4caa1f6b2fc623149a4ee
-Author: naddy@openbsd.org <naddy@openbsd.org>
-Date:   Mon Nov 18 16:10:05 2019 +0000
+commit 829451815ec207e14bd54ff5cf7e22046816f042
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue May 12 01:41:32 2020 +0000
 
-    upstream: additional missing stdarg.h includes when built without
+    upstream: fix non-ASCII quote that snuck in; spotted by Gabriel
     
-    WITH_OPENSSL; ok djm@
+    Kihlman
     
-    OpenBSD-Commit-ID: 881f9a2c4e2239849cee8bbf4faec9bab128f55b
+    OpenBSD-Commit-ID: 04bcde311de2325d9e45730c744c8de079b49800
 
-commit 723a5369864b338c48d22854bc2bb4ee5c083deb
-Author: naddy@openbsd.org <naddy@openbsd.org>
-Date:   Mon Nov 18 16:08:57 2019 +0000
+commit 5a442cec92c0efd6fffb4af84bf99c70af248ef3
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon May 11 02:11:29 2020 +0000
 
-    upstream: add the missing WITH_OPENSSL ifdefs after the ED25519-SK
+    upstream: clarify role of FIDO tokens in multi-factor
     
-    addition; ok djm@
+    authentictation; mostly from Pedro Martelletto
     
-    OpenBSD-Commit-ID: a9545e1c273e506cf70e328cbb9d0129b6d62474
+    OpenBSD-Commit-ID: fbe05685a1f99c74b1baca7130c5a03c2df7c0ac
 
-commit 478f4f98e4e93ae4ed1a8911dec4e5b75ea10f30
-Author: Damien Miller <djm@mindrot.org>
-Date:   Tue Nov 19 08:52:24 2019 +1100
+commit ecb2c02d994b3e21994f31a70ff911667c262f1f
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri May 8 05:13:14 2020 +0000
 
-    remove all EC algs from proposals, no just sk ones
+    upstream: fix compilation with DEBUG_KEXDH; bz#3160 ok dtucker@
     
-    ok dtucker@
+    OpenBSD-Commit-ID: 832e771948fb45f2270e8b8895aac36d176ba17a
 
-commit 6a7ef310da100f876a257b7367e3b0766dac3994
+commit 3ab6fccc3935e9b778ff52f9c8d40f215d58e01d
 Author: Damien Miller <djm@mindrot.org>
-Date:   Mon Nov 18 22:22:04 2019 +1100
-
-    filter PUBKEY_DEFAULT_PK_ALG for ECC algorithms
-    
-    Remove ECC algorithms from the PUBKEY_DEFAULT_PK_ALG list when
-    compiling without ECC support in libcrypto.
-
-commit 64f56f1d1af3947a71a4c391f2c08747d19ee591
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Mon Nov 18 09:15:17 2019 +0000
+Date:   Thu May 14 12:22:09 2020 +1000
 
-    upstream: LibreSSL change the format for openssl rsa -text output from
-    
-    "publicExponent" to "Exponent" so accept either.  with djm.
+    prefer ln to cp for temporary copy of sshd
     
-    OpenBSD-Regress-ID: b7e6c4bf700029a31c98be14600d4472fe0467e6
+    I saw failures on the reexec fallback test on Darwin 19.4 where
+    fork()ed children of a process that had it's executable removed
+    would instantly fail. Using ln to preserve the inode avoids this.
 
-commit 4bfc0503ad94a2a7190686a89649567c20b8534f
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Nov 18 06:58:00 2019 +0000
+commit f700d316c6b15a9cfbe87230d2dca81a5d916279
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Wed May 13 15:24:51 2020 +1000
 
-    upstream: fix a bug that prevented serialisation of ed25519-sk keys
-    
-    OpenBSD-Commit-ID: 066682b79333159cac04fcbe03ebd9c8dcc152a9
+    Actually skip pty tests when needed.
 
-commit d88205417084f523107fbe1bc92061635cd57fd2
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Nov 18 06:39:36 2019 +0000
+commit 08ce6b2210f46f795e7db747809f8e587429dfd2
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Wed May 13 13:56:45 2020 +1000
 
-    upstream: Fix incorrect error message when key certification fails
-    
-    OpenBSD-Commit-ID: 7771bd77ee73f7116df37c734c41192943a73cee
+    Skip building sk-dummy library if no SK support.
 
-commit 740c4bc9875cbb4b9fc03fd5eac19df080f20df5
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Nov 18 06:39:02 2019 +0000
+commit 102d106bc2e50347d0e545fad6ff5ce408d67247
+Author: Damien Miller <djm@mindrot.org>
+Date:   Wed May 13 12:08:34 2020 +1000
 
-    upstream: fix bug that prevented certification of ed25519-sk keys
+    explicitly manage .depend and .depend.bak
     
-    OpenBSD-Commit-ID: 64c8cc6f5de2cdd0ee3a81c3a9dee8d862645996
+    Bring back removal of .depend to give the file a known state before
+    running makedepend, but manually move aside the current .depend file
+    and restore it as .depend.bak afterwards so the stale .depend check
+    works as expected.
 
-commit 85409cbb505d8c463ab6e2284b4039764c7243de
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Nov 18 06:24:17 2019 +0000
+commit 83a6dc6ba1e03b3fa39d12a8522b8b0e68dd6390
+Author: Damien Miller <djm@mindrot.org>
+Date:   Wed May 13 12:03:42 2020 +1000
 
-    upstream: allow *-sk key types to be turned into certificates
-    
-    OpenBSD-Commit-ID: cd365ee343934862286d0b011aa77fa739d2a945
+    make depend
 
-commit e2e1283404e06a22ac6135d057199e70dcadb8dd
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Nov 18 04:55:02 2019 +0000
+commit 7c0bbed967abed6301a63e0267cc64144357a99a
+Author: Damien Miller <djm@mindrot.org>
+Date:   Wed May 13 12:01:10 2020 +1000
 
-    upstream: mention ed25519-sk key/cert types here too; prompted by
+    revert removal of .depend before makedepend
     
-    jmc@
+    Commit 83657eac4 started removing .depend before running makedepend
+    to reset the contents of .depend to a known state. Unfortunately
+    this broke the depend-check step as now .depend.bak would only ever
+    be created as an empty file.
     
-    OpenBSD-Commit-ID: e281977e4a4f121f3470517cbd5e483eee37b818
+    ok dtucker
 
-commit 97dc5d1d82865a7d20f1eb193b5c62ce684024e5
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Nov 18 04:50:45 2019 +0000
+commit 58ad004acdcabf3b9f40bc3aaa206b25d998db8c
+Author: Damien Miller <djm@mindrot.org>
+Date:   Tue May 12 12:58:46 2020 +1000
 
-    upstream: mention ed25519-sk in places where it is accepted;
-    
-    prompted by jmc@
-    
-    OpenBSD-Commit-ID: 076d386739ebe7336c2137e583bc7a5c9538a442
+    prepare for 8.3 release
 
-commit 130664344862a8c7afd3e24d8d36ce40af41a99f
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Nov 18 04:34:47 2019 +0000
+commit 4fa9e048c2af26beb7dc2ee9479ff3323e92a7b5
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri May 8 21:50:43 2020 +1000
 
-    upstream: document ed25519-sk pubkey, private key and certificate
-    
-    formats
+    Ensure SA_SIGNAL test only signals itself.
     
-    OpenBSD-Commit-ID: 795a7c1c80315412e701bef90e31e376ea2f3c88
+    When the test's child signals its parent and it exits the result of
+    getppid changes.  On Ubuntu 20.04 this results in the ppid being that
+    of the GDM session, causing it to exit.  Analysis and testing from pedro
+    at ambientworks.net
 
-commit 71856e1142fc01628ce53098f8cfc74765464b35
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Nov 18 04:29:50 2019 +0000
+commit dc2da29aae76e170d22f38bb36f1f5d1edd5ec2b
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri May 8 13:31:53 2020 +1000
 
-    upstream: correct order or ecdsa-sk private key fields
+    sync config.guess/config.sub with latest versions
     
-    OpenBSD-Commit-ID: 4d4a0c13226a79f0080ce6cbe74f73b03ed8092e
+    ok dtucker@
 
-commit 93fa2a6649ae3e0626cbff25c985a4573d63e3f2
+commit a8265bd64c14881fc7f4fa592f46dfc66b911f17
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Nov 18 04:16:53 2019 +0000
+Date:   Wed May 6 20:58:01 2020 +0000
 
-    upstream: correct description of fields in pub/private keys (was
-    
-    missing curve name); spotted by Sebastian Kinne
+    upstream: openssh-8.3; ok deraadt@
     
-    OpenBSD-Commit-ID: 2a11340dc7ed16200342d384fb45ecd4fcce26e7
+    OpenBSD-Commit-ID: c8831ec88b9c750f5816aed9051031fb535d22c1
 
-commit b497e920b409250309c4abe64229237b8f2730ba
-Author: Damien Miller <djm@mindrot.org>
-Date:   Mon Nov 18 15:05:04 2019 +1100
+commit 955854cafca88e0cdcd3d09ca1ad4ada465364a1
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed May 6 20:57:38 2020 +0000
 
-    Teach the GTK2/3 ssh-askpass the new prompt hints
-    
-    ssh/ssh-agent now sets a hint environment variable $SSH_ASKPASS_PROMPT
-    when running the askpass program. This is intended to allow the
-    askpass to vary its UI across the three cases it supports: asking for
-    a passphrase, confirming the use of a key and (recently) reminding
-    a user to touch their security key.
+    upstream: another case where a utimes() failure could make scp send
     
-    This adapts the gnome-ssh-askpass[23] to use these hints. Specifically,
-    for SSH_ASKPASS_PROMPT=confirm it will skip the text input box and show
-    only "yes"/"no" buttons. For SSH_ASKPASS_PROMPT=none (used to remind
-    users to tap their security key), it shows only a "close" button.
+    a desynchronising error; reminded by Aymeric Vincent ok deraadt markus
     
-    Help wanted: adapt the other askpass programs in active use, including
-    x11-ssh-askpass, lxqt-openssh-askpass, etc.
+    OpenBSD-Commit-ID: 2ea611d34d8ff6d703a7a8bf858aa5dbfbfa7381
 
-commit 857f49e91eeae6feb781ef5f5e26c38ca3d953ec
+commit 59d531553fd90196946743da391f3a27cf472f4e
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Mon Nov 18 14:15:26 2019 +1100
+Date:   Thu May 7 15:34:12 2020 +1000
 
-    Move ifdef OPENSSL_HAS_ECC.
+    Check if -D_REENTRANT is needed for localtime_r.
     
-    Found by -Wimplicit-fallthrough: one ECC case was not inside the ifdef.
-    ok djm@
+    On at least HP-UX 11.11, the localtime_r declararation is behind
+    ifdef _REENTRANT.  Check for and add if needed.
 
-commit 6cf1c40096a79e5eedcf897c7cdb46bb32d4a3ee
+commit c13403e55de8cdbb9da628ed95017b1d4c0f205f
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Mon Nov 18 14:14:18 2019 +1100
-
-    Enable -Wimplicit-fallthrough if supported
-    
-    Suggested by djm.
-
-commit 103c51fd5f5ddc01cd6b5c1132e711765b921bf5
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Nov 18 01:59:48 2019 +0000
+Date:   Tue May 5 11:32:43 2020 +1000
 
-    upstream: missing break in getopt switch; spotted by Sebastian Kinne
-    
-    OpenBSD-Commit-ID: f002dbf14dba5586e8407e90f0141148ade8e8fc
+    Skip security key tests if ENABLE_SK not set.
 
-commit 9a1225e8ca2ce1fe809910874935302234399a6d
+commit 4da393f87cd52d788c84112ee3f2191c9bcaaf30
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sat Nov 16 23:17:20 2019 +0000
+Date:   Fri May 1 04:03:14 2020 +0000
 
-    upstream: tweak debug message
+    upstream: sure enough, some of the test data that we though were in
     
-    OpenBSD-Commit-ID: 2bf336d3be0b7e3dd97920d7e7471146a281d2b9
-
-commit 4103a3ec7c68493dbc4f0994a229507e943a86d3
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sat Nov 16 22:42:30 2019 +0000
-
-    upstream: a little debug() in the security key interface
+    new format were actually in the old format; fix from Michael Forney
     
-    OpenBSD-Commit-ID: 4c70300609a5c8b19707207bb7ad4109e963b0e8
+    OpenBSD-Regress-ID: a41a5c43a61b0f0b1691994dbf16dfb88e8af933
 
-commit 05daa211de926f66f50b7380d637f84dc6341574
+commit 15bfafc1db4c8792265ada9623a96f387990f732
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sat Nov 16 22:36:48 2019 +0000
-
-    upstream: always use ssh-sk-helper, even for the internal USB HID
-    
-    support. This avoid the need for a wpath pledge in ssh-agent.
-    
-    reported by jmc@
-    
-    OpenBSD-Commit-ID: 19f799c4d020b870741d221335dbfa5e76691c23
-
-commit d431778a561d90131814f986b646299f9af33c8c
-Author: markus@openbsd.org <markus@openbsd.org>
-Date:   Fri Nov 15 15:41:01 2019 +0000
+Date:   Fri May 1 04:00:29 2020 +0000
 
-    upstream: fix typos in sk_enroll
+    upstream: make mktestdata.sh generate old/new format keys that we
     
-    OpenBSD-Commit-ID: faa9bf779e008b3e64e2eb1344d9b7d83b3c4487
-
-commit af90aec0443ec51e6b2d804cb91771d3905f8a6f
-Author: jmc@openbsd.org <jmc@openbsd.org>
-Date:   Fri Nov 15 11:16:28 2019 +0000
-
-    upstream: double word;
+    expect. This script was written before OpenSSH switched to new-format private
+    keys by default and was never updated to the change (until now) From Michael
+    Forney
     
-    OpenBSD-Commit-ID: 43d09bafa4ea9002078cb30ca9adc3dcc0b9c2b9
+    OpenBSD-Regress-ID: 38cf354715c96852e5b71c2393fb6e7ad28b7ca7
 
-commit fd1a96490cef7f945a1b3b5df4e90c8a1070f425
+commit 7882d2eda6ad3eb82220a85294de545d20ef82db
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Nov 15 06:00:20 2019 +0000
+Date:   Fri May 1 03:58:02 2020 +0000
 
-    upstream: remove most uses of BN_CTX
+    upstream: portability fix for sed that always emil a newline even
     
-    We weren't following the rules re BN_CTX_start/BN_CTX_end and the places
-    we were using it didn't benefit from its use anyway. ok dtucker@
+    if the input does not contain one; from Michael Forney
     
-    OpenBSD-Commit-ID: ea9ba6c0d2e6f6adfe00b309a8f41842fe12fc7a
+    OpenBSD-Regress-ID: 9190c3ddf0d2562ccc02c4a95fce0e392196bfc7
 
-commit 39b87104cdd47baf79ef77dc81de62cea07d119f
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Nov 15 18:56:54 2019 +1100
+commit 8074f9499e454df0acdacea33598858a1453a357
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri May 1 03:36:25 2020 +0000
 
-    Add wrappers for other ultrix headers.
+    upstream: remove obsolete RSA1 test keys; spotted by Michael Forney
     
-    Wrappers protect against multiple inclusions for headers that don't do
-    it themselves.
+    OpenBSD-Regress-ID: 6384ba889594e217d166908ed8253718ab0866da
 
-commit 134a74f4e0cf750931f1125beb2a3f40c54c8809
+commit c697e46c314aa94574af0d393d80f23e0ebc9748
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Nov 15 18:55:13 2019 +1100
+Date:   Sat May 2 18:34:47 2020 +1000
 
-    Add SSIZE_MAX when we define ssize_t.
+    Update .depend.
 
-commit 9c6d0a3a1ed77989d8c5436d8c3cc6c7045c0197
+commit 83657eac42941f270c4b02b2c46d9a21f616ef99
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Nov 15 17:13:19 2019 +1100
+Date:   Sat May 2 18:29:40 2020 +1000
 
-    Remove ultrix realpath hack.
+    Remove use of tail for 'make depend'.
+    
+    Not every tail supports +N and we can do with out it so just remove it.
+    Prompted by mforney at mforney.org.
 
-commit c63fba5e3472307167850bbd84187186af7fa9f0
+commit d25d630d24c5a1c64d4e646510e79dc22d6d7b88
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Nov 15 05:37:27 2019 +0000
+Date:   Sat May 2 07:19:43 2020 +0000
 
-    upstream: unshield security key privkey before attempting signature
-    
-    in agent. spotted by dtucker@
+    upstream: we have a sshkey_save_public() function to save public keys;
     
-    OpenBSD-Commit-ID: fb67d451665385b8a0a55371231c50aac67b91d2
-
-commit d165bb5396e3f718480e6039ca2cf77f5a2c2885
-Author: deraadt@openbsd.org <deraadt@openbsd.org>
-Date:   Fri Nov 15 05:26:56 2019 +0000
-
-    upstream: rewrite c99-ism
+    use it and save a bunch of redundant code.
     
-    OpenBSD-Commit-ID: d0c70cca29cfa7e6d9f7ec1d6d5dabea112499b3
-
-commit 03e06dd0e6e1c0a9f4b4b9de7def8a44dcbf93a7
-Author: deraadt@openbsd.org <deraadt@openbsd.org>
-Date:   Fri Nov 15 05:25:52 2019 +0000
-
-    upstream: only clang understands those new -W options
+    Patch from loic AT venez.fr; ok markus@ djm@
     
-    OpenBSD-Commit-ID: d9b910e412d139141b072a905e66714870c38ac0
+    OpenBSD-Commit-ID: f93e030a0ebcd0fd9054ab30db501ec63454ea5f
 
-commit 5c0bc273cba53f822b7d777bbb6c35d160d3b505
-Author: Damien Miller <djm@mindrot.org>
-Date:   Fri Nov 15 16:08:00 2019 +1100
+commit e9dc9863723e111ae05e353d69df857f0169544a
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri May 1 18:32:25 2020 +1000
 
-    configure flag to built-in security key support
+    Use LONG_LONG_MAX and friends if available.
     
-    Require --with-security-key-builtin before enabling the built-in
-    security key support (and consequent dependency on libfido2).
-
-commit fbcb9a7fa55300b8bd4c18bee024c6104c5a25d7
-Author: Damien Miller <djm@mindrot.org>
-Date:   Fri Nov 15 16:06:30 2019 +1100
-
-    upstream commit
+    If we don't have LLONG_{MIN,MAX} but do have LONG_LONG_{MIN,MAX}
+    then use those instead.  We do calculate these values in configure,
+    but it turns out that at least one compiler (old HP ANSI C) can't
+    parse "-9223372036854775808LL" without mangling it. (It can parse
+    "-9223372036854775807LL" which is presumably why its limits.h defines
+    LONG_LONG_MIN as the latter minus 1.)
     
-    revision 1.48
-    date: 2019/02/04 16:45:40;  author: millert;  state: Exp;  lines: +16 -17;  commitid: cpNtVC7erojNyctw;
-    Make gl_pathc, gl_matchc and gl_offs size_t in glob_t to match POSIX.
-    This requires a libc major version bump.  OK deraadt@
+    Fixes rekey test when compiled with the aforementioned compiler.
 
-commit 2cfb11abac85885de0cb888bbeb9a3e4303105ea
-Author: Damien Miller <djm@mindrot.org>
-Date:   Fri Nov 15 16:05:07 2019 +1100
+commit aad87b88fc2536b1ea023213729aaf4eaabe1894
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri May 1 06:31:42 2020 +0000
 
-    upstream commit
+    upstream: when receving a file in sink(), be careful to send at
     
-    revision 1.47
-    date: 2017/05/08 14:53:27;  author: millert;  state: Exp;  lines: +34 -21;  commitid: sYfxfyUHAfarP8sE;
-    Fix exponential CPU use with repeated '*' operators by changing '*'
-    handling to be interative instead of recursive.
-    Fix by Yves Orton, ported to OpenBSD glob.c by Ray Lai.  OK tb@
-
-commit 228dd595c7882bb9b161dbb7d4dca15c8a5f03f5
-Author: Damien Miller <djm@mindrot.org>
-Date:   Fri Nov 15 16:04:28 2019 +1100
-
-    upstream commit
+    most a single error response after the file has been opened. Otherwise the
+    source() and sink() can become desyncronised. Reported by Daniel Goujot,
+    Georges-Axel Jaloyan, Ryan Lahfa, and David Naccache.
     
-    revision 1.46
-    date: 2015/12/28 22:08:18;  author: mmcc;  state: Exp;  lines: +5 -9;  commitid: 0uXuF2O13NH9q2e1;
-    Remove NULL-checks before free() and a few related dead assignments.
+    ok deraadt@ markus@
     
-    ok and valuable input from millert@
+    OpenBSD-Commit-ID: 6c14d233c97349cb811a8f7921ded3ae7d9e0035
 
-commit a16f748690139b9f452485d97511ad5e578f59b2
-Author: Damien Miller <djm@mindrot.org>
-Date:   Fri Nov 15 16:02:43 2019 +1100
+commit 31909696c4620c431dd55f6cd15db65c4e9b98da
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri May 1 06:28:52 2020 +0000
 
-    upstream commit
+    upstream: expose vasnmprintf(); ok (as part of other commit) markus
     
-    revision 1.44
-    date: 2015/09/14 16:09:13;  author: tedu;  state: Exp;  lines: +3 -5;  commitid: iWfSX2BIn0sLw62l;
-    remove null check before free. from Michael McConville
-    ok semarie
-
-commit fd37cdeafe25adfcdc752280f535d28de7997ff1
-Author: Damien Miller <djm@mindrot.org>
-Date:   Fri Nov 15 16:02:27 2019 +1100
-
-    upstream commit
+    deraadt
     
-    revision 1.43
-    date: 2015/06/13 16:57:04;  author: deraadt;  state: Exp;  lines: +4 -4;  commitid: zOUKuqWBdOPOz1SZ;
-    in glob() initialize the glob_t before the first failure check.
-    from j@pureftpd.org
-    ok millert stsp
+    OpenBSD-Commit-ID: 2e80cea441c599631a870fd40307d2ade5a7f9b5
 
-commit fd62769c3882adea118dccaff80a06009874a2d1
-Author: Damien Miller <djm@mindrot.org>
-Date:   Fri Nov 15 16:01:20 2019 +1100
+commit 99ce9cefbe532ae979744c6d956b49f4b02aff82
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri May 1 04:23:11 2020 +0000
 
-    upstream commit
+    upstream: avoid NULL dereference when attempting to convert invalid
     
-    revision 1.42
-    date: 2015/02/05 12:59:57;  author: millert;  state: Exp;  lines: +2 -1;  commitid: DTQbfd4poqBW8iSJ;
-    Include stdint.h, not limits.h to get SIZE_MAX.  OK guenther@
-
-commit 2b6cba7ee2b8b36f393be739c860a9d2e5d8eb48
-Author: Damien Miller <djm@mindrot.org>
-Date:   Fri Nov 15 16:00:07 2019 +1100
-
-    upstream commit
+    ssh.com private keys using "ssh-keygen -i"; spotted by Michael Forney
     
-    revision 1.41
-    date: 2014/10/08 05:35:27;  author: deraadt;  state: Exp;  lines: +3 -3;  commitid: JwTGarRLHQKDgPh2;
-    obvious realloc -> reallocarray conversion
+    OpenBSD-Commit-ID: 2e56e6d26973967d11d13f56ea67145f435bf298
 
-commit ab3600665387ae34785498558c4409e27f495b0b
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Nov 15 04:12:32 2019 +0000
+commit 6c6072ba8b079e6f5caa38b011a6f4570c14ed38
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri May 1 15:09:26 2020 +1000
 
-    upstream: don't consult dlopen whitelist for internal security key
+    See if SA_RESTART signals will interrupt select().
     
-    provider; spotted by dtucker@
+    On some platforms (at least older HP-UXes such as 11.11, possibly others)
+    setting SA_RESTART on signal handers will cause it to not interrupt
+    select(), at least for calls that do not specify a timeout.  Try to
+    detect this and if found, don't use SA_RESTART.
     
-    OpenBSD-Commit-ID: bfe5fbd17e4ff95dd85b9212181652b54444192e
+    POSIX says "If SA_RESTART has been set for the interrupting signal, it
+    is implementation-dependent whether select() restarts or returns with
+    [EINTR]" so this behaviour is within spec.
 
-commit 19f8ec428db835f68c1cfd63587e9880ccd6486c
+commit 90a0b434ed41f9c505662dba8782591818599cb3
 Author: Damien Miller <djm@mindrot.org>
-Date:   Fri Nov 15 15:08:28 2019 +1100
+Date:   Fri May 1 13:55:03 2020 +1000
 
-    upstream commit
-    
-    revision 1.40
-    date: 2013/09/30 12:02:34;  author: millert;  state: Exp;  lines: +14 -15;
-    Use PATH_MAX, NAME_MAX and LOGIN_NAME_MAX not MAXPATHNAMELEN,
-    MAXNAMLEN or MAXLOGNAME where possible.  OK deraadt@
+    fix reversed test
 
-commit bb7413db98e418d4af791244660abf6c829783f5
+commit c0dfd18dd1c2107c73d18f70cd164f7ebd434b08
 Author: Damien Miller <djm@mindrot.org>
-Date:   Fri Nov 15 15:07:30 2019 +1100
+Date:   Fri May 1 13:29:16 2020 +1000
 
-    upstream commit
-    
-    revision 1.39
-    date: 2012/01/20 07:09:42;  author: tedu;  state: Exp;  lines: +4 -4;
-    the glob stat limit is way too low.  bump to 2048.
-    while here, failed stats should count against the limit too.
-    ok deraadt sthen stsp
+    wrap sha2.h inclusion in #ifdef HAVE_SHA2_H
 
-commit 01362cf7cb979525c014714e2bccf799a46e772e
+commit a01817a9f63dbcbbc6293aacc4019993a4cdc7e3
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Nov 15 03:41:57 2019 +0000
+Date:   Tue Apr 28 04:59:29 2020 +0000
 
-    upstream: U2F tokens may return FIDO_ERR_USER_PRESENCE_REQUIRED when
-    
-    probed to see if they own a key handle. Handle this case so the find_device()
-    look can work for them. Reported by Michael Forney
+    upstream: adapt dummy FIDO middleware to API change; ok markus@
     
-    OpenBSD-Commit-ID: 2ccd5b30a6ddfe4dba228b7159bf168601bd9166
-
-commit cf62307bc9758105913dcb91b418e4968ac2244d
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Nov 15 14:01:00 2019 +1100
-
-    Add libfido2 to INSTALL.
-
-commit 69fbda1894349d1f420c842dfcbcc883239d1aa7
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Nov 15 13:42:15 2019 +1100
-
-    libcrypto is now optional.
+    OpenBSD-Regress-ID: 8bb84ee500c2eaa5616044314dd0247709a1790f
 
-commit 45ffa369886e37930776d7c15dd8b973242d6ecc
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Nov 15 02:38:07 2019 +0000
+commit 261571ddf02ea38fdb5e4a97c69ee53f847ca5b7
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Thu Apr 30 18:28:37 2020 +0000
 
-    upstream: show the "please touch your security key" notifier when
-    
-    using the (default) build-in security key support.
+    upstream: tweak previous; ok markus
     
-    OpenBSD-Commit-ID: 4707643aaa7124501d14e92d1364b20f312a6428
+    OpenBSD-Commit-ID: 41895450ce2294ec44a5713134491cc31f0c09fd
 
-commit 49dc9fa928d77807c53bdc2898db7fb515fe5eb3
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Nov 15 02:37:24 2019 +0000
+commit 5de21c82e1d806d3e401b5338371e354b2e0a66f
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Thu Apr 30 17:12:20 2020 +0000
 
-    upstream: close the "touch your security key" notifier on the error
+    upstream: bring back debug() removed in rev 1.74; noted by pradeep
     
-    path too
+    kumar
     
-    OpenBSD-Commit-ID: c7628bf80505c1aefbb1de7abc8bb5ee51826829
+    OpenBSD-Commit-ID: 8d134d22ab25979078a3b48d058557d49c402e65
 
-commit 22a82712e89bf17c27427aeba15795fb4011a0c2
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Nov 15 02:20:06 2019 +0000
+commit ea14103ce9a5e13492e805f7e9277516ff5a4273
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Thu Apr 30 17:07:10 2020 +0000
 
-    upstream: correct function name in debug message
+    upstream: run the 2nd ssh with BatchMode for scp -3
     
-    OpenBSD-Commit-ID: 2482c99d2ce448f39282493050f8a01e3ffc39ab
+    OpenBSD-Commit-ID: 77994fc8c7ca02d88e6d0d06d0f0fe842a935748
 
-commit 018e2902a65c22faded215a7c588492c948f108c
+commit 59d2de956ed29aa5565ed5e5947a7abdb27ac013
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Nov 15 00:32:40 2019 +0000
+Date:   Tue Apr 28 04:02:29 2020 +0000
 
-    upstream: follow existing askpass logic for security key notifier:
+    upstream: when signing a challenge using a FIDO toke, perform the
     
-    fall back to _PATH_SSH_ASKPASS_DEFAULT if no $SSH_ASKPASS environment
-    variable is set.
+    hashing in the middleware layer rather than in ssh code. This allows
+    middlewares that call APIs that perform the hashing implicitly (including
+    Microsoft's AFAIK). ok markus@
     
-    OpenBSD-Commit-ID: cda753726b13fb797bf7a9f7a0b3022d9ade4520
+    OpenBSD-Commit-ID: c9fc8630aba26c75d5016884932f08a5a237f37d
 
-commit 575d0042a94997c1eeb86a6dcfb30b3c7bdbcba3
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Thu Nov 14 21:56:52 2019 +0000
+commit c9d10dbc0ccfb1c7568bbb784f7aeb7a0b5ded12
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Sun Apr 26 09:38:14 2020 +0000
 
-    upstream: remove debugging goop that snuck in to last commit
+    upstream: Fix comment typo. Patch from mforney at mforney.org.
     
-    OpenBSD-Commit-ID: 8ea4455a2d9364a0a04f9e4a2cbfa4c9fcefe77e
+    OpenBSD-Commit-ID: 3565f056003707a5e678e60e03f7a3efd0464a2b
 
-commit 63a5b24f2dbdc9a4bf2182ac3db26731ddc617e8
-Author: Damien Miller <djm@mindrot.org>
-Date:   Fri Nov 15 11:21:26 2019 +1100
+commit 4d2c87b4d1bde019cdd0f00552fcf97dd8b39940
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Sat Apr 25 06:59:36 2020 +0000
 
-    don't fatal if libfido2 not found
+    upstream: We've standardized on memset over bzero, replace a couple
     
-    spotted by dtucker@
-
-commit 129952a81c00c332721b4ba3ede868c720ad7f4e
-Author: Damien Miller <djm@mindrot.org>
-Date:   Fri Nov 15 11:17:12 2019 +1100
-
-    correct object dependency
+    that had slipped in.  ok deraadt markus djm.
+    
+    OpenBSD-Commit-ID: f5be055554ee93e6cc66b0053b590bef3728dbd6
 
-commit 6bff9521ab9a9f7396d635755c342b72373bb4f9
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Thu Nov 14 21:27:29 2019 +0000
+commit 7f23f42123d64272a7b00754afa6b0841d676691
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri May 1 12:21:58 2020 +1000
 
-    upstream: directly support U2F/FIDO2 security keys in OpenSSH by
-    
-    linking against the (previously external) USB HID middleware. The dlopen()
-    capability still exists for alternate middlewares, e.g. for Bluetooth, NFC
-    and test/debugging.
+    Include sys/byteorder.h for htons and friends.
     
-    OpenBSD-Commit-ID: 14446cf170ac0351f0d4792ba0bca53024930069
+    These are usually in netinet/in.h but on HP-UX they are not defined if
+    _XOPEN_SOURCE_EXTENDED is set.  Only needed for netcat in the regression
+    tests.
 
-commit 4f5e331cb8e11face3025aa6578662dde489c3ad
-Author: markus@openbsd.org <markus@openbsd.org>
-Date:   Wed Nov 13 22:00:21 2019 +0000
+commit d27cba58c972d101a5de976777e518f34ac779cb
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri May 1 09:21:52 2020 +1000
 
-    upstream: in order to be able to figure out the number of
-    
-    signatures left on a shielded key, we need to transfer the number of
-    signatures left from the private to the public key. ok djm@
+    Fix conditional for openssl-based chacha20.
     
-    OpenBSD-Commit-ID: 8a5d0d260aeace47d372695fdae383ce9b962574
+    Fixes warnings or link errors when building against older OpenSSLs.
+    ok djm
 
-commit dffd02e297e6c2a4e86775f293eb1b0ff01fb3df
-Author: markus@openbsd.org <markus@openbsd.org>
-Date:   Wed Nov 13 20:25:45 2019 +0000
+commit 20819b962dc1467cd6fad5486a7020c850efdbee
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Apr 24 15:07:55 2020 +1000
 
-    upstream: fix check for sig_s; noted by qsa at qualys.com
+    Error out if given RDomain if unsupported.
     
-    OpenBSD-Commit-ID: 34198084e4afb424a859f52c04bb2c9668a52867
+    If the config contained 'RDomain %D' on a platform that did not support
+    it, the error would not be detected until runtime resulting in a broken
+    sshd.  Detect this earlier and error out if found.  bz#3126, based on a
+    patch from jjelen at redhat.com, tweaks and ok djm@
 
-commit fc173aeb1526d4268db89ec5dfebaf8750dd26cd
+commit 2c1690115a585c624eed2435075a93a463a894e2
 Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Wed Nov 13 11:25:11 2019 +0000
+Date:   Fri Apr 24 03:33:21 2020 +0000
 
-    upstream: When clients get denied by MaxStartups, send a
+    upstream: Fix incorrect error message for "too many known hosts files."
     
-    noification prior to the SSH2 protocol banner according to RFC4253 section
-    4.2.  ok djm@ deraadt@ markus@
+    bz#3149, patch from jjelen at redhat.com.
     
-    OpenBSD-Commit-ID: e5dabcb722d54dea18eafb336d50b733af4f9c63
+    OpenBSD-Commit-ID: e0fcb07ed5cf7fd54ce340471a747c24454235e5
 
-commit bf219920b70cafbf29ebc9890ef67d0efa54e738
-Author: markus@openbsd.org <markus@openbsd.org>
-Date:   Wed Nov 13 07:53:10 2019 +0000
+commit 3beb7276e7a8aedd3d4a49f9c03b97f643448c92
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Apr 24 02:19:40 2020 +0000
 
-    upstream: fix shield/unshield for xmss keys: - in ssh-agent we need
+    upstream: Remove leave_non_blocking() which is now dead code
     
-    to delay the call to shield   until we have received key specific options. -
-    when serializing xmss keys for shield we need to deal with   all optional
-    components (e.g. state might not be loaded). ok djm@
+    because nothing sets in_non_blocking_mode any more. Patch from
+    michaael.meeks at collabora.com, ok djm@
     
-    OpenBSD-Commit-ID: cc2db82524b209468eb176d6b4d6b9486422f41f
+    OpenBSD-Commit-ID: c403cefe97a5a99eca816e19cc849cdf926bd09c
 
-commit 40598b85d72a509566b7b2a6d57676c7231fed34
-Author: deraadt@openbsd.org <deraadt@openbsd.org>
-Date:   Wed Nov 13 05:42:26 2019 +0000
+commit 8654e3561772f0656e7663a0bd6a1a8cb6d43300
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Thu Apr 23 21:28:09 2020 +0000
 
-    upstream: remove size_t gl_pathc < 0 test, it is invalid. the
+    upstream: ce examples of "Ar arg Ar arg" with "Ar arg arg" and
     
-    return value from glob() is sufficient. discussed with djm
+    stop the spread;
     
-    OpenBSD-Commit-ID: c91203322db9caaf7efaf5ae90c794a91070be3c
+    OpenBSD-Commit-ID: af0e952ea0f5e2019c2ce953ed1796eca47f0705
 
-commit 72687c8e7c38736e3e64e833ee7aa8f9cd9efed1
-Author: deraadt@openbsd.org <deraadt@openbsd.org>
-Date:   Wed Nov 13 04:47:52 2019 +0000
+commit 67697e4a8246dd8423e44b8785f3ee31fee72d07
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Apr 24 11:10:18 2020 +1000
 
-    upstream: stdarg.h required more broadly; ok djm
-    
-    OpenBSD-Commit-ID: b5b15674cde1b54d6dbbae8faf30d47e6e5d6513
+    Update .depend.
 
-commit 1e0b248d47c96be944868a735553af8482300a07
+commit d6cc76176216fe3fac16cd20d148d75cb9c50876
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Thu Nov 14 16:08:17 2019 +1100
+Date:   Wed Apr 22 14:07:00 2020 +1000
 
-    Put sshsk_sign call inside ifdef ENABLE_SK.
+    Mailing list is now closed to non-subscribers.
     
-    Fixes build against OpenSSL configured without ECC.
+    While there, add a reference to the bugzilla.  ok djm@
 
-commit 546274a6f89489d2e6be8a8b62f2bb63c87a61fd
+commit cecde6a41689d0ae585ec903b190755613a6de79
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Wed Nov 13 23:27:31 2019 +1100
+Date:   Wed Apr 22 12:09:40 2020 +1000
 
-    Remove duplicate __NR_clock_nanosleep
+    Put the values from env vars back.
+    
+    This merges the values from the recently removed environment into make's
+    command line arguments since we actually need those.
 
-commit b1c82f4b8adf3f42476d8a1f292df33fb7aa1a56
+commit 300c4322b92e98d3346efa0aec1c094c94d0f964
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Wed Nov 13 23:19:35 2019 +1100
+Date:   Wed Apr 22 11:33:15 2020 +1000
 
-    seccomp: Allow clock_nanosleep() in sandbox.
+    Pass configure's egrep through to test-exec.sh.
     
-    seccomp: Allow clock_nanosleep() to make OpenSSH working with latest
-    glibc.  Patch from Jakub Jelen <jjelen@redhat.com> via bz #3093.
+    Use it to create a wrapper function to call it from tests.  Fixes the
+    keygen-comment test on platforms with impoverished default egrep (eg
+    Solaris).
 
-commit 2b523d23804c13cb68db135b919fcf312c42b580
+commit c8d9796cfe046f00eb8b2096d2b7028d6a523a84
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Wed Nov 13 11:56:56 2019 +1100
+Date:   Wed Apr 22 10:56:44 2020 +1000
 
-    Include stdarg.h for va_list in xmalloc.h.
+    Remove unneeded env vars from t-exec invocation.
 
-commit 245dcbdca5374296bdb9c48be6e24bdf6b1c0af7
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Wed Nov 13 11:19:26 2019 +1100
+commit 01d4cdcd4514e99a4b6eb9523cd832bbf008d1d7
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Tue Apr 21 23:14:58 2020 +0000
 
-    Put headers inside ifdef _AIX.
+    upstream: Backslash '$' at then end of string. Prevents warning on
+    
+    some shells.
     
-    Prevents compile errors due to missing definitions (eg va_list) on
-    non-AIX platforms.
+    OpenBSD-Regress-ID: 5dc27ab624c09d34078fd326b10e38c1ce9c741f
 
-commit a4cc579c6ad2b2e54bdd6cc0d5e12c2288113a56
+commit 8854724ccefc1fa16f10b37eda2e759c98148caa
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Wed Nov 13 10:41:41 2019 +1100
+Date:   Tue Apr 21 18:27:23 2020 +1000
 
-    Fix comment in match_usergroup_pattern_list.
+    Sync rev 1.49.
     
-    Spotted by balu.gajjala@gmail.com via bz#3092.
+    Prevent infinite for loop since i went from ssize_t to size_t.  Patch from
+    eagleoflqj via OpenSSH github PR#178, ok djm@, feedback & ok millert@
 
-commit fccff339cab5aa66f2554e0188b83f980683490b
+commit d00d07b6744d3b4bb7aca46c734ecd670148da23
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Nov 12 22:38:19 2019 +0000
+Date:   Mon Apr 20 04:44:47 2020 +0000
 
-    upstream: allow an empty attestation certificate returned by a
-    
-    security key enrollment - these are possible for tokens that only offer self-
-    attestation. This also needs support from the middleware.
+    upstream: regression test for printing of private key fingerprints and
     
-    ok markus@
+    key comments, mostly by loic AT venez.fr (slightly tweaked for portability)
+    ok dtucker@
     
-    OpenBSD-Commit-ID: 135eeeb937088ef6830a25ca0bbe678dfd2c57cc
+    OpenBSD-Regress-ID: 8dc6c4feaf4fe58b6d634cd89afac9a13fd19004
 
-commit e44bb61824e36d0d181a08489c16c378c486a974
+commit a98d5ba31e5e7e01317352f85fa63b846a960f8c
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Nov 12 22:36:44 2019 +0000
+Date:   Mon Apr 20 04:43:57 2020 +0000
 
-    upstream: security keys typically need to be tapped/touched in
-    
-    order to perform a signature operation. Notify the user when this is expected
-    via the TTY (if available) or $SSH_ASKPASS if we can.
+    upstream: fix a bug I introduced in r1.406: when printing private key
     
-    ok markus@
+    fingerprint of old-format key, key comments were not being displayed. Spotted
+    by loic AT venez.fr, ok dtucker
     
-    OpenBSD-Commit-ID: 0ef90a99a85d4a2a07217a58efb4df8444818609
+    OpenBSD-Commit-ID: 2d98e4f9eb168eea733d17e141e1ead9fe26e533
 
-commit 4671211068441519011ac0e38c588317f4157ba1
+commit 32f2d0aad42c15e19bd3b07496076ca891573a58
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Nov 12 22:35:02 2019 +0000
+Date:   Fri Apr 17 07:16:07 2020 +0000
 
-    upstream: pass SSH_ASKPASS_PROMPT hint to y/n key confirm too
+    upstream: repair private key fingerprint printing to also print
+    
+    comment after regression caused by my recent pubkey loading refactor.
+    Reported by loic AT venez.fr, ok dtucker@
     
-    OpenBSD-Commit-ID: 08d46712e5e5f1bad0aea68e7717b7bec1ab8959
+    OpenBSD-Commit-ID: f8db49acbee6a6ccb2a4259135693b3cceedb89e
 
-commit 5d1c1590d736694f41b03e686045f08fcae20d62
+commit 094dd513f4b42e6a3cebefd18d1837eb709b4d99
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Nov 12 22:34:20 2019 +0000
+Date:   Fri Apr 17 07:15:11 2020 +0000
 
-    upstream: dd API for performing one-shot notifications via tty or
+    upstream: refactor out some duplicate private key loading code;
     
-    SSH_ASKPASS
+    based on patch from loic AT venez.fr, ok dtucker@
     
-    OpenBSD-Commit-ID: 9484aea33aff5b62ce3642bf259546c7639f23f3
+    OpenBSD-Commit-ID: 5eff2476b0d8d0614924c55e350fb7bb9c84f45e
 
-commit 166927fd410823eec8a7b2472463db51e0e6fef5
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Nov 12 22:32:48 2019 +0000
+commit 4e04f46f248f1708e39b900b76c9693c820eff68
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Fri Apr 17 06:12:41 2020 +0000
 
-    upstream: add xvasprintf()
+    upstream: add space beteen macro arg and punctuation;
     
-    OpenBSD-Commit-ID: e5e3671c05c121993b034db935bce1a7aa372247
+    OpenBSD-Commit-ID: c93a6cbb4bf9468fc4c13e64bc1fd4efee201a44
 
-commit 782093ec6cf64cc6c4078410093359869ea9329f
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Wed Nov 13 09:08:55 2019 +1100
+commit 44ae009a0112081d0d541aeaa90088bedb6f21ce
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Apr 17 04:27:03 2020 +0000
 
-    Remove leftover if statement from sync.
+    upstream: auth2-pubkey r1.89 changed the order of operations to
+    
+    checking AuthorizedKeysFile first and falling back to AuthorizedKeysCommand
+    if no key was found in a file. Document this order here; bz3134
+    
+    OpenBSD-Commit-ID: afce0872cbfcfc1d4910ad7722e50f792a1dce12
 
-commit b556cc3cbf0c43f073bb41bba4e92ca709a1ec13
-Author: markus@openbsd.org <markus@openbsd.org>
-Date:   Tue Nov 12 19:34:40 2019 +0000
+commit f96f17f920f38ceea6f3c5cb0b075c46b8929fdc
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Apr 17 14:07:15 2020 +1000
 
-    upstream: remove extra layer for ed25519 signature; ok djm@
+    sys/sysctl.h is only used on OpenBSD
     
-    OpenBSD-Commit-ID: 7672d9d0278b4bf656a12d3aab0c0bfe92a8ae47
+    so change the preprocessor test used to include it to check
+    __OpenBSD__, matching the code that uses the symbols it declares.
 
-commit 3fcf69ace19e75cf9dcd7206f396adfcb29611a8
-Author: markus@openbsd.org <markus@openbsd.org>
-Date:   Tue Nov 12 19:34:00 2019 +0000
+commit 54688e937a69c7aebef8a3d50cbd4c6345bab2ca
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Apr 17 03:38:47 2020 +0000
 
-    upstream: check sig_r and sig_s for ssh-sk keys; ok djm
+    upstream: fix reversed test that caused IdentitiesOnly=yes to not
+    
+    apply to keys loaded from a PKCS11Provider; bz3141, ok dtucker@
     
-    OpenBSD-Commit-ID: 1a1e6a85b5f465d447a3800f739e35c5b74e0abc
+    OpenBSD-Commit-ID: e3dd6424b94685671fe84c9b9dbe352fb659f677
 
-commit 2c55744a56de0ffc81fe445a1e7fc5cd308712b3
-Author: markus@openbsd.org <markus@openbsd.org>
-Date:   Tue Nov 12 19:33:08 2019 +0000
+commit 267cbc87b5b6e78973ac4d3c7a6f807ed226928c
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Apr 17 03:34:42 2020 +0000
 
-    upstream: enable ed25519 support; ok djm
+    upstream: mention that /etc/hosts.equiv and /etc/shosts.equiv are
+    
+    not considered for HostbasedAuthentication when the target user is root;
+    bz3148
     
-    OpenBSD-Commit-ID: 1a399c5b3ef15bd8efb916110cf5a9e0b554ab7e
+    OpenBSD-Commit-ID: fe4c1256929e53f23af17068fbef47852f4bd752
 
-commit fd1a3b5e38721b1d69aae2d9de1a1d9155dfa5c7
-Author: markus@openbsd.org <markus@openbsd.org>
-Date:   Tue Nov 12 19:32:30 2019 +0000
+commit c90f72d29e84b4a2709078bf5546a72c29a65177
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Apr 17 03:30:05 2020 +0000
 
-    upstream: update sk-api to version 2 for ed25519 support; ok djm
+    upstream: make IgnoreRhosts a tri-state option: "yes" ignore
+    
+    rhosts/shosts, "no" allow rhosts/shosts or (new) "shosts-only" to allow
+    .shosts files but not .rhosts. ok dtucker@
     
-    OpenBSD-Commit-ID: 77aa4d5b6ab17987d8a600907b49573940a0044a
+    OpenBSD-Commit-ID: d08d6930ed06377a80cf53923c1955e9589342e9
 
-commit 7c32b51edbed5bd57870249c0a45dffd06be0002
-Author: markus@openbsd.org <markus@openbsd.org>
-Date:   Tue Nov 12 19:31:45 2019 +0000
+commit 321c7147079270f3a154f91b59e66219aac3d514
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Apr 17 03:23:13 2020 +0000
 
-    upstream: implement sshsk_ed25519_assemble(); ok djm
+    upstream: allow the IgnoreRhosts directive to appear anywhere in a
     
-    OpenBSD-Commit-ID: af9ec838b9bc643786310b5caefc4ca4754e68c6
+    sshd_config, not just before any Match blocks; bz3148, ok dtucker@
+    
+    OpenBSD-Commit-ID: e042467d703bce640b1f42c5d1a62bf3825736e8
 
-commit fe05a36dc0ea884c8c2395d53d804fe4f4202b26
-Author: markus@openbsd.org <markus@openbsd.org>
-Date:   Tue Nov 12 19:31:18 2019 +0000
+commit ca5403b085a735055ec7b7cdcd5b91f2662df94c
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Sat Apr 11 20:20:09 2020 +0000
 
-    upstream: implement sshsk_ed25519_inner_sig(); ok djm
+    upstream: add space between macro arg and punctuation;
     
-    OpenBSD-Commit-ID: f422d0052c6d948fe0e4b04bc961f37fdffa0910
+    OpenBSD-Commit-ID: e579e4d95eef13059c30931ea1f09ed8296b819c
 
-commit e03a29e6554cd0c9cdbac0dae53dd79e6eb4ea47
-Author: markus@openbsd.org <markus@openbsd.org>
-Date:   Tue Nov 12 19:30:50 2019 +0000
+commit 8af0244d7b4a65eed2e62f9c89141c7c8e63f09d
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Wed Apr 15 10:58:02 2020 +1000
 
-    upstream: rename sshsk_ecdsa_sign() to sshsk_sign(); ok djm
+    Add sys/syscall.h for syscall numbers.
     
-    OpenBSD-Commit-ID: 1524042e09d81e54c4470d7bfcc0194c5b46fe19
+    In some architecture/libc configurations we need to explicitly include
+    sys/syscall.h for the syscall number (__NR_xxx) definitions.  bz#3085,
+    patch from blowfist at xroutine.net.
 
-commit bc7b5d6187de625c086b5f639b25bbad17bbabfc
-Author: markus@openbsd.org <markus@openbsd.org>
-Date:   Tue Nov 12 19:30:21 2019 +0000
+commit 3779b50ee952078018a5d9e1df20977f4355df17
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Apr 11 10:16:11 2020 +0000
 
-    upstream: factor out sshsk_ecdsa_inner_sig(); ok djm@
+    upstream: Refactor private key parsing. Eliminates a fair bit of
+    
+    duplicated code and fixes oss-fuzz#20074 (NULL deref) caused by a missing key
+    type check in the ECDSA_CERT parsing path.
+    
+    feedback and ok markus@
     
-    OpenBSD-Commit-ID: 07e41997b542f670a15d7e2807143fe01efef584
+    OpenBSD-Commit-ID: 4711981d88afb7196d228f7baad9be1d3b20f9c9
 
-commit cef84a062db8cfeece26f067235dc440f6992c17
-Author: markus@openbsd.org <markus@openbsd.org>
-Date:   Tue Nov 12 19:29:54 2019 +0000
+commit b6a4013647db67ec622c144a9e05dd768f1966b3
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Apr 10 00:54:03 2020 +0000
 
-    upstream: factor out sshsk_ecdsa_assemble(); ok djm@
+    upstream: Add tests for TOKEN expansion of LocalForward and
+    
+    RemoteForward.
     
-    OpenBSD-Commit-ID: 2313761a3a84ccfe032874d638d3c363e0f14026
+    OpenBSD-Regress-ID: 90fcbc60d510eb114a2b6eaf4a06ff87ecd80a89
 
-commit 7c096c456f33f3d2682736d4735cc10e790276e9
-Author: markus@openbsd.org <markus@openbsd.org>
-Date:   Tue Nov 12 19:29:24 2019 +0000
+commit abc3e0a5179c13c0469a1b11fe17d832abc39999
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Mon Apr 6 09:43:55 2020 +0000
 
-    upstream: implement ssh-ed25519-sk verification; ok djm@
+    upstream: Add utf8.c for asmprintf used by krl.c
     
-    OpenBSD-Commit-ID: 37906d93948a1e3d237c20e713d6ca8fbf7d13f6
+    OpenBSD-Regress-ID: 433708d11165afdb189fe635151d21659dd37a37
 
-commit ba5fb02bed1e556d0ce7b1740ae8a5f87b737491
-Author: Damien Miller <djm@mindrot.org>
-Date:   Wed Nov 13 08:48:30 2019 +1100
+commit 990687a0336098566c3a854d23cce74a31ec6fe2
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Apr 10 00:52:07 2020 +0000
 
-    ignore ssh-sk-helper
+    upstream: Add TOKEN percent expansion to LocalFoward and RemoteForward
+    
+    when used for Unix domain socket forwarding.  Factor out the code for the
+    config keywords that use the most common subset of TOKENS into its own
+    function. bz#3014, ok jmc@ (man page bits) djm@
+    
+    OpenBSD-Commit-ID: bffc9f7e7b5cf420309a057408bef55171fd0b97
 
-commit 78c96498947f711141f493a40d202c482cc59438
-Author: deraadt@openbsd.org <deraadt@openbsd.org>
-Date:   Mon Nov 11 19:53:37 2019 +0000
+commit 2b13d3934d5803703c04803ca3a93078ecb5b715
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Apr 8 00:10:37 2020 +0000
 
-    upstream: skip demanding -fstack-protector-all on hppa. we never
+    upstream: let sshkey_try_load_public() load public keys from the
+    
+    unencrypted envelope of private key files if not sidecar public key file is
+    present.
     
-    wrote a stack protector for reverse-stack architectures, and i don't think
-    anyone else did either. a warning per compiled file is just annoying.
+    ok markus@
     
-    OpenBSD-Commit-ID: 14806a59353152f843eb349e618abbf6f4dd3ada
+    OpenBSD-Commit-ID: 252a0a580e10b9a6311632530d63b5ac76592040
 
-commit aa1c9e37789f999979fe59df74ce5c8424861ac8
+commit d01f39304eaab0352793b490a25e1ab5f59a5366
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Nov 8 03:54:02 2019 +0000
+Date:   Wed Apr 8 00:09:24 2020 +0000
 
-    upstream: duplicate 'x' character in getopt(3) optstring
+    upstream: simplify sshkey_try_load_public()
+    
+    ok markus@
     
-    OpenBSD-Commit-ID: 64c81caa0cb5798de3621eca16b7dd22e5d0d8a7
+    OpenBSD-Commit-ID: 05a5d46562aafcd70736c792208b1856064f40ad
 
-commit aa4c640dc362816d63584a16e786d5e314e24390
-Author: naddy@openbsd.org <naddy@openbsd.org>
-Date:   Thu Nov 7 08:38:38 2019 +0000
+commit f290ab0833e44355fc006e4e67b92446c14673ef
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Apr 8 00:08:46 2020 +0000
 
-    upstream: Fill in missing man page bits for U2F security key support:
-    
-    Mention the new key types, the ~/.ssh/id_ecdsa_sk file, ssh's
-    SecurityKeyProvider keyword, the SSH_SK_PROVIDER environment variable,
-    and ssh-keygen's new -w and -x options.
+    upstream: add sshkey_parse_pubkey_from_private_fileblob_type()
     
-    Copy the ssh-sk-helper man page from ssh-pkcs11-helper with minimal
-    substitutions.
+    Extracts a public key from the unencrypted envelope of a new-style
+    OpenSSH private key.
     
-    ok djm@
+    ok markus@
     
-    OpenBSD-Commit-ID: ef2e8f83d0c0ce11ad9b8c28945747e5ca337ac4
+    OpenBSD-Commit-ID: 44d7ab446e5e8c686aee96d5897b26b3939939aa
 
-commit b236b27d6dada7f0542214003632b4e9b7aa1380
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Sun Nov 3 00:10:43 2019 +1100
+commit 8d514eea4ae089626a55e11c7bc1745c8d9683e4
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Apr 8 00:07:19 2020 +0000
 
-    Put sftp-realpath in libssh.a
+    upstream: simplify sshkey_parse_private_fileblob_type()
     
-    and remove it from the specific binary targets.
-
-commit 382c18c20cdcec45b5d21ff25b4a5e0df91a68c4
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Sun Nov 3 00:09:21 2019 +1100
-
-    statfs might be defined in sys/mount.h.
+    Try new format parser for all key types first, fall back to PEM
+    parser only for invalid format errors.
     
-    eg on old NetBSDs.
-
-commit 03ffc0951c305c8e3b5fdc260d65312a57f8f7ea
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Sat Nov 2 23:25:01 2019 +1100
-
-    Put stdint.h inside ifdef HAVE_STDINT_H.
-
-commit 19cb64c4b42d4312ce12091fd9436dbd6898998c
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Sat Nov 2 22:45:44 2019 +1100
-
-    Rebuild .depend.
-
-commit 3611bfe89b92ada5914526d8ff0919aeb967cfa7
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Sat Nov 2 22:42:05 2019 +1100
-
-    Define __BSD_VISIBLE in fnmatch.h.
+    ok markus@
     
-    .. since we use symbols defined only when it is when using the compat
-    fnmatch.
+    OpenBSD-Commit-ID: 0173bbb3a5cface77b0679d4dca0e15eb5600b77
 
-commit f5cc5816aaddb8eca3cba193f53e99d6a0b37d05
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Sat Nov 2 16:39:38 2019 +1100
+commit 421169d0e758351b105eabfcebf42378ebf17217
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Apr 8 00:05:59 2020 +0000
 
-    Only enable U2F if OpenSSL supports ECC.
+    upstream: check private key type against requested key type in
     
-    This requires moving the U2F bits to below the OpenSSL parts so we have
-    the required information.  ok djm@
-
-commit ad38406fc95fa223b0ef2edf8ff50508f8ab1cb6
-Author: naddy@openbsd.org <naddy@openbsd.org>
-Date:   Fri Nov 1 12:10:43 2019 +0000
-
-    upstream: fix miscellaneous text problems; ok djm@
+    new-style private decoding; ok markus@
     
-    OpenBSD-Commit-ID: 0cbf411a14d8fa0b269b69cbb1b4fc0ca699fe9f
-
-commit 9cac151c2dc76b8e5b727b2fa216f572e372170f
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Nov 1 18:26:07 2019 +1100
-
-    Add flags needed to build and work on Ultrix.
-
-commit 0e3c5bc50907d2058407641b5a3581b7eda91b7e
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Nov 1 18:24:29 2019 +1100
-
-    Hook up fnmatch for platforms that don't have it.
-
-commit b56dbfd9d967e5b6ce7be9f81f206112e19e1030
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Nov 1 18:17:42 2019 +1100
-
-    Add missing bracket in realpath macro.
-
-commit 59ccb56f15e5e530e7c1b5a0b361749d8c6217d5
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Nov 1 17:32:47 2019 +1100
-
-    Import fnmatch.c from OpenBSD.
-
-commit 79d46de9fbea0f3c0e8ae7cf84effaba089071b0
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Nov 1 15:22:32 2019 +1100
-
-    Use sftp_realpath if no native realpath.
+    OpenBSD-Commit-ID: 04d44b3a34ce12ce5187fb6f6e441a88c8c51662
 
-commit bb4f003ed8c5f61ec74a66bcedc8ab19bf5b35c4
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Nov 1 15:06:16 2019 +1100
+commit 6aabfb6d22b36d07f584cba97f4cdc4363a829da
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Apr 8 00:04:32 2020 +0000
 
-    Configure flags for haiku from haikuports.
+    upstream: check that pubkey in private key envelope matches actual
+    
+    private key
+    
+    (this public key is currently unusued)
+    
+    ok markus@
     
-    Should build with the default flags with ./configure
+    OpenBSD-Commit-ID: 634a60b5e135d75f48249ccdf042f3555112049c
 
-commit 4332b4fe49360679647a8705bc08f4e81323f6b4
+commit c0f5b2294796451001fd328c44f0d00f1114eddf
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Nov 1 03:54:33 2019 +0000
+Date:   Wed Apr 8 00:01:52 2020 +0000
 
-    upstream: fix a race condition in the SIGCHILD handler that could turn
+    upstream: refactor private key parsing a little
     
-    in to a kill(-1); bz3084, reported by Gao Rui, ok dtucker@
+    Split out the base64 decoding and private section decryption steps in
+    to separate functions. This will make the decryption step easier to fuzz
+    as well as making it easier to write a "load public key from new-format
+    private key" function.
     
-    OpenBSD-Commit-ID: ac2742e04a69d4c34223505b6a32f6d686e18896
-
-commit 03f9205f0fb49ea2507eacc143737a8511ae5a4e
-Author: Damien Miller <djm@mindrot.org>
-Date:   Fri Nov 1 14:49:25 2019 +1100
-
-    conditionalise SK sign/verify on ENABLE_SK
+    ok markus@
     
-    Spotted by Darren and his faux-Vax
+    OpenBSD-Commit-ID: 7de31d80fb9062aa01901ddf040c286b64ff904e
 
-commit 5eb7b9563ff818e17de24231bf2d347d9db302c5
+commit 8461a5b3db34ed0b5a4a18d82f64fd5ac8693ea8
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Nov 1 14:41:07 2019 +1100
+Date:   Mon Apr 6 20:54:34 2020 +1000
 
-    Add prototype for localtime_r if needed.
+    Include openssl-compat.h before checking ifdefs.
+    
+    Fixes problem where unsuitable chacha20 code in libressl would be used
+    unintentionally.
 
-commit d500b59a825f6a58f2abf7b04eb1992d81e45d58
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Nov 1 13:42:12 2019 +1100
+commit 931c50c5883a9910ea1ae9a371e4e815ec56b035
+Author: Damien Miller <djm@mindrot.org>
+Date:   Mon Apr 6 10:04:56 2020 +1000
 
-    Check if IP_TOS is defined before using.
+    fix inverted test for LibreSSL version
 
-commit 764d51e04460ec0da12e05e4777bc90c116accb9
-Author: Damien Miller <djm@mindrot.org>
-Date:   Fri Nov 1 13:34:49 2019 +1100
+commit d1d5f728511e2338b7c994968d301d8723012264
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Sat Apr 4 23:04:41 2020 +0000
 
-    autoconf pieces for U2F support
+    upstream: Indicate if we're using a cached key in trace output.
     
-    Mostly following existing logic for PKCS#11 - turning off support
-    when either libcrypto or dlopen(3) are unavailable.
+    OpenBSD-Regress-ID: 409a7b0e59d1272890fda507651c0c3d2d3c0d89
 
-commit 45f17a159acfc5a8e450bfbcc2cffe72950ed7a3
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Nov 1 02:32:05 2019 +0000
+commit a398251a4627367c78bc483c70c2ec973223f82c
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Sun Apr 5 08:43:57 2020 +1000
 
-    upstream: remove duplicate PUBKEY_DEFAULT_PK_ALG on !WITH_OPENSSL path
+    Use /usr/bin/xp4g/id if necessary.
     
-    OpenBSD-Commit-ID: 95a7cafad2a4665d57cabacc28031fabc0bea9fc
+    Solaris' native "id" doesn't support the options we use but the one
+    in /usr/bin/xp4g does, so use that instead.
 
-commit db8d13f7925da7337df87248995c533e111637ec
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Nov 1 02:06:52 2019 +0000
+commit db0fdd48335b5b01114f78c1a73a195235910f81
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Sat Apr 4 22:14:26 2020 +0000
 
-    upstream: more additional source files
+    upstream: Some platforms don't have "hostname -s", so use cut to trim
+    
+    short hostname instead.
     
-    OpenBSD-Regress-ID: 8eaa25fb901594aee23b76eda99dca5b8db94c6f
+    OpenBSD-Regress-ID: ebcf36a6fdf287c9336b0d4f6fc9f793c05307a7
 
-commit f89c5df65dd307739ff22319c2cf847d3b0c5ab4
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Nov 1 02:04:25 2019 +0000
+commit e7e59a9cc8eb7fd5944ded28f4d7e3ae0a5fdecd
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Apr 3 07:53:10 2020 +0000
 
-    upstream: additional source files here too
+    upstream: Compute hash locally and re-enable %C tests.
     
-    OpenBSD-Regress-ID: 8809f8e1c8f7459e7096ab6b58d8e56cb2f483fd
+    OpenBSD-Regress-ID: 94d1366e8105274858b88a1f9ad2e62801e49770
 
-commit 02275afa1ecbfbd39f27d34c97090e76bec232ec
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Nov 1 02:03:27 2019 +0000
+commit abe2b245b3ac6c4801e99bc0f13289cd28211e22
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Apr 3 17:25:46 2020 +1100
 
-    upstream: additional source files here too
-    
-    OpenBSD-Regress-ID: 09297e484327f911fd353489518cceaa0c1b95ce
+    prefer libcrypto chacha20-poly1305 where possible
 
-commit dfc8f01b9886c7999e6e20acf3f7492cb8c80796
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Nov 1 01:57:59 2019 +0000
+commit bc5c5d01ad668981f9e554e62195383bc12e8528
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Apr 3 05:43:11 2020 +0000
 
-    upstream: adapt to extra sshkey_sign() argument and additional
+    upstream: Temporarily remove tests for '%C' since the hash contains the
     
-    dependencies
+    local hostname and it doesn't work on any machine except mine... spotted by
+    djm@
     
-    OpenBSD-Regress-ID: 7a25604968486c4d6f81d06e8fbc7d17519de50e
+    OpenBSD-Regress-ID: 2d4c3585b9fcbbff14f4a5a5fde51dbd0d690401
 
-commit afa59e26eeb44a93f36f043f60b936eaddae77c4
+commit 81624026989654955a657ebf2a1fe8b9994f3c87
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Nov 1 01:55:41 2019 +0000
+Date:   Fri Apr 3 06:07:57 2020 +0000
 
-    upstream: skip security-key key types for tests until we have a
-    
-    dummy U2F middleware to use.
+    upstream: r1.522 deleted one too many lines; repair
     
-    OpenBSD-Regress-ID: 37200462b44334a4ad45e6a1f7ad1bd717521a95
+    OpenBSD-Commit-ID: 1af8851fd7a99e4a887b19aa8f4c41a6b3d25477
 
-commit de871e4daf346a712c78fa4ab8f18b231a47cb85
+commit 668cb3585ce829bd6e34d4a962c489bda1d16370
 Author: jmc@openbsd.org <jmc@openbsd.org>
-Date:   Fri Nov 1 00:52:35 2019 +0000
+Date:   Fri Apr 3 05:53:52 2020 +0000
 
-    upstream: sort;
+    upstream: sort -N and add it to usage();
     
-    OpenBSD-Commit-ID: 8264b0be01ec5a60602bd50fd49cc3c81162ea16
+    OpenBSD-Commit-ID: 5b00e8db37c2b0a54c7831fed9e5f4db53ada332
 
-commit 2aae149a34b1b5dfbef423d3b7999a96818969bb
+commit 338ccee1e7fefa47f3d128c2541e94c5270abe0c
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Thu Oct 31 21:37:33 2019 +0000
+Date:   Fri Apr 3 05:48:57 2020 +0000
 
-    upstream: undo debugging bits that shouldn't have been committed
+    upstream: avoid another compiler warning spotted in -portable
     
-    OpenBSD-Commit-ID: 4bd5551b306df55379afe17d841207990eb773bf
-
-commit 3420e0464bd0e8fedcfa5fd20ad37bdc740ad5b4
-Author: Damien Miller <djm@mindrot.org>
-Date:   Fri Nov 1 09:24:58 2019 +1100
-
-    depend
+    OpenBSD-Commit-ID: 1d29c51ac844b287c4c8bcaf04c63c7d9ba3b8c7
 
-commit b923a90abc7bccb11a513dc8b5c0f13a0ea9682c
+commit 9f8a42340bd9af86a99cf554dc39ecdf89287544
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Thu Oct 31 21:28:27 2019 +0000
+Date:   Fri Apr 3 04:07:48 2020 +0000
 
-    upstream: fix -Wshadow warning
+    upstream: this needs utf8.c too
     
-    OpenBSD-Commit-ID: 3441eb04f872a00c2483c11a5f1570dfe775103c
+    OpenBSD-Regress-ID: 445040036cec714d28069a20da25553a04a28451
 
-commit 9a14c64c38fc14d0029f1c7bc70cf62cc7f0fdf9
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Thu Oct 31 21:23:19 2019 +0000
+commit 92115ea7c3a834374720c350841fc729e7d5c8b2
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Apr 3 03:14:03 2020 +0000
 
-    upstream: Refactor signing - use sshkey_sign for everything,
-    
-    including the new U2F signatures.
-    
-    Don't use sshsk_ecdsa_sign() directly, instead make it reachable via
-    sshkey_sign() like all other signature operations. This means that
-    we need to add a provider argument to sshkey_sign(), so most of this
-    change is mechanically adding that.
-    
-    Suggested by / ok markus@
+    upstream: Add percent_expand test for 'Match Exec'.
     
-    OpenBSD-Commit-ID: d5193a03fcfa895085d91b2b83d984a9fde76c8c
+    OpenBSD-Regress-ID: a41c14fd6a0b54d66aa1e9eebfb9ec962b41232f
 
-commit 07da39f71d36fb547749a5b16aa8892e621a7e4a
+commit de34a440276ae855c38deb20f926d46752c62c9d
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Thu Oct 31 21:22:01 2019 +0000
+Date:   Fri Apr 3 04:43:24 2020 +0000
 
-    upstream: ssh-agent support for U2F/FIDO keys
+    upstream: fix format string (use %llu for uint64, not %lld). spotted by
     
-    feedback & ok markus@
+    Darren and his tinderbox tests
     
-    OpenBSD-Commit-ID: bb544a44bc32e45d2ec8bf652db2046f38360acb
+    OpenBSD-Commit-ID: 3b4587c3d9d46a7be9bdf028704201943fba96c2
 
-commit eebec620c9519c4839d781c4d5b6082152998f82
+commit 9cd40b829a5295cc81fbea8c7d632b2478db6274
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Thu Oct 31 21:20:38 2019 +0000
+Date:   Fri Apr 3 04:34:15 2020 +0000
 
-    upstream: ssh AddKeysToAgent support for U2F/FIDO keys
+    upstream: Add a flag to re-enable verbose output when in batch
     
-    feedback & ok markus@
+    mode; requested in bz3135; ok dtucker
     
-    OpenBSD-Commit-ID: ac08e45c7f995fa71f8d661b3f582e38cc0a2f91
+    OpenBSD-Commit-ID: 5ad2ed0e6440562ba9c84b666a5bbddc1afe2e2b
 
-commit 486164d060314a7f8bca2a00f53be9e900c5e74d
+commit 6ce51a5da5d333a44e7c74c027f3571f70c39b24
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Thu Oct 31 21:19:56 2019 +0000
+Date:   Fri Apr 3 04:32:21 2020 +0000
 
-    upstream: ssh-add support for U2F/FIDO keys
+    upstream: chacha20-poly1305 AEAD using libcrypto EVP_chacha20
+    
+    Based on patch from Yuriy M. Kaminskiy. ok + lots of assistance along the
+    way at a2k20 tb@
     
-    OpenBSD-Commit-ID: 7f88a5181c982687afedf3130c6ab2bba60f7644
+    OpenBSD-Commit-ID: 5e08754c13d31258bae6c5e318cc96219d6b10f0
 
-commit b9dd14d3091e31fb836f69873d3aa622eb7b4a1c
+commit eba523f0a130f1cce829e6aecdcefa841f526a1a
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Thu Oct 31 21:19:14 2019 +0000
+Date:   Fri Apr 3 04:27:03 2020 +0000
 
-    upstream: add new agent key constraint for U2F/FIDO provider
+    upstream: make Chacha20-POLY1305 context struct opaque; ok tb@ as
     
-    feedback & ok markus@
+    part of a larger diff at a2k20
     
-    OpenBSD-Commit-ID: d880c380170704280b4003860a1744d286c7a172
+    OpenBSD-Commit-ID: a4609b7263284f95c9417ef60ed7cdbb7bf52cfd
 
-commit 884416bdb10468f1252e4d7c13d51b43dccba7f6
+commit ebd29e90129cf18fedfcfe1de86e324228669295
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Thu Oct 31 21:18:28 2019 +0000
+Date:   Fri Apr 3 04:06:26 2020 +0000
 
-    upstream: ssh client support for U2F/FIDO keys
+    upstream: fix debug statement
     
-    OpenBSD-Commit-ID: eb2cfa6cf7419a1895e06e398ea6d41516c5b0bc
+    OpenBSD-Commit-ID: 42c6edeeda5ce88b51a20d88c93be3729ce6b916
 
-commit 01a0670f69c5b86e471e033b92145d6c7cc77c58
+commit 7b4d8999f2e1a0cb7b065e3efa83e6edccfc7d82
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Thu Oct 31 21:17:49 2019 +0000
+Date:   Fri Apr 3 04:03:51 2020 +0000
 
-    upstream: Separate myproposal.h userauth pubkey types
+    upstream: the tunnel-forwarding vs ExitOnForwardFailure fix that I
     
-    U2F/FIDO keys are not supported for host authentication, so we need
-    a separate list for user keys.
+    committed earlier had an off-by-one. Fix this and add some debugging that
+    would have made it apparent sooner.
     
-    feedback & ok markus@
+    OpenBSD-Commit-ID: 082f8f72b1423bd81bbdad750925b906e5ac6910
+
+commit eece243666d44ceb710d004624c5c7bdc05454bc
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Apr 3 03:12:11 2020 +0000
+
+    upstream: %C expansion just added to Match Exec should include
+    
+    remote user not local user.
     
-    OpenBSD-Commit-ID: 7fe2e6ab85f9f2338866e5af8ca2d312abbf0429
+    OpenBSD-Commit-ID: 80f1d976938f2a55ee350c11d8b796836c8397e2
 
-commit 23f38c2d8cda3fad24e214e1f0133c42435b54ee
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Thu Oct 31 21:17:09 2019 +0000
+commit d5318a784d016478fc8da90a38d9062c51c10432
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Apr 3 02:33:31 2020 +0000
 
-    upstream: ssh-keygen support for generating U2F/FIDO keys
+    upstream: Add regression test for percent expansions where possible.
     
-    OpenBSD-Commit-ID: 6ce04f2b497ac9dd8c327f76f1e6c724fb1d1b37
+    OpenBSD-Regress-ID: 7283be8b2733ac1cbefea3048a23d02594485288
 
-commit ed3467c1e16b7396ff7fcf12d2769261512935ec
+commit 663e84bb53de2a60e56a44d538d25b8152b5c1cc
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Thu Oct 31 21:16:20 2019 +0000
+Date:   Fri Apr 3 02:40:32 2020 +0000
 
-    upstream: U2F/FIDO middleware interface
-    
-    Supports enrolling (generating) keys and signatures.
+    upstream: make failures when establishing "Tunnel" forwarding terminate
     
-    feedback & ok markus@
+    the connection when ExitOnForwardFailure is enabled; bz3116; ok dtucker
     
-    OpenBSD-Commit-ID: 73d1dd5939454f9c7bd840f48236cba41e8ad592
+    OpenBSD-Commit-ID: ef4b4808de0a419c17579b1081da768625c1d735
 
-commit 02bb0768a937e50bbb236efc2bbdddb1991b1c85
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Thu Oct 31 21:15:14 2019 +0000
+commit ed833da176611a39d3376d62154eb88eb440d31c
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Apr 3 02:27:12 2020 +0000
 
-    upstream: Initial infrastructure for U2F/FIDO support
+    upstream: Make with config keywords support which
     
-    Key library support: including allocation, marshalling public/private
-    keys and certificates, signature validation.
+    percent_expansions more consistent.  - %C is moved into its own function and
+    added to Match Exec.  - move the common (global) options into a macro.  This
+    is ugly but it's    the least-ugly way I could come up with.  - move
+    IdentityAgent and ForwardAgent percent expansion to before the    config dump
+    to make it regression-testable.  - document all of the above
     
-    feedback & ok markus@
+    ok jmc@ for man page bits, "makes things less terrible" djm@ for the rest.
     
-    OpenBSD-Commit-ID: a17615ba15e0f7932ac4360cb18fc9a9544e68c7
+    OpenBSD-Commit-ID: 4b65664bd6d8ae2a9afaf1a2438ddd1b614b1d75
 
-commit 57ecc10628b04c384cbba2fbc87d38b74cd1199d
+commit 6ec7457171468da2bbd908b8cd63d298b0e049ea
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Thu Oct 31 21:14:17 2019 +0000
-
-    upstream: Protocol documentation for U2F/FIDO keys in OpenSSH
-    
-    OpenBSD-Commit-ID: 8f3247317c2909870593aeb306dff848bc427915
-
-commit f4fdcd2b7a2bbf5d8770d44565173ca5158d4dcb
-Author: Damien Miller <djm@mindrot.org>
-Date:   Fri Nov 1 08:36:16 2019 +1100
-
-    Missing unit test files
-
-commit 1bcd1169c5221688418fa38606e9c69055b72451
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Tue Oct 29 19:45:03 2019 +1100
-
-    Add implementation of localtime_r.
-
-commit 2046ed16c1202431b0307674c33a123a113e8297
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Tue Oct 29 07:47:27 2019 +0000
+Date:   Fri Apr 3 02:26:56 2020 +0000
 
-    upstream: Signal handler cleanup: remove leftover support for
+    upstream: give ssh-keygen the ability to dump the contents of a
     
-    unreliable signals and now-unneeded save and restore of errno.  ok deraadt@
-    markus@
+    binary key revocation list: ssh-keygen -lQf /path bz#3132; ok dtucker
     
-    OpenBSD-Commit-ID: 01dd8a1ebdd991c8629ba1f5237283341a93cd88
+    OpenBSD-Commit-ID: b76afc4e3b74ab735dbde4e5f0cfa1f02356033b
 
-commit 70fc9a6ca4dd33cb2dd400a4dad5db9683a3d284
-Author: jmc@openbsd.org <jmc@openbsd.org>
-Date:   Tue Oct 22 08:50:35 2019 +0000
+commit af628b8a6c3ef403644d83d205c80ff188c97f0c
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Apr 3 02:25:21 2020 +0000
 
-    upstream: fixes from lucas;
+    upstream: add allocating variant of the safe utf8 printer; ok
     
-    OpenBSD-Commit-ID: 4c4bfd2806c5bbc753788ffe19c5ee13aaf418b2
+    dtucker as part of a larger diff
+    
+    OpenBSD-Commit-ID: 037e2965bd50eacc2ffb49889ecae41552744fa0
 
-commit 702368aa4381c3b482368257ac574a87b5a80938
+commit d8ac9af645f5519ac5211e9e1e4dc1ed00e9cced
 Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Tue Oct 22 07:06:35 2019 +0000
+Date:   Mon Mar 16 02:17:02 2020 +0000
 
-    upstream: Import regenerated moduli file.
+    upstream: Cast lifetime to u_long for comparison to prevent unsigned
     
-    OpenBSD-Commit-ID: 58ec755be4e51978ecfee73539090eb68652a987
-
-commit 5fe81da22652f8caa63e9e3a1af519a85d36337e
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Mon Oct 28 21:19:47 2019 +1100
-
-    Fix ifdefs to not mask needed bits.
-
-commit 7694e9d2fb5785bbdd0920dce7a160bd79feaf00
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Mon Oct 28 17:05:36 2019 +1100
-
-    Only use RLIMIT_NOFILE if it's defined.
-
-commit d561b0b2fa2531b4cc3bc70a7d657c6485c9fd0b
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Mon Oct 28 16:09:04 2019 +1100
-
-    Make sure we have struct statfs before using.
-
-commit 2912596aecfcf48e5115c7a906d1e664f7717a4b
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Mon Oct 28 16:06:59 2019 +1100
-
-    Define UINT32_MAX if needed.
-
-commit 7169e31121e8c8cc729b55154deb722ae495b316
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Mon Oct 28 16:00:45 2019 +1100
-
-    Move utimensat definition into timespec section.
+    comparison warning on 32bit arches.  Spotted by deraadt, ok djm.
     
-    Since utimensat uses struct timespec, move it to the section where we
-    define struct timespec when needed.
-
-commit 850ec1773d656cbff44d78a79e369dc262ce5853
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Mon Oct 28 15:57:22 2019 +1100
-
-    Wrap OpenSSL bits in WITH_OPENSSL.
+    OpenBSD-Commit-ID: 7a75b2540bff5ab4fa00b4d595db1df13bb0515a
 
-commit 6fc7e1c6fec3ba589869ae98e968c0e5e2e4695b
+commit 0eaca933ae08b0a515edfccd5cc4a6b667034813
 Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Mon Oct 28 15:53:25 2019 +1100
+Date:   Sat Mar 14 20:58:46 2020 +1100
 
-    Wrap poll.h includes in HAVE_POLL_H.
+    Include fido.h when checking for fido/credman.h.
+    
+    It's required for fido_dev_t, otherwise configure fails with
+    when given --with-security-key-builtin.
 
-commit 9239a18f96905cc1a353e861e33af093652f24e7
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Thu Oct 24 14:39:49 2019 +1100
+commit c7c099060f82ffe6a36d8785ecf6052e12fd92f0
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Mar 13 03:18:45 2020 +0000
 
-    Add a function call stackprotector tests.
+    upstream: some more speeling mistakes from
     
-    Including a function call in the test programs for the gcc stack
-    protector flag tests exercises more of the compiler and makes it more
-    likely it'll detect problems.
+    OpenBSD-Regress-ID: 02471c079805471c546b7a69d9ab1d34e9a57443
 
-commit b9705393be4612fd5e29d0cd8e7cf2b66ed19eb7
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Tue Oct 22 18:09:22 2019 +1100
+commit 1d89232a4aa97fe935cd60b8d24d75c2f70d56c5
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Mar 13 04:16:27 2020 +0000
 
-    Import regenerated moduli file.
+    upstream: improve error messages for some common PKCS#11 C_Login
+    
+    failure cases; based on patch from Jacob Hoffman-Andrews in bz3130; ok
+    dtucker
+    
+    OpenBSD-Commit-ID: b8b849621b4a98e468942efd0a1c519c12ce089e
 
-commit 76ed2199491397e0f9902ade80d5271e4a9b2630
+commit 5becbec023f2037394987f85ed7f74b9a28699e0
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Oct 16 06:05:39 2019 +0000
+Date:   Fri Mar 13 04:01:56 2020 +0000
 
-    upstream: potential NULL dereference for revoked hostkeys; reported
+    upstream: use sshpkt_fatal() for kex_exchange_identification()
     
-    by krishnaiah bommu
+    errors. This ensures that the logged errors are consistent with other
+    transport- layer errors and that the relevant IP addresses are logged. bz3129
+    ok dtucker@
     
-    OpenBSD-Commit-ID: 35ff685e7cc9dd2e3fe2e3dfcdcb9bc5c79f6506
+    OpenBSD-Commit-ID: 2c22891f0b9e1a6cd46771cedbb26ac96ec2e6ab
 
-commit 6500c3bc71bf4fe14972c1177e6b93f1164d07a4
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Oct 16 06:03:30 2019 +0000
+commit eef88418f9e5e51910af3c5b23b5606ebc17af55
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Mar 13 03:24:49 2020 +0000
 
-    upstream: free buf before return; reported by krishnaiah bommu
+    upstream: Don't clear alarm timers in listening sshd. Previously
+    
+    these timers were used for regenerating the SSH1 ephemeral host keys but
+    those are now gone so there's no need to clear the timers either.  ok
+    deraadt@
     
-    OpenBSD-Commit-ID: 091bb23a6e913af5d4f72c50030b53ce1cef4de1
+    OpenBSD-Commit-ID: 280d2b885e4a1ce404632e8cc38fcb17be7dafc0
 
-commit d7d116b6d9e6cb79cc235e9801caa683d3db3181
+commit d081f017c20a3564255873ed99fd7d024cac540f
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Oct 14 06:00:02 2019 +0000
+Date:   Fri Mar 13 03:17:07 2020 +0000
 
-    upstream: memleak in error path; spotted by oss-fuzz, ok markus@
+    upstream: spelling errors in comments; no code change from
     
-    OpenBSD-Commit-ID: d6ed260cbbc297ab157ad63931802fb1ef7a4266
+    OpenBSD-Commit-ID: 166ea64f6d84f7bac5636dbd38968592cb5eb924
 
-commit 9b9e3ca6945351eefb821ff783a4a8e6d9b98b9a
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Oct 11 14:12:16 2019 +1100
+commit c084a2d040f160bc2b83f13297e3e3ca3f5dbac6
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Mar 13 03:12:17 2020 +0000
 
-    Re-add SA_RESTART to mysignal.
+    upstream: when downloading FIDO2 resident keys from a token, don't
     
-    This makes mysignal implement reliable BSD semantics according to
-    Stevens' APUE.  This was first attempted in 2001 but was reverted
-    due to problems with HP-UX 10.20 and select() and possibly grantpt().
-    Modern systems should be fine with it, but if any current platforms have
-    a problem with it now we can disable it just for those.  ok djm@
-
-commit 0bd312a362168c1eae3cd6b3889395a78e6fd0f8
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Thu Oct 10 09:42:03 2019 +1100
-
-    Fix ifdef typo for declaration of memmem.
+    prompt for a PIN until the token has told us that it needs one. Avoids
+    double-prompting on devices that implement on-device authentication (e.g. a
+    touchscreen PIN pad on the Trezor Model T). ok dtucker@
     
-    Fixes build on IRIX.  bz#3081.
-
-commit 01ce1cd402d5eecde2bba35b67e08f5b266b37fd
-Author: Abhishek Arya <inferno@chromium.org>
-Date:   Tue Oct 8 20:19:18 2019 -0700
-
-    Update README.md
+    OpenBSD-Commit-ID: 38b78903dd4422d7d3204095a31692fb69130817
 
-commit 1ba130ac8fb2884307f658126f04578f8aef409e
+commit 955c4cf4c6a1417c28d4e1040702c4d9bf63645b
 Author: Damien Miller <djm@mindrot.org>
-Date:   Wed Oct 9 13:49:35 2019 +1100
+Date:   Fri Mar 13 14:30:16 2020 +1100
 
-    add a fuzzer for private key parsing
+    sync fnmatch.c with upstream to fix another typo
 
-commit cdf1d0a9f5d18535e0a18ff34860e81a6d83aa5c
+commit 397f217e8640e75bb719a8e87111b4bd848fb3df
 Author: Damien Miller <djm@mindrot.org>
-Date:   Wed Oct 9 11:31:03 2019 +1100
+Date:   Fri Mar 13 14:24:23 2020 +1100
 
-    prepare for 8.1 release
+    another spelling error in comment
 
-commit 3b4e56d740b74324e2d7542957cad5a11518f455
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Oct 9 00:04:57 2019 +0000
+commit def31bc5427579ec3f7f2ce99f2da1338fdc0c9f
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Mar 13 14:23:07 2020 +1100
 
-    upstream: openssh-8.1
+    spelling mistakes
     
-    OpenBSD-Commit-ID: 3356bb34e2aa287f0e6d6773c9ae659dc680147d
+    from https://fossies.org/linux/misc/openssh-8.2p1.tar.gz/codespell.html
 
-commit 29e0ecd9b4eb3b9f305e2240351f0c59cad9ef81
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Oct 9 00:04:42 2019 +0000
+commit 8bdc3bb7cf4c82c3344cfcb82495a43406e87e83
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Fri Mar 6 18:29:54 2020 +0000
 
-    upstream: fix an unreachable integer overflow similar to the XMSS
-    
-    case, and some other NULL dereferences found by fuzzing.
-    
-    fix with and ok markus@
+    upstream: fix relative includes in sshd_config; ok djm
     
-    OpenBSD-Commit-ID: 0f81adbb95ef887ce586953e1cb225fa45c7a47b
+    OpenBSD-Commit-ID: fa29b0da3c93cbc3a1d4c6bcd58af43c00ffeb5b
 
-commit a546b17bbaeb12beac4c9aeed56f74a42b18a93a
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Oct 9 00:02:57 2019 +0000
+commit e32ef97a56ae03febfe307688858badae3a70e5a
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Fri Mar 6 18:29:14 2020 +0000
 
-    upstream: fix integer overflow in XMSS private key parsing.
-    
-    Reported by Adam Zabrocki via SecuriTeam's SSH program.
-    
-    Note that this code is experimental and not compiled by default.
-    
-    ok markus@
+    upstream: fix use-after-free in do_download_sk; ok djm
     
-    OpenBSD-Commit-ID: cd0361896d15e8a1bac495ac583ff065ffca2be1
+    OpenBSD-Commit-ID: 96b49623d297797d4fc069f1f09e13c8811f8863
 
-commit c2cc25480ba36ab48c1a577bebb12493865aad87
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Tue Oct 8 22:40:39 2019 +0000
+commit 5732d58020309364bf31fa125354e399361006db
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Fri Mar 6 18:28:50 2020 +0000
 
-    upstream: Correct type for end-of-list sentinel; fixes initializer
-    
-    warnings on some platforms.  ok deraadt.
+    upstream: do not leak oprincipals; ok djm
     
-    OpenBSD-Commit-ID: a990dbc2dac25bdfa07e79321349c73fd991efa2
+    OpenBSD-Commit-ID: 4691d9387eab36f8fda48f5d8009756ed13a7c4c
 
-commit e827aedf8818e75c0016b47ed8fc231427457c43
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Oct 7 23:10:38 2019 +0000
+commit 8fae395f34c2c52cdaf9919aa261d1848b4bb00b
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Fri Mar 6 18:28:27 2020 +0000
 
-    upstream: reversed test yielded incorrect debug message
+    upstream: initialize seconds for debug message; ok djm
     
-    OpenBSD-Commit-ID: 78bb512d04cfc238adb2c5b7504ac93eecf523b3
-
-commit 8ca491d29fbe26e5909ce22b344c0a848dc28d55
-Author: Damien Miller <djm@mindrot.org>
-Date:   Tue Oct 8 17:05:57 2019 +1100
-
-    depend
+    OpenBSD-Commit-ID: 293fbefe6d00b4812a180ba02e26170e4c855b81
 
-commit 86a0323374cbd404629e75bb320b3fa1c16aaa6b
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Wed Oct 9 09:36:06 2019 +1100
+commit 46e5c4c8ffcd1569bcd5d04803abaa2ecf3e4cff
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Fri Mar 6 18:27:50 2020 +0000
 
-    Make MAKE_CLONE no-op macro more correct.
+    upstream: correct return code; ok djm
     
-    Similar to the previous change to DEF_WEAK, some compilers don't like
-    the empty statement, so convert into a no-op function prototype.
+    OpenBSD-Commit-ID: 319d09e3b7f4b2bc920c67244d9ff6426b744810
 
-commit cfc1897a2002ec6c4dc879b24e8b3153c87ea2cf
-Author: Damien Miller <djm@mindrot.org>
-Date:   Wed Oct 9 09:06:35 2019 +1100
+commit 31c39e7840893f1bfdcbe4f813b20d1d7e69ec3e
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Fri Mar 6 18:27:15 2020 +0000
 
-    wrap stdint.h include in HAVE_STDINT_H
-    
-    make the indenting a little more consistent too..
+    upstream: principalsp is optional, pubkey required; ok djm
     
-    Fixes Solaris 2.6; reported by Tom G. Christensen
+    OpenBSD-Commit-ID: 2cc3ea5018c28ed97edaccd7f17d2cc796f01024
 
-commit 13b3369830a43b89a503915216a23816d1b25744
-Author: Damien Miller <djm@mindrot.org>
-Date:   Tue Oct 8 15:32:02 2019 +1100
+commit e26a31757c5df2f58687cb9a4853d1418f39728e
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Fri Mar 6 18:26:21 2020 +0000
 
-    avoid "return (value)" in void-declared function
+    upstream: remove unused variables in ssh-pkcs11-helper; ok djm
     
-    spotted by Tim Rice; ok dtucker
+    OpenBSD-Commit-ID: 13e572846d0d1b28f1251ddd2165e9cf18135ae1
 
-commit 0c7f8d2326d812b371f7afd63aff846973ec80a4
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Tue Oct 8 14:44:50 2019 +1100
+commit 1b378c0d982d6ab522eda634b0e88cf1fca5e352
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Fri Mar 6 18:25:48 2020 +0000
 
-    Make DEF_WEAK more likely to be correct.
+    upstream: return correct error in sshsk_ed25519_sig; ok djm
     
-    Completely nop-ing out DEF_WEAK leaves an empty statemment which some
-    compilers don't like.  Replace with a no-op function template.  ok djm@
+    OpenBSD-Commit-ID: 52bf733df220303c260fee4f165ec64b4a977625
 
-commit b1e79ea8fae9c252399677a28707661d85c7d00c
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Sun Oct 6 11:49:50 2019 +0000
+commit fbff605e637b068061ab6784ff03e3874890c092
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Fri Mar 6 18:25:12 2020 +0000
 
-    upstream: Instead of running sed over the whole log to remove CRs,
+    upstream: fix possible null-deref in check_key_not_revoked; ok
     
-    remove them only where it's needed (and confuses test(1) on at least OS X in
-    portable).
+    djm
     
-    OpenBSD-Regress-ID: a6ab9b4bd1d33770feaf01b2dfb96f9e4189d2d0
+    OpenBSD-Commit-ID: 80855e9d7af42bb6fcc16c074ba69876bfe5e3bf
 
-commit 8dc7d6b75a7f746fdd056acd41dffc0a13557a4c
-Author: Eduardo Barretto <ebarretto@linux.vnet.ibm.com>
-Date:   Tue May 9 13:33:30 2017 -0300
+commit bc30b446841fc16e50ed6e75c56ccfbd37b9f281
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Fri Mar 6 18:24:39 2020 +0000
 
-    Enable specific ioctl call for EP11 crypto card (s390)
+    upstream: ssh_fetch_identitylist() returns the return value from
     
-    The EP11 crypto card needs to make an ioctl call, which receives an
-    specific argument. This crypto card is for s390 only.
+    ssh_request_reply() so we should also check against != 0 ok djm
     
-    Signed-off-by: Eduardo Barretto <ebarretto@linux.vnet.ibm.com>
+    OpenBSD-Commit-ID: 28d0028769d03e665688c61bb5fd943e18614952
 
-commit 07f2c7f34951c04d2cd796ac6c80e47c56c4969e
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Oct 4 04:31:59 2019 +0000
+commit 7b4f70ddeb59f35283d77d8d9c834ca58f8cf436
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Fri Mar 6 18:23:17 2020 +0000
 
-    upstream: fix memory leak in error path; bz#3074 patch from
-    
-    krishnaiah.bommu@intel.com, ok dtucker
+    upstream: sshkey_cert_check_authority requires reason to be set;
     
-    OpenBSD-Commit-ID: d031853f3ecf47b35a0669588f4d9d8e3b307b3c
-
-commit b7fbc75e119170f4d15c94a7fda4a1050e0871d6
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Oct 4 04:13:39 2019 +0000
-
-    upstream: space
+    ok djm
     
-    OpenBSD-Commit-ID: 350648bcf00a2454e7ef998b7d88e42552b348ac
+    OpenBSD-Commit-ID: 6f7a6f19540ed5749763c2f9530c0897c94aa552
 
-commit 643ab68c79ac1644f4a31e36928c2bfc8a51db3c
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Oct 4 03:39:19 2019 +0000
+commit 05efe270df1e925db0af56a806d18b5063db4b6d
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Fri Mar 6 18:21:28 2020 +0000
 
-    upstream: more sshsig regress tests: check key revocation, the
-    
-    check-novalidate signature test mode and signing keys in ssh-agent.
+    upstream: passphrase depends on kdfname, not ciphername (possible
     
-    From Sebastian Kinne (slightly tweaked)
+    null-deref); ok djm
     
-    OpenBSD-Regress-ID: b39566f5cec70140674658cdcedf38752a52e2e2
+    OpenBSD-Commit-ID: 0d39668edf5e790b5837df4926ee1141cec5471c
 
-commit 714031a10bbe378a395a93cf1040f4ee1451f45f
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Oct 4 03:26:58 2019 +0000
+commit 1ddf5682f3992bdacd29164891abb71a19c2cf61
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Fri Mar 6 18:20:44 2020 +0000
 
-    upstream: Check for gmtime failure in moduli generation. Based on
-    
-    patch from krishnaiah.bommu@intel.com, ok djm@
+    upstream: consistently check packet_timeout_ms against 0; ok djm
     
-    OpenBSD-Commit-ID: 4c6a4cde0022188ac83737de08da0e875704eeaa
+    OpenBSD-Commit-ID: e8fb8cb2c96c980f075069302534eaf830929928
 
-commit 6918974405cc28ed977f802fd97a9c9a9b2e141b
-Author: jmc@openbsd.org <jmc@openbsd.org>
-Date:   Thu Oct 3 17:07:50 2019 +0000
+commit 31f1ee54968ad84eb32375e4412e0318766b586b
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Fri Mar 6 18:20:02 2020 +0000
 
-    upstream: use a more common options order in SYNOPSIS and sync
-    
-    usage(); while here, no need for Bk/Ek;
+    upstream: initialize cname in case ai_canonname is NULL or too
     
-    ok dtucker
+    long; ok djm
     
-    OpenBSD-Commit-ID: 38715c3f10b166f599a2283eb7bc14860211bb90
+    OpenBSD-Commit-ID: c27984636fdb1035d1642283664193e91aab6e37
 
-commit feff96b7d4c0b99307f0459cbff128aede4a8984
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Oct 2 09:50:50 2019 +0000
+commit a6134b02b5264b2611c8beae98bb392329452bba
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Fri Mar 6 18:19:21 2020 +0000
 
-    upstream: thinko in previous; spotted by Mantas
-    
-    =?UTF-8?q?=20Mikul=C4=97nas?=
-    MIME-Version: 1.0
-    Content-Type: text/plain; charset=UTF-8
-    Content-Transfer-Encoding: 8bit
+    upstream: fix uninitialized pointers for forward_cancel; ok djm
     
-    OpenBSD-Commit-ID: ffa3f5a45e09752fc47d9041e2203ee2ec15b24d
+    OpenBSD-Commit-ID: 612778e6d87ee865d0ba97d0a335f141cee1aa37
 
-commit b5a89eec410967d6b712665f8cf0cb632928d74b
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Oct 2 08:07:13 2019 +0000
+commit 16d4f9961c75680aab374dee762a5baa0ad507af
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Fri Mar 6 18:16:21 2020 +0000
 
-    upstream: make signature format match PROTOCO
-    
-    =?UTF-8?q?=20as=20a=20string,=20not=20raw=20bytes.=20Spotted=20by=20Manta?=
-    =?UTF-8?q?s=20Mikul=C4=97nas?=
-    MIME-Version: 1.0
-    Content-Type: text/plain; charset=UTF-8
-    Content-Transfer-Encoding: 8bit
+    upstream: exit on parse failures in input_service_request; ok djm
     
-    OpenBSD-Commit-ID: 80fcc6d52893f80c6de2bedd65353cebfebcfa8f
+    OpenBSD-Commit-ID: 6a7e1bfded26051d5aa893c030229b1ee6a0d5d2
 
-commit dc6f81ee94995deb11bbf7e19801022c5f6fd90a
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Oct 2 08:05:50 2019 +0000
+commit 5f25afe5216ba7f8921e04f79aa4ca0624eca820
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Fri Mar 6 18:15:38 2020 +0000
 
-    upstream: ban empty namespace strings for s
-    
-    =?UTF-8?q?shsig;=20spotted=20by=20Mantas=20Mikul=C4=97nas?=
-    MIME-Version: 1.0
-    Content-Type: text/plain; charset=UTF-8
-    Content-Transfer-Encoding: 8bit
+    upstream: fix null-deref on calloc failure; ok djm
     
-    OpenBSD-Commit-ID: 7c5bcf40bed8f4e826230176f4aa353c52aeb698
+    OpenBSD-Commit-ID: a313519579b392076b7831ec022dfdefbec8724a
 
-commit fa5bd8107e0e2b3e1e184f55d0f9320c119f65f0
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Wed Oct 2 14:30:55 2019 +1000
+commit ff2acca039aef16a15fce409163df404858f7aa5
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Fri Mar 6 18:15:04 2020 +0000
 
-    Put ssherr.h back as it's actually needed.
+    upstream: exit if ssh_krl_revoke_key_sha256 fails; ok djm
+    
+    OpenBSD-Commit-ID: 0864ad4fe8bf28ab21fd1df766e0365c11bbc0dc
 
-commit 3ef92a657444f172b61f92d5da66d94fa8265602
-Author: Lonnie Abelbeck <lonnie@abelbeck.com>
-Date:   Tue Oct 1 09:05:09 2019 -0500
+commit 31c860a0212af2d5b6a129e3e8fcead51392ee1d
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Fri Mar 6 18:14:13 2020 +0000
 
-    Deny (non-fatal) shmget/shmat/shmdt in preauth privsep child.
+    upstream: pkcs11_register_provider: return < 0 on error; ok djm
     
-    New wait_random_seeded() function on OpenSSL 1.1.1d uses shmget, shmat, and shmdt
-    in the preauth codepath, deny (non-fatal) in seccomp_filter sandbox.
+    OpenBSD-Commit-ID: cfc8321315b787e4d40da4bdb2cbabd4154b0d97
 
-commit edd1d3a6261aecbf9a55944fd7be1db83571b46e
-Author: Damien Miller <djm@mindrot.org>
-Date:   Wed Oct 2 10:54:28 2019 +1000
+commit 15be29e1e3318737b0768ca37d5b4a3fbe868ef0
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Fri Mar 6 18:13:29 2020 +0000
 
-    remove duplicate #includes
+    upstream: sshsig: return correct error, fix null-deref; ok djm
     
-    Prompted by Jakub Jelen
+    OpenBSD-Commit-ID: 1d1af7cd538b8b23e621cf7ab84f11e7a923edcd
 
-commit 13c508dfed9f25e6e54c984ad00a74ef08539e70
-Author: Damien Miller <djm@mindrot.org>
-Date:   Wed Oct 2 10:51:15 2019 +1000
+commit 6fb6f186cb62a6370fba476b6a03478a1e95c30d
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Fri Mar 6 18:12:55 2020 +0000
 
-    typo in comment
+    upstream: vasnmprintf allocates str and returns -1; ok djm
+    
+    OpenBSD-Commit-ID: dae4c9e83d88471bf3b3f89e3da7a107b44df11c
 
-commit d0c3ac427f6c52b872d6617421421dd791664445
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Oct 2 00:42:30 2019 +0000
+commit 714e1cbca17daa13f4f98978cf9e0695d4b2e0a4
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Fri Mar 6 18:11:10 2020 +0000
 
-    upstream: remove some duplicate #includes
+    upstream: sshpkt_fatal() does not return; ok djm
     
-    OpenBSD-Commit-ID: ed6827ab921eff8027669848ef4f70dc1da4098c
+    OpenBSD-Commit-ID: 7dfe847e28bd78208eb227b37f29f4a2a0929929
 
-commit 084682786d9275552ee93857cb36e43c446ce92c
+commit 9b47bd7b09d191991ad9e0506bb66b74bbc93d34
 Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Oct 1 10:22:53 2019 +0000
+Date:   Fri Feb 28 01:07:28 2020 +0000
 
-    upstream: revert unconditional forced login implemented in r1.41 of
-    
-    ssh-pkcs11.c; r1.45 added a forced login as a fallback for cases where the
-    token returns no objects and this is less disruptive for users of tokens
-    directly in ssh (rather than via ssh-agent) and in ssh-keygen
+    upstream: no-touch-required certificate option should be an
     
-    bz3006, patch from Jakub Jelen; ok markus
+    extension, not a critical option.
     
-    OpenBSD-Commit-ID: 33d6df589b072094384631ff93b1030103b3d02e
+    OpenBSD-Commit-ID: 626b22c5feb7be8a645e4b9a9bef89893b88600d
 
-commit 6c91d42cce3f055917dc3fd2c305dfc5b3b584b3
-Author: jmc@openbsd.org <jmc@openbsd.org>
-Date:   Sun Sep 29 16:31:57 2019 +0000
+commit dd992520bed35387fc010239abe1bdc0c2665e38
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Feb 28 01:06:05 2020 +0000
 
-    upstream: group and sort single letter options; ok deraadt
+    upstream: better error message when trying to use a FIDO key
+    
+    function and SecurityKeyProvider is empty
     
-    OpenBSD-Commit-ID: e1480e760a2b582f79696cdcff70098e23fc603f
+    OpenBSD-Commit-ID: e56602c2ee8c82f835d30e4dc8ee2e4a7896be24
 
-commit 3b44bf39ff4d7ef5d50861e2e9dda62d2926d2fe
-Author: jmc@openbsd.org <jmc@openbsd.org>
-Date:   Fri Sep 27 20:03:24 2019 +0000
+commit b81e66dbe0345aef4717911abcb4f589fff33a0a
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Thu Feb 27 02:32:37 2020 +0000
 
-    upstream: fix the DH-GEX text in -a; because this required a comma,
+    upstream: Drop leading space from line count that was confusing
     
-    i added a comma to the first part, for balance...
+    ssh-keygen's screen mode.
     
-    OpenBSD-Commit-ID: 2c3464e9e82a41e8cdfe8f0a16d94266e43dbb58
+    OpenBSD-Commit-ID: 3bcae7a754db3fc5ad3cab63dd46774edb35b8ae
 
-commit 3e53ef28fab53094e3b19622ba0e9c3d5fe71273
-Author: deraadt@openbsd.org <deraadt@openbsd.org>
-Date:   Tue Sep 24 12:50:46 2019 +0000
+commit d5ba1c03278eb079438bb038266d80d7477d49cb
+Author: jsg@openbsd.org <jsg@openbsd.org>
+Date:   Wed Feb 26 13:40:09 2020 +0000
 
-    upstream: identity_file[] should be PATH_MAX, not the arbitrary
+    upstream: change explicit_bzero();free() to freezero()
     
-    number 1024
+    While freezero() returns early if the pointer is NULL the tests for
+    NULL in callers are left to avoid warnings about passing an
+    uninitialised size argument across a function boundry.
     
-    OpenBSD-Commit-ID: e775f94ad47ce9ab37bd1410d7cf3b7ea98b11b7
-
-commit 90d4b2541e8c907793233d9cbd4963f7624f4174
-Author: jmc@openbsd.org <jmc@openbsd.org>
-Date:   Fri Sep 20 18:50:58 2019 +0000
-
-    upstream: new sentence, new line;
+    ok deraadt@ djm@
     
-    OpenBSD-Commit-ID: c35ca5ec07be460e95e7406af12eee04a77b6698
+    OpenBSD-Commit-ID: 2660fa334fcc7cd05ec74dd99cb036f9ade6384a
 
-commit fbec7dba01b70b49ac47f56031310865dff86200
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Mon Sep 30 18:01:12 2019 +1000
+commit 9e3220b585c5be19a7431ea4ff8884c137b3a81c
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Wed Feb 26 11:46:51 2020 +0000
 
-    Include stdio.h for snprintf.
+    upstream: Have sftp reject "-1" in the same way as ssh(1) and
     
-    Patch from vapier@gentoo.org.
-
-commit 0a403bfde71c4b82147473298d3a60b4171468bd
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Mon Sep 30 14:11:42 2019 +1000
-
-    Add SKIP_LTESTS for skipping specific tests.
+    scp(1) do instead of accepting and silently ignoring it since protocol 1
+    support has been removed.  Spotted by shivakumar2696 at gmail.com, ok
+    deraadt@
+    
+    OpenBSD-Commit-ID: b79f95559a1c993214f4ec9ae3c34caa87e9d5de
 
-commit 4d59f7a5169c451ebf559aedec031ac9da2bf80c
+commit ade8e67bb0f07b12e5e47e7baeafbdc898de639f
 Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Sep 27 05:25:12 2019 +0000
+Date:   Wed Feb 26 01:31:47 2020 +0000
 
-    upstream: Test for empty result in expected bits. Remove CRs from log
-    
-    as they confuse tools on some platforms.  Re-enable the 3des-cbc test.
+    upstream: Remove obsolete XXX comment. ok deraadt@
     
-    OpenBSD-Regress-ID: edf536d4f29fc1ba412889b37247a47f1b49d250
+    OpenBSD-Commit-ID: bc462cc843947feea26a2e21c750b3a7469ff01b
 
-commit 7c817d129e2d48fc8a6f7965339313023ec45765
-Author: Darren Tucker <dtucker@dtucker.net>
-Date:   Fri Sep 27 15:26:22 2019 +1000
+commit 7eb903f51eba051d7f65790bab92a28970ac1ccc
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Mon Feb 24 04:27:58 2020 +0000
 
-    Re-enable dhgex test.
+    upstream: Fix typo. Patch from itoama at live.jp via github PR#173.
     
-    Since we've added larger fallback groups to dh.c this test will pass
-    even if there is no moduli file installed on the system.
+    OpenBSD-Commit-ID: 5cdaafab38bbdea0d07e24777d00bfe6f972568a
diff --git a/INSTALL b/INSTALL
index dddd912c5da2..b6e53ab6c088 100644
--- a/INSTALL
+++ b/INSTALL
@@ -197,11 +197,6 @@ it if lastlog is installed in a different place.
 --with-osfsia, --without-osfsia will enable or disable OSF1's Security
 Integration Architecture.  The default for OSF1 machines is enable.
 
---with-md5-passwords will enable the use of MD5 passwords. Enable this
-if your operating system uses MD5 passwords and the system crypt() does
-not support them directly (see the crypt(3/3c) man page). If enabled, the
-resulting binary will support both MD5 and traditional crypt passwords.
-
 --with-utmpx enables utmpx support. utmpx support is automatic for
 some platforms.
 
diff --git a/LICENCE b/LICENCE
index 5999c5e9d50d..77ef57699712 100644
--- a/LICENCE
+++ b/LICENCE
@@ -210,22 +210,14 @@ OpenSSH contains no GPL code.
 
 8) Portable OpenSSH contains the following additional licenses:
 
-    a) md5crypt.c, md5crypt.h
-
-	 * "THE BEER-WARE LICENSE" (Revision 42):
-	 * <phk@login.dknet.dk> wrote this file.  As long as you retain this
-	 * notice you can do whatever you want with this stuff. If we meet
-	 * some day, and you think this stuff is worth it, you can buy me a
-	 * beer in return.   Poul-Henning Kamp
-
-    b) snprintf replacement
+    a) snprintf replacement
 
 	* Copyright Patrick Powell 1995
 	* This code is based on code written by Patrick Powell
 	* (papowell@astart.com) It may be used for any purpose as long as this
 	* notice remains intact on all source code distributions
 
-    c) Compatibility code (openbsd-compat)
+    b) Compatibility code (openbsd-compat)
 
        Apart from the previously mentioned licenses, various pieces of code
        in the openbsd-compat/ subdirectory are licensed as follows:
@@ -314,8 +306,8 @@ OpenSSH contains no GPL code.
 	* authorization.                                                           *
 	****************************************************************************/
 
-       The Blowfish cipher implementation is licensed by Niels Provis under
-       a 4-clause BSD license:
+       The Blowfish cipher implementation is licensed by Niels Provos under
+       a 3-clause BSD license:
 
          * Blowfish - a fast block cipher designed by Bruce Schneier
          *
@@ -330,10 +322,7 @@ OpenSSH contains no GPL code.
          * 2. Redistributions in binary form must reproduce the above copyright
          *    notice, this list of conditions and the following disclaimer in the
          *    documentation and/or other materials provided with the distribution.
-         * 3. All advertising materials mentioning features or use of this software
-         *    must display the following acknowledgement:
-         *      This product includes software developed by Niels Provos.
-         * 4. The name of the author may not be used to endorse or promote products
+         * 3. The name of the author may not be used to endorse or promote products
          *    derived from this software without specific prior written permission.
          *
          * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
diff --git a/Makefile.in b/Makefile.in
index b0293841a4f2..065bf91e3fcc 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -17,6 +17,7 @@ piddir=@piddir@
 srcdir=@srcdir@
 top_srcdir=@top_srcdir@
 abs_top_srcdir=@abs_top_srcdir@
+abs_top_builddir=@abs_top_builddir@
 
 DESTDIR=
 VPATH=@srcdir@
@@ -30,6 +31,7 @@ PRIVSEP_PATH=@PRIVSEP_PATH@
 SSH_PRIVSEP_USER=@SSH_PRIVSEP_USER@
 STRIP_OPT=@STRIP_OPT@
 TEST_SHELL=@TEST_SHELL@
+BUILDDIR=@abs_top_builddir@
 
 PATHS= -DSSHDIR=\"$(sysconfdir)\" \
 	-D_PATH_SSH_PROGRAM=\"$(SSH_PROGRAM)\" \
@@ -125,7 +127,7 @@ SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o \
 	auth2-none.o auth2-passwd.o auth2-pubkey.o \
 	monitor.o monitor_wrap.o auth-krb5.o \
 	auth2-gss.o gss-serv.o gss-serv-krb5.o \
-	loginrec.o auth-pam.o auth-shadow.o auth-sia.o md5crypt.o \
+	loginrec.o auth-pam.o auth-shadow.o auth-sia.o \
 	srclimit.o sftp-server.o sftp-common.o \
 	sandbox-null.o sandbox-rlimit.o sandbox-systrace.o sandbox-darwin.o \
 	sandbox-seccomp-filter.o sandbox-capsicum.o sandbox-pledge.o \
@@ -333,6 +335,9 @@ distclean:	regressclean
 	rm -f regress/unittests/sshsig/test_sshsig
 	rm -f regress/unittests/utf8/*.o
 	rm -f regress/unittests/utf8/test_utf8
+	rm -f regress/misc/sk-dummy/*.o
+	rm -f regress/misc/sk-dummy/*.lo
+	rm -f regress/misc/sk-dummy/sk-dummy.so
 	(cd openbsd-compat && $(MAKE) distclean)
 	if test -d pkg ; then \
 		rm -fr pkg ; \
@@ -651,7 +656,8 @@ UNITTESTS_TEST_MISC_OBJS=\
 	regress/unittests/misc/test_expand.o \
 	regress/unittests/misc/test_convtime.o \
 	regress/unittests/misc/test_argv.o \
-	regress/unittests/misc/test_strdelim.o
+	regress/unittests/misc/test_strdelim.o \
+	regress/unittests/misc/test_hpdelim.o
 
 regress/unittests/misc/test_misc$(EXEEXT): \
     ${UNITTESTS_TEST_MISC_OBJS} \
@@ -710,46 +716,43 @@ tests:	file-tests t-exec interop-tests unit
 	echo all tests passed
 
 unit: regress-unit-binaries
-	BUILDDIR=`pwd`; \
 	cd $(srcdir)/regress || exit $$?; \
 	$(MAKE) \
-		.OBJDIR="$${BUILDDIR}/regress" \
-		.CURDIR="`pwd`" \
-		OBJ="$${BUILDDIR}/regress" \
+		.CURDIR="$(abs_top_srcdir)/regress" \
+		.OBJDIR="$(BUILDDIR)/regress" \
+		OBJ="$(BUILDDIR)/regress" \
 		$@ && echo $@ tests passed
 
 interop-tests t-exec file-tests: regress-prep regress-binaries $(TARGETS)
-	BUILDDIR=`pwd`; \
 	cd $(srcdir)/regress || exit $$?; \
 	EGREP='@EGREP@' \
 	$(MAKE) \
-		.OBJDIR="$${BUILDDIR}/regress" \
-		.CURDIR="`pwd`" \
-		BUILDDIR="$${BUILDDIR}" \
-		OBJ="$${BUILDDIR}/regress/" \
-		PATH="$${BUILDDIR}:$${PATH}" \
+		.CURDIR="$(abs_top_srcdir)/regress" \
+		.OBJDIR="$(BUILDDIR)/regress" \
+		BUILDDIR="$(BUILDDIR)" \
+		OBJ="$(BUILDDIR)/regress" \
+		PATH="$(BUILDDIR):$${PATH}" \
 		TEST_ENV=MALLOC_OPTIONS="@TEST_MALLOC_OPTIONS@" \
 		TEST_MALLOC_OPTIONS="@TEST_MALLOC_OPTIONS@" \
-		TEST_SSH_SCP="$${BUILDDIR}/scp" \
-		TEST_SSH_SSH="$${BUILDDIR}/ssh" \
-		TEST_SSH_SSHD="$${BUILDDIR}/sshd" \
-		TEST_SSH_SSHAGENT="$${BUILDDIR}/ssh-agent" \
-		TEST_SSH_SSHADD="$${BUILDDIR}/ssh-add" \
-		TEST_SSH_SSHKEYGEN="$${BUILDDIR}/ssh-keygen" \
-		TEST_SSH_SSHPKCS11HELPER="$${BUILDDIR}/ssh-pkcs11-helper" \
-		TEST_SSH_SSHKEYSCAN="$${BUILDDIR}/ssh-keyscan" \
-		TEST_SSH_SFTP="$${BUILDDIR}/sftp" \
-		TEST_SSH_PKCS11_HELPER="$${BUILDDIR}/ssh-pkcs11-helper" \
-		TEST_SSH_SK_HELPER="$${BUILDDIR}/ssh-sk-helper" \
-		TEST_SSH_SFTPSERVER="$${BUILDDIR}/sftp-server" \
+		TEST_SSH_SCP="$(BUILDDIR)/scp" \
+		TEST_SSH_SSH="$(BUILDDIR)/ssh" \
+		TEST_SSH_SSHD="$(BUILDDIR)/sshd" \
+		TEST_SSH_SSHAGENT="$(BUILDDIR)/ssh-agent" \
+		TEST_SSH_SSHADD="$(BUILDDIR)/ssh-add" \
+		TEST_SSH_SSHKEYGEN="$(BUILDDIR)/ssh-keygen" \
+		TEST_SSH_SSHPKCS11HELPER="$(BUILDDIR)/ssh-pkcs11-helper" \
+		TEST_SSH_SSHKEYSCAN="$(BUILDDIR)/ssh-keyscan" \
+		TEST_SSH_SFTP="$(BUILDDIR)/sftp" \
+		TEST_SSH_PKCS11_HELPER="$(BUILDDIR)/ssh-pkcs11-helper" \
+		TEST_SSH_SK_HELPER="$(BUILDDIR)/ssh-sk-helper" \
+		TEST_SSH_SFTPSERVER="$(BUILDDIR)/sftp-server" \
 		TEST_SSH_MODULI_FILE="$(abs_top_srcdir)/moduli" \
 		TEST_SSH_PLINK="plink" \
 		TEST_SSH_PUTTYGEN="puttygen" \
 		TEST_SSH_CONCH="conch" \
 		TEST_SSH_IPV6="@TEST_SSH_IPV6@" \
 		TEST_SSH_UTF8="@TEST_SSH_UTF8@" \
-		TEST_SSH_ECC="@TEST_SSH_ECC@" \
-		TEST_SHELL="${TEST_SHELL}" \
+		TEST_SHELL="$(TEST_SHELL)" \
 		EXEEXT="$(EXEEXT)" \
 		$@ && echo all $@ passed
 
diff --git a/PROTOCOL b/PROTOCOL
index 3141cda6fa37..e6a7d60eef0b 100644
--- a/PROTOCOL
+++ b/PROTOCOL
@@ -342,9 +342,41 @@ signal to a session attached to a channel. OpenSSH supports one
 extension signal "INFO@openssh.com" that allows sending SIGINFO on
 BSD-derived systems.
 
-3. SFTP protocol changes
+3. Authentication protocol changes
 
-3.1. sftp: Reversal of arguments to SSH_FXP_SYMLINK
+3.1. Host-bound public key authentication
+
+This is trivial change to the traditional "publickey" authentication
+method. The authentication request is identical to the original method
+but for the name and one additional field:
+
+	byte		SSH2_MSG_USERAUTH_REQUEST
+	string		username
+	string		"ssh-connection"
+	string		"publickey-hostbound-v00@openssh.com"
+	bool		has_signature
+	string		pkalg
+	string		public key
+	string		server host key
+
+Because the entire SSH2_MSG_USERAUTH_REQUEST message is included in
+the signed data, this ensures that a binding between the destination
+user, the server identity and the session identifier is visible to the
+signer. OpenSSH uses this binding via signed data to implement per-key
+restrictions in ssh-agent.
+
+A server may advertise this method using the SSH2_MSG_EXT_INFO
+mechanism (RFC8308), with the following message:
+
+	string		"publickey-hostbound@openssh.com"
+	string		"0" (version)
+
+Clients should prefer host-bound authentication when advertised by
+server.
+
+4. SFTP protocol changes
+
+4.1. sftp: Reversal of arguments to SSH_FXP_SYMLINK
 
 When OpenSSH's sftp-server was implemented, the order of the arguments
 to the SSH_FXP_SYMLINK method was inadvertently reversed. Unfortunately,
@@ -357,7 +389,7 @@ SSH_FXP_SYMLINK as follows:
 	string		targetpath
 	string		linkpath
 
-3.2. sftp: Server extension announcement in SSH_FXP_VERSION
+4.2. sftp: Server extension announcement in SSH_FXP_VERSION
 
 OpenSSH's sftp-server lists the extensions it supports using the
 standard extension announcement mechanism in the SSH_FXP_VERSION server
@@ -378,7 +410,7 @@ ever changed in an incompatible way. The server MAY advertise the same
 extension with multiple versions (though this is unlikely). Clients MUST
 check the version number before attempting to use the extension.
 
-3.3. sftp: Extension request "posix-rename@openssh.com"
+4.3. sftp: Extension request "posix-rename@openssh.com"
 
 This operation provides a rename operation with POSIX semantics, which
 are different to those provided by the standard SSH_FXP_RENAME in
@@ -395,7 +427,7 @@ rename(oldpath, newpath) and will respond with a SSH_FXP_STATUS message.
 This extension is advertised in the SSH_FXP_VERSION hello with version
 "1".
 
-3.4. sftp: Extension requests "statvfs@openssh.com" and
+4.4. sftp: Extension requests "statvfs@openssh.com" and
          "fstatvfs@openssh.com"
 
 These requests correspond to the statvfs and fstatvfs POSIX system
@@ -436,7 +468,7 @@ The values of the f_flag bitmask are as follows:
 Both the "statvfs@openssh.com" and "fstatvfs@openssh.com" extensions are
 advertised in the SSH_FXP_VERSION hello with version "2".
 
-3.5. sftp: Extension request "hardlink@openssh.com"
+4.5. sftp: Extension request "hardlink@openssh.com"
 
 This request is for creating a hard link to a regular file. This
 request is implemented as a SSH_FXP_EXTENDED request with the
@@ -452,7 +484,7 @@ link(oldpath, newpath) and will respond with a SSH_FXP_STATUS message.
 This extension is advertised in the SSH_FXP_VERSION hello with version
 "1".
 
-3.6. sftp: Extension request "fsync@openssh.com"
+4.6. sftp: Extension request "fsync@openssh.com"
 
 This request asks the server to call fsync(2) on an open file handle.
 
@@ -466,7 +498,7 @@ respond with a SSH_FXP_STATUS message.
 This extension is advertised in the SSH_FXP_VERSION hello with version
 "1".
 
-3.7. sftp: Extension request "lsetstat@openssh.com"
+4.7. sftp: Extension request "lsetstat@openssh.com"
 
 This request is like the "setstat" command, but sets file attributes on
 symlinks.  It is implemented as a SSH_FXP_EXTENDED request with the
@@ -482,7 +514,7 @@ See the "setstat" command for more details.
 This extension is advertised in the SSH_FXP_VERSION hello with version
 "1".
 
-3.8. sftp: Extension request "limits@openssh.com"
+4.8. sftp: Extension request "limits@openssh.com"
 
 This request is used to determine various limits the server might impose.
 Clients should not attempt to exceed these limits as the server might sever
@@ -525,7 +557,7 @@ limits.
 This extension is advertised in the SSH_FXP_VERSION hello with version
 "1".
 
-3.9. sftp: Extension request "expand-path@openssh.com"
+4.9. sftp: Extension request "expand-path@openssh.com"
 
 This request supports canonicalisation of relative paths and
 those that need tilde-expansion, i.e. "~", "~/..." and "~user/..."
@@ -544,9 +576,9 @@ Its reply is the same format as that of SSH2_FXP_REALPATH.
 This extension is advertised in the SSH_FXP_VERSION hello with version
 "1".
 
-4. Miscellaneous changes
+5. Miscellaneous changes
 
-4.1 Public key format
+5.1 Public key format
 
 OpenSSH public keys, as generated by ssh-keygen(1) and appearing in
 authorized_keys files, are formatted as a single line of text consisting
@@ -557,22 +589,27 @@ section 6.6 for RSA and DSA keys, RFC5656 section 3.1 for ECDSA keys
 and the "New public key formats" section of PROTOCOL.certkeys for the
 OpenSSH certificate formats.
 
-4.2 Private key format
+5.2 Private key format
 
 OpenSSH private keys, as generated by ssh-keygen(1) use the format
 described in PROTOCOL.key by default. As a legacy option, PEM format
 (RFC7468) private keys are also supported for RSA, DSA and ECDSA keys
 and were the default format before OpenSSH 7.8.
 
-4.3 KRL format
+5.3 KRL format
 
 OpenSSH supports a compact format for Key Revocation Lists (KRLs). This
 format is described in the PROTOCOL.krl file.
 
-4.4 Connection multiplexing
+5.4 Connection multiplexing
 
 OpenSSH's connection multiplexing uses messages as described in
 PROTOCOL.mux over a Unix domain socket for communications between a
 master instance and later clients.
 
-$OpenBSD: PROTOCOL,v 1.42 2021/08/09 23:47:44 djm Exp $
+5.5. Agent protocol extensions
+
+OpenSSH extends the usual agent protocol. These changes are documented
+in the PROTOCOL.agent file.
+
+$OpenBSD: PROTOCOL,v 1.43 2021/12/19 22:15:42 djm Exp $
diff --git a/PROTOCOL.agent b/PROTOCOL.agent
index ed47146a30ee..67302c34495e 100644
--- a/PROTOCOL.agent
+++ b/PROTOCOL.agent
@@ -1,5 +1,84 @@
-This file used to contain a description of the SSH agent protocol
-implemented by OpenSSH. It has since been superseded by
+The SSH agent protocol is described in
 https://tools.ietf.org/html/draft-miller-ssh-agent-04
 
-$OpenBSD: PROTOCOL.agent,v 1.14 2020/10/06 07:12:04 dtucker Exp $
+This file document's OpenSSH's extensions to the agent protocol.
+
+1. session-bind@openssh.com extension
+
+This extension allows a ssh client to bind an agent connection to a
+particular SSH session identifier as derived from the initial key
+exchange (as per RFC4253 section 7.2) and the host key used for that
+exchange. This binding is verifiable at the agent by including the
+initial KEX signature made by the host key.
+
+The message format is:
+
+	byte		SSH_AGENTC_EXTENSION (0x1b)
+	string		session-bind@openssh.com
+	string		hostkey
+	string		session identifier
+	string		signature
+	bool		is_forwarding
+
+Where 'hostkey' is the encoded server host public key, 'session
+identifier' is the exchange hash derived from the initial key
+exchange, 'signature' is the server's signature of the session
+identifier using the private hostkey, as sent in the final
+SSH2_MSG_KEXDH_REPLY/SSH2_MSG_KEXECDH_REPLY message of the initial key
+exchange. 'is_forwarding' is a flag indicating whether this connection
+should be bound for user authentication or forwarding.
+
+When an agent received this message, it will verify the signature and
+check the consistency of its contents, including refusing to accept
+a duplicate session identifier, or any attempt to bind a connection
+previously bound for authentication. It will then then record the
+binding for the life of the connection for use later in testing per-key
+destination constraints.
+
+2. restrict-destination-v00@openssh.com key constraint extension
+
+The key constraint extension supports destination- and forwarding path-
+restricted keys. It may be attached as a constraint when keys or
+smartcard keys are added to an agent.
+
+	byte		SSH_AGENT_CONSTRAIN_EXTENSION (0xff)
+	string		restrict-destination-v00@openssh.com
+	constraint[]	constraints
+
+Where a constraint consists of:
+
+	string		from_username (must be empty)
+	string		from_hostname
+	keyspec[]	from_hostkeys
+	string		to_username
+	string		to_hostname
+	keyspec[]	to_hostkeys
+
+An a keyspec consists of:
+
+	string		keyblob
+	bool		is_ca
+
+When receiving this message, the agent will ensure that the
+'from_username' field is empty, and that 'to_hostname' and 'to_hostkeys'
+have been supplied (empty 'from_hostname' and 'from_hostkeys' are valid
+and signify the initial hop from the host running ssh-agent). The agent
+will then record the constraint against the key.
+
+Subsequent operations on this key including add/remove/request
+identities and, in particular, signature requests will check the key
+constraints against the session-bind@openssh.com bindings recorded for
+the agent connection over which they were received.
+
+3. SSH_AGENT_CONSTRAIN_MAXSIGN key constraint
+
+This key constraint allows communication to an agent of the maximum
+number of signatures that may be made with an XMSS key. The format of
+the constraint is:
+
+	byte		SSH_AGENT_CONSTRAIN_MAXSIGN (0x03)
+	uint32		max_signatures
+
+This option is only valid for XMSS keys.
+
+$OpenBSD: PROTOCOL.agent,v 1.16 2022/01/01 01:55:30 jsg Exp $
diff --git a/PROTOCOL.mux b/PROTOCOL.mux
index 5fc4c06b9660..5a3dd5fe04d7 100644
--- a/PROTOCOL.mux
+++ b/PROTOCOL.mux
@@ -15,7 +15,7 @@ Most messages from the client to the server contain a "request id"
 field. This field is returned in replies as "client request id" to
 facilitate matching of responses to requests.
 
-Many muliplexing (mux) client requests yield immediate responses from
+Many multiplexing (mux) client requests yield immediate responses from
 the mux process; requesting a forwarding, performing an alive check or
 requesting the master terminate itself fall in to this category.
 
@@ -216,7 +216,7 @@ MUX_S_FAILURE.
 
 9. Requesting proxy mode
 
-A client may request that the the control connection be placed in proxy
+A client may request that the control connection be placed in proxy
 mode:
 
 	uint32	MUX_C_PROXY
@@ -295,4 +295,4 @@ XXX session inspection via master
 XXX signals via mux request
 XXX list active connections via mux
 
-$OpenBSD: PROTOCOL.mux,v 1.12 2020/03/13 03:17:07 djm Exp $
+$OpenBSD: PROTOCOL.mux,v 1.13 2022/01/01 01:55:30 jsg Exp $
diff --git a/README b/README
index 329aaeda2ea9..a088ff8dca32 100644
--- a/README
+++ b/README
@@ -1,4 +1,4 @@
-See https://www.openssh.com/releasenotes.html#8.8p1 for the release notes.
+See https://www.openssh.com/releasenotes.html#8.9p1 for the release notes.
 
 Please read https://www.openssh.com/report.html for bug reporting
 instructions and note that we do not use Github for bug reporting or
diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 000000000000..ba436c4f176d
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,5 @@
+# Reporting OpenSSH Security Issues
+
+To report security issues in OpenSSH, please refer to our website
+[OpenSSH Security](https://www.openssh.com/security.html).
+
diff --git a/addr.c b/addr.c
index ba0fad4e9eb0..1ad10ae0fdf7 100644
--- a/addr.c
+++ b/addr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: addr.c,v 1.1 2021/01/09 11:58:50 dtucker Exp $ */
+/* $OpenBSD: addr.c,v 1.4 2021/10/22 10:51:57 dtucker Exp $ */
 
 /*
  * Copyright (c) 2004-2008 Damien Miller <djm@mindrot.org>
@@ -244,7 +244,7 @@ addr_cmp(const struct xaddr *a, const struct xaddr *b)
 		if (a->v4.s_addr == b->v4.s_addr)
 			return 0;
 		return (ntohl(a->v4.s_addr) > ntohl(b->v4.s_addr) ? 1 : -1);
-	case AF_INET6:;
+	case AF_INET6:
 		/*
 		 * Do this a byte at a time to avoid the above issue and
 		 * any endian problems
@@ -268,7 +268,7 @@ addr_is_all0s(const struct xaddr *a)
 	switch (a->af) {
 	case AF_INET:
 		return (a->v4.s_addr == 0 ? 0 : -1);
-	case AF_INET6:;
+	case AF_INET6:
 		for (i = 0; i < 4; i++)
 			if (a->addr32[i] != 0)
 				return -1;
@@ -281,7 +281,7 @@ addr_is_all0s(const struct xaddr *a)
 /*
  * Test whether host portion of address 'a', as determined by 'masklen'
  * is all zeros.
- * Returns 0 on if host portion of address is all-zeros,
+ * Returns 0 if host portion of address is all-zeros,
  * -1 if not all zeros or on failure.
  */
 int
@@ -298,7 +298,7 @@ addr_host_is_all0s(const struct xaddr *a, u_int masklen)
 }
 
 /*
- * Parse string address 'p' into 'n'
+ * Parse string address 'p' into 'n'.
  * Returns 0 on success, -1 on failure.
  */
 int
@@ -312,8 +312,13 @@ addr_pton(const char *p, struct xaddr *n)
 	if (p == NULL || getaddrinfo(p, NULL, &hints, &ai) != 0)
 		return -1;
 
-	if (ai == NULL || ai->ai_addr == NULL)
+	if (ai == NULL)
+		return -1;
+
+	if (ai->ai_addr == NULL) {
+		freeaddrinfo(ai);
 		return -1;
+	}
 
 	if (n != NULL && addr_sa_to_xaddr(ai->ai_addr, ai->ai_addrlen,
 	    n) == -1) {
@@ -336,12 +341,19 @@ addr_sa_pton(const char *h, const char *s, struct sockaddr *sa, socklen_t slen)
 	if (h == NULL || getaddrinfo(h, s, &hints, &ai) != 0)
 		return -1;
 
-	if (ai == NULL || ai->ai_addr == NULL)
+	if (ai == NULL)
 		return -1;
 
+	if (ai->ai_addr == NULL) {
+		freeaddrinfo(ai);
+		return -1;
+	}
+
 	if (sa != NULL) {
-		if (slen < ai->ai_addrlen)
+		if (slen < ai->ai_addrlen) {
+			freeaddrinfo(ai);
 			return -1;
+		}
 		memcpy(sa, &ai->ai_addr, ai->ai_addrlen);
 	}
 
@@ -357,7 +369,7 @@ addr_ntop(const struct xaddr *n, char *p, size_t len)
 
 	if (addr_xaddr_to_sa(n, _SA(&ss), &slen, 0) == -1)
 		return -1;
-	if (n == NULL || p == NULL || len == 0)
+	if (p == NULL || len == 0)
 		return -1;
 	if (getnameinfo(_SA(&ss), slen, p, len, NULL, 0,
 	    NI_NUMERICHOST) == -1)
diff --git a/atomicio.c b/atomicio.c
index e00c9f0d4e22..765073357f67 100644
--- a/atomicio.c
+++ b/atomicio.c
@@ -28,7 +28,6 @@
 
 #include "includes.h"
 
-#include <sys/param.h>
 #include <sys/uio.h>
 
 #include <errno.h>
diff --git a/auth-options.c b/auth-options.c
index 335f03238f28..7cb2a640a15b 100644
--- a/auth-options.c
+++ b/auth-options.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth-options.c,v 1.97 2021/07/24 01:55:19 djm Exp $ */
+/* $OpenBSD: auth-options.c,v 1.98 2022/02/08 08:59:12 dtucker Exp $ */
 /*
  * Copyright (c) 2018 Damien Miller <djm@mindrot.org>
  *
@@ -282,7 +282,7 @@ handle_permit(const char **optsp, int allow_bare_port,
 	}
 	cp = tmp;
 	/* validate syntax before recording it. */
-	host = hpdelim(&cp);
+	host = hpdelim2(&cp, NULL);
 	if (host == NULL || strlen(host) >= NI_MAXHOST) {
 		free(tmp);
 		free(opt);
diff --git a/auth-rhosts.c b/auth-rhosts.c
index 0bc4d424c781..cac5cd84d868 100644
--- a/auth-rhosts.c
+++ b/auth-rhosts.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth-rhosts.c,v 1.53 2020/10/18 11:32:01 djm Exp $ */
+/* $OpenBSD: auth-rhosts.c,v 1.55 2022/02/23 11:15:57 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -34,6 +34,7 @@
 #include "pathnames.h"
 #include "log.h"
 #include "misc.h"
+#include "xmalloc.h"
 #include "sshbuf.h"
 #include "sshkey.h"
 #include "servconf.h"
@@ -189,12 +190,13 @@ int
 auth_rhosts2(struct passwd *pw, const char *client_user, const char *hostname,
     const char *ipaddr)
 {
-	char buf[1024];
+	char *path = NULL;
 	struct stat st;
-	static const char *rhosts_files[] = {".shosts", ".rhosts", NULL};
+	static const char * const rhosts_files[] = {".shosts", ".rhosts", NULL};
 	u_int rhosts_file_index;
+	int r;
 
-	debug2("auth_rhosts2: clientuser %s hostname %s ipaddr %s",
+	debug2_f("clientuser %s hostname %s ipaddr %s",
 	    client_user, hostname, ipaddr);
 
 	/* Switch to the user's uid. */
@@ -208,9 +210,11 @@ auth_rhosts2(struct passwd *pw, const char *client_user, const char *hostname,
 	for (rhosts_file_index = 0; rhosts_files[rhosts_file_index];
 	    rhosts_file_index++) {
 		/* Check users .rhosts or .shosts. */
-		snprintf(buf, sizeof buf, "%.500s/%.100s",
-			 pw->pw_dir, rhosts_files[rhosts_file_index]);
-		if (stat(buf, &st) >= 0)
+		xasprintf(&path, "%s/%s",
+		    pw->pw_dir, rhosts_files[rhosts_file_index]);
+		r = stat(path, &st);
+		free(path);
+		if (r >= 0)
 			break;
 	}
 	/* Switch back to privileged uid. */
@@ -275,10 +279,12 @@ auth_rhosts2(struct passwd *pw, const char *client_user, const char *hostname,
 	for (rhosts_file_index = 0; rhosts_files[rhosts_file_index];
 	    rhosts_file_index++) {
 		/* Check users .rhosts or .shosts. */
-		snprintf(buf, sizeof buf, "%.500s/%.100s",
-			 pw->pw_dir, rhosts_files[rhosts_file_index]);
-		if (stat(buf, &st) == -1)
+		xasprintf(&path, "%s/%s",
+		    pw->pw_dir, rhosts_files[rhosts_file_index]);
+		if (stat(path, &st) == -1) {
+			free(path);
 			continue;
+		}
 
 		/*
 		 * Make sure that the file is either owned by the user or by
@@ -289,9 +295,10 @@ auth_rhosts2(struct passwd *pw, const char *client_user, const char *hostname,
 		if (options.strict_modes &&
 		    ((st.st_uid != 0 && st.st_uid != pw->pw_uid) ||
 		    (st.st_mode & 022) != 0)) {
-			logit("Rhosts authentication refused for %.100s: bad modes for %.200s",
-			    pw->pw_name, buf);
-			auth_debug_add("Bad file modes for %.200s", buf);
+			logit("Rhosts authentication refused for %.100s: "
+			    "bad modes for %.200s", pw->pw_name, path);
+			auth_debug_add("Bad file modes for %.200s", path);
+			free(path);
 			continue;
 		}
 		/*
@@ -303,10 +310,11 @@ auth_rhosts2(struct passwd *pw, const char *client_user, const char *hostname,
 		    strcmp(rhosts_files[rhosts_file_index], ".shosts") != 0)) {
 			auth_debug_add("Server has been configured to "
 			    "ignore %.100s.", rhosts_files[rhosts_file_index]);
+			free(path);
 			continue;
 		}
 		/* Check if authentication is permitted by the file. */
-		if (check_rhosts_file(buf, hostname, ipaddr,
+		if (check_rhosts_file(path, hostname, ipaddr,
 		    client_user, pw->pw_name)) {
 			auth_debug_add("Accepted by %.100s.",
 			    rhosts_files[rhosts_file_index]);
@@ -315,8 +323,10 @@ auth_rhosts2(struct passwd *pw, const char *client_user, const char *hostname,
 			auth_debug_add("Accepted host %s ip %s client_user "
 			    "%s server_user %s", hostname, ipaddr,
 			    client_user, pw->pw_name);
+			free(path);
 			return 1;
 		}
+		free(path);
 	}
 
 	/* Restore the privileged uid. */
diff --git a/auth.c b/auth.c
index 00b168b4e27a..560e8ecacde4 100644
--- a/auth.c
+++ b/auth.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth.c,v 1.153 2021/07/05 00:50:25 dtucker Exp $ */
+/* $OpenBSD: auth.c,v 1.154 2022/02/23 11:17:10 djm Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  *
@@ -709,12 +709,21 @@ auth_debug_reset(void)
 struct passwd *
 fakepw(void)
 {
+	static int done = 0;
 	static struct passwd fake;
+	const char hashchars[] = "./ABCDEFGHIJKLMNOPQRSTUVWXYZ"
+	    "abcdefghijklmnopqrstuvwxyz0123456789"; /* from bcrypt.c */
+	char *cp;
+
+	if (done)
+		return (&fake);
 
 	memset(&fake, 0, sizeof(fake));
 	fake.pw_name = "NOUSER";
-	fake.pw_passwd =
-	    "$2a$06$r3.juUaHZDlIbQaO2dS9FuYxL1W9M81R1Tc92PoSNmzvpEqLkLGrK";
+	fake.pw_passwd = xstrdup("$2a$10$"
+	    "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx");
+	for (cp = fake.pw_passwd + 7; *cp != '\0'; cp++)
+		*cp = hashchars[arc4random_uniform(sizeof(hashchars) - 1)];
 #ifdef HAVE_STRUCT_PASSWD_PW_GECOS
 	fake.pw_gecos = "NOUSER";
 #endif
@@ -725,6 +734,7 @@ fakepw(void)
 #endif
 	fake.pw_dir = "/nonexist";
 	fake.pw_shell = "/nonexist";
+	done = 1;
 
 	return (&fake);
 }
diff --git a/auth.h b/auth.h
index 43c7d3d4041d..a65d8fd02d38 100644
--- a/auth.h
+++ b/auth.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth.h,v 1.101 2020/12/22 00:12:22 djm Exp $ */
+/* $OpenBSD: auth.h,v 1.102 2021/12/19 22:12:07 djm Exp $ */
 
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
@@ -104,7 +104,8 @@ struct Authctxt {
 
 struct Authmethod {
 	char	*name;
-	int	(*userauth)(struct ssh *);
+	char	*synonym;
+	int	(*userauth)(struct ssh *, const char *);
 	int	*enabled;
 };
 
diff --git a/auth2-gss.c b/auth2-gss.c
index 60e36961ce0a..2062609d9308 100644
--- a/auth2-gss.c
+++ b/auth2-gss.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth2-gss.c,v 1.32 2021/01/27 10:15:08 djm Exp $ */
+/* $OpenBSD: auth2-gss.c,v 1.33 2021/12/19 22:12:07 djm Exp $ */
 
 /*
  * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
@@ -60,7 +60,7 @@ static int input_gssapi_errtok(int, u_int32_t, struct ssh *);
  * how to check local user kuserok and the like)
  */
 static int
-userauth_gssapi(struct ssh *ssh)
+userauth_gssapi(struct ssh *ssh, const char *method)
 {
 	Authctxt *authctxt = ssh->authctxt;
 	gss_OID_desc goid = {0, NULL};
@@ -329,6 +329,7 @@ input_gssapi_mic(int type, u_int32_t plen, struct ssh *ssh)
 
 Authmethod method_gssapi = {
 	"gssapi-with-mic",
+	NULL,
 	userauth_gssapi,
 	&options.gss_authentication
 };
diff --git a/auth2-hostbased.c b/auth2-hostbased.c
index 3a29126c37a6..36b9d2f5b0e5 100644
--- a/auth2-hostbased.c
+++ b/auth2-hostbased.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth2-hostbased.c,v 1.47 2021/07/23 03:37:52 djm Exp $ */
+/* $OpenBSD: auth2-hostbased.c,v 1.49 2022/01/06 22:01:14 djm Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  *
@@ -57,7 +57,7 @@
 extern ServerOptions options;
 
 static int
-userauth_hostbased(struct ssh *ssh)
+userauth_hostbased(struct ssh *ssh, const char *method)
 {
 	Authctxt *authctxt = ssh->authctxt;
 	struct sshbuf *b;
@@ -108,8 +108,8 @@ userauth_hostbased(struct ssh *ssh)
 		goto done;
 	}
 	if (match_pattern_list(pkalg, options.hostbased_accepted_algos, 0) != 1) {
-		logit_f("key type %s not in HostbasedAcceptedAlgorithms",
-		    sshkey_type(key));
+		logit_f("signature algorithm %s not in "
+		    "HostbasedAcceptedAlgorithms", pkalg);
 		goto done;
 	}
 	if ((r = sshkey_check_cert_sigtype(key,
@@ -132,7 +132,7 @@ userauth_hostbased(struct ssh *ssh)
 	    (r = sshbuf_put_u8(b, SSH2_MSG_USERAUTH_REQUEST)) != 0 ||
 	    (r = sshbuf_put_cstring(b, authctxt->user)) != 0 ||
 	    (r = sshbuf_put_cstring(b, authctxt->service)) != 0 ||
-	    (r = sshbuf_put_cstring(b, "hostbased")) != 0 ||
+	    (r = sshbuf_put_cstring(b, method)) != 0 ||
 	    (r = sshbuf_put_string(b, pkalg, alen)) != 0 ||
 	    (r = sshbuf_put_string(b, pkblob, blen)) != 0 ||
 	    (r = sshbuf_put_cstring(b, chost)) != 0 ||
@@ -255,6 +255,7 @@ hostbased_key_allowed(struct ssh *ssh, struct passwd *pw,
 
 Authmethod method_hostbased = {
 	"hostbased",
+	NULL,
 	userauth_hostbased,
 	&options.hostbased_authentication
 };
diff --git a/auth2-kbdint.c b/auth2-kbdint.c
index 037139d44949..ae7eca3b87f1 100644
--- a/auth2-kbdint.c
+++ b/auth2-kbdint.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth2-kbdint.c,v 1.13 2021/07/02 05:11:20 dtucker Exp $ */
+/* $OpenBSD: auth2-kbdint.c,v 1.14 2021/12/19 22:12:07 djm Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  *
@@ -44,7 +44,7 @@
 extern ServerOptions options;
 
 static int
-userauth_kbdint(struct ssh *ssh)
+userauth_kbdint(struct ssh *ssh, const char *method)
 {
 	int r, authenticated = 0;
 	char *lang, *devs;
@@ -66,6 +66,7 @@ userauth_kbdint(struct ssh *ssh)
 
 Authmethod method_kbdint = {
 	"keyboard-interactive",
+	NULL,
 	userauth_kbdint,
 	&options.kbd_interactive_authentication
 };
diff --git a/auth2-none.c b/auth2-none.c
index 02d6e341ca4c..d9f97223c92a 100644
--- a/auth2-none.c
+++ b/auth2-none.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth2-none.c,v 1.23 2020/10/18 11:32:01 djm Exp $ */
+/* $OpenBSD: auth2-none.c,v 1.24 2021/12/19 22:12:07 djm Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  *
@@ -59,7 +59,7 @@ extern ServerOptions options;
 static int none_enabled = 1;
 
 static int
-userauth_none(struct ssh *ssh)
+userauth_none(struct ssh *ssh, const char *method)
 {
 	int r;
 
@@ -73,6 +73,7 @@ userauth_none(struct ssh *ssh)
 
 Authmethod method_none = {
 	"none",
+	NULL,
 	userauth_none,
 	&none_enabled
 };
diff --git a/auth2-passwd.c b/auth2-passwd.c
index be4b8606a6c7..f8a6dbc19395 100644
--- a/auth2-passwd.c
+++ b/auth2-passwd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth2-passwd.c,v 1.19 2020/10/18 11:32:01 djm Exp $ */
+/* $OpenBSD: auth2-passwd.c,v 1.20 2021/12/19 22:12:07 djm Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  *
@@ -49,7 +49,7 @@
 extern ServerOptions options;
 
 static int
-userauth_passwd(struct ssh *ssh)
+userauth_passwd(struct ssh *ssh, const char *method)
 {
 	char *password;
 	int authenticated = 0, r;
@@ -72,6 +72,7 @@ userauth_passwd(struct ssh *ssh)
 
 Authmethod method_passwd = {
 	"password",
+	NULL,
 	userauth_passwd,
 	&options.password_authentication
 };
diff --git a/auth2-pubkey.c b/auth2-pubkey.c
index 9e32259a5ca3..9c2298fc887d 100644
--- a/auth2-pubkey.c
+++ b/auth2-pubkey.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth2-pubkey.c,v 1.109 2021/07/23 03:37:52 djm Exp $ */
+/* $OpenBSD: auth2-pubkey.c,v 1.112 2021/12/19 22:12:30 djm Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  *
@@ -67,6 +67,7 @@
 #include "authfile.h"
 #include "match.h"
 #include "ssherr.h"
+#include "kex.h"
 #include "channels.h" /* XXX for session.h */
 #include "session.h" /* XXX for child_set_env(); refactor? */
 #include "sk-api.h"
@@ -86,24 +87,39 @@ format_key(const struct sshkey *key)
 }
 
 static int
-userauth_pubkey(struct ssh *ssh)
+userauth_pubkey(struct ssh *ssh, const char *method)
 {
 	Authctxt *authctxt = ssh->authctxt;
 	struct passwd *pw = authctxt->pw;
 	struct sshbuf *b = NULL;
-	struct sshkey *key = NULL;
+	struct sshkey *key = NULL, *hostkey = NULL;
 	char *pkalg = NULL, *userstyle = NULL, *key_s = NULL, *ca_s = NULL;
 	u_char *pkblob = NULL, *sig = NULL, have_sig;
 	size_t blen, slen;
-	int r, pktype;
+	int hostbound, r, pktype;
 	int req_presence = 0, req_verify = 0, authenticated = 0;
 	struct sshauthopt *authopts = NULL;
 	struct sshkey_sig_details *sig_details = NULL;
 
+	hostbound = strcmp(method, "publickey-hostbound-v00@openssh.com") == 0;
+
 	if ((r = sshpkt_get_u8(ssh, &have_sig)) != 0 ||
 	    (r = sshpkt_get_cstring(ssh, &pkalg, NULL)) != 0 ||
 	    (r = sshpkt_get_string(ssh, &pkblob, &blen)) != 0)
-		fatal_fr(r, "parse packet");
+		fatal_fr(r, "parse %s packet", method);
+
+	/* hostbound auth includes the hostkey offered at initial KEX */
+	if (hostbound) {
+		if ((r = sshpkt_getb_froms(ssh, &b)) != 0 ||
+		    (r = sshkey_fromb(b, &hostkey)) != 0)
+			fatal_fr(r, "parse %s hostkey", method);
+		if (ssh->kex->initial_hostkey == NULL)
+			fatal_f("internal error: initial hostkey not recorded");
+		if (!sshkey_equal(hostkey, ssh->kex->initial_hostkey))
+			fatal_f("%s packet contained wrong host key", method);
+		sshbuf_free(b);
+		b = NULL;
+	}
 
 	if (log_level_get() >= SYSLOG_LEVEL_DEBUG2) {
 		char *keystring;
@@ -166,7 +182,8 @@ userauth_pubkey(struct ssh *ssh)
 		ca_s = format_key(key->cert->signature_key);
 
 	if (have_sig) {
-		debug3_f("have %s signature for %s%s%s", pkalg, key_s,
+		debug3_f("%s have %s signature for %s%s%s",
+		    method, pkalg, key_s,
 		    ca_s == NULL ? "" : " CA ", ca_s == NULL ? "" : ca_s);
 		if ((r = sshpkt_get_string(ssh, &sig, &slen)) != 0 ||
 		    (r = sshpkt_get_end(ssh)) != 0)
@@ -192,11 +209,14 @@ userauth_pubkey(struct ssh *ssh)
 		if ((r = sshbuf_put_u8(b, SSH2_MSG_USERAUTH_REQUEST)) != 0 ||
 		    (r = sshbuf_put_cstring(b, userstyle)) != 0 ||
 		    (r = sshbuf_put_cstring(b, authctxt->service)) != 0 ||
-		    (r = sshbuf_put_cstring(b, "publickey")) != 0 ||
+		    (r = sshbuf_put_cstring(b, method)) != 0 ||
 		    (r = sshbuf_put_u8(b, have_sig)) != 0 ||
 		    (r = sshbuf_put_cstring(b, pkalg)) != 0 ||
 		    (r = sshbuf_put_string(b, pkblob, blen)) != 0)
-			fatal_fr(r, "reconstruct packet");
+			fatal_fr(r, "reconstruct %s packet", method);
+		if (hostbound &&
+		    (r = sshkey_puts(ssh->kex->initial_hostkey, b)) != 0)
+			fatal_fr(r, "reconstruct %s packet", method);
 #ifdef DEBUG_PK
 		sshbuf_dump(b, stderr);
 #endif
@@ -246,7 +266,7 @@ userauth_pubkey(struct ssh *ssh)
 		}
 		auth2_record_key(authctxt, authenticated, key);
 	} else {
-		debug_f("test pkalg %s pkblob %s%s%s", pkalg, key_s,
+		debug_f("%s test pkalg %s pkblob %s%s%s", method, pkalg, key_s,
 		    ca_s == NULL ? "" : " CA ", ca_s == NULL ? "" : ca_s);
 
 		if ((r = sshpkt_get_end(ssh)) != 0)
@@ -285,6 +305,7 @@ done:
 	sshbuf_free(b);
 	sshauthopt_free(authopts);
 	sshkey_free(key);
+	sshkey_free(hostkey);
 	free(userstyle);
 	free(pkalg);
 	free(pkblob);
@@ -376,7 +397,7 @@ process_principals(struct ssh *ssh, FILE *f, const char *file,
 {
 	char loc[256], *line = NULL, *cp, *ep;
 	size_t linesize = 0;
-	u_long linenum = 0;
+	u_long linenum = 0, nonblank = 0;
 	u_int found_principal = 0;
 
 	if (authoptsp != NULL)
@@ -397,10 +418,12 @@ process_principals(struct ssh *ssh, FILE *f, const char *file,
 		if (!*cp || *cp == '\n')
 			continue;
 
+		nonblank++;
 		snprintf(loc, sizeof(loc), "%.200s:%lu", file, linenum);
 		if (check_principals_line(ssh, cp, cert, loc, authoptsp) == 0)
 			found_principal = 1;
 	}
+	debug2_f("%s: processed %lu/%lu lines", file, nonblank, linenum);
 	free(line);
 	return found_principal;
 }
@@ -719,7 +742,7 @@ check_authkeys_file(struct ssh *ssh, struct passwd *pw, FILE *f,
 	char *cp, *line = NULL, loc[256];
 	size_t linesize = 0;
 	int found_key = 0;
-	u_long linenum = 0;
+	u_long linenum = 0, nonblank = 0;
 
 	if (authoptsp != NULL)
 		*authoptsp = NULL;
@@ -735,11 +758,14 @@ check_authkeys_file(struct ssh *ssh, struct passwd *pw, FILE *f,
 		skip_space(&cp);
 		if (!*cp || *cp == '\n' || *cp == '#')
 			continue;
+
+		nonblank++;
 		snprintf(loc, sizeof(loc), "%.200s:%lu", file, linenum);
 		if (check_authkey_line(ssh, pw, key, cp, loc, authoptsp) == 0)
 			found_key = 1;
 	}
 	free(line);
+	debug2_f("%s: processed %lu/%lu lines", file, nonblank, linenum);
 	return found_key;
 }
 
@@ -1062,6 +1088,7 @@ user_key_allowed(struct ssh *ssh, struct passwd *pw, struct sshkey *key,
 
 Authmethod method_pubkey = {
 	"publickey",
+	"publickey-hostbound-v00@openssh.com",
 	userauth_pubkey,
 	&options.pubkey_authentication
 };
diff --git a/auth2.c b/auth2.c
index 84d0ed16e7e2..6c061934bf39 100644
--- a/auth2.c
+++ b/auth2.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth2.c,v 1.161 2021/04/03 06:18:40 djm Exp $ */
+/* $OpenBSD: auth2.c,v 1.164 2022/02/23 11:18:13 djm Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  *
@@ -92,6 +92,7 @@ static int input_service_request(int, u_int32_t, struct ssh *);
 static int input_userauth_request(int, u_int32_t, struct ssh *);
 
 /* helper */
+static Authmethod *authmethod_byname(const char *);
 static Authmethod *authmethod_lookup(Authctxt *, const char *);
 static char *authmethods_get(Authctxt *authctxt);
 
@@ -278,6 +279,8 @@ input_userauth_request(int type, u_int32_t seq, struct ssh *ssh)
 	if ((style = strchr(user, ':')) != NULL)
 		*style++ = 0;
 
+	if (authctxt->attempt >= 1024)
+		auth_maxtries_exceeded(ssh);
 	if (authctxt->attempt++ == 0) {
 		/* setup auth context */
 		authctxt->pw = PRIVSEP(getpwnamallow(ssh, user));
@@ -286,6 +289,7 @@ input_userauth_request(int type, u_int32_t seq, struct ssh *ssh)
 			authctxt->valid = 1;
 			debug2_f("setting up authctxt for %s", user);
 		} else {
+			authctxt->valid = 0;
 			/* Invalid user, fake password information */
 			authctxt->pw = fakepw();
 #ifdef SSH_AUDIT_EVENTS
@@ -331,7 +335,7 @@ input_userauth_request(int type, u_int32_t seq, struct ssh *ssh)
 	m = authmethod_lookup(authctxt, method);
 	if (m != NULL && authctxt->failures < options.max_authtries) {
 		debug2("input_userauth_request: try method %s", method);
-		authenticated =	m->userauth(ssh);
+		authenticated =	m->userauth(ssh, method);
 	}
 	if (!authctxt->authenticated)
 		ensure_minimum_time_since(tstart,
@@ -346,18 +350,27 @@ input_userauth_request(int type, u_int32_t seq, struct ssh *ssh)
 }
 
 void
-userauth_finish(struct ssh *ssh, int authenticated, const char *method,
+userauth_finish(struct ssh *ssh, int authenticated, const char *packet_method,
     const char *submethod)
 {
 	Authctxt *authctxt = ssh->authctxt;
+	Authmethod *m = NULL;
+	const char *method = packet_method;
 	char *methods;
 	int r, partial = 0;
 
-	if (!authctxt->valid && authenticated)
-		fatal("INTERNAL ERROR: authenticated invalid user %s",
-		    authctxt->user);
-	if (authenticated && authctxt->postponed)
-		fatal("INTERNAL ERROR: authenticated and postponed");
+	if (authenticated) {
+		if (!authctxt->valid) {
+			fatal("INTERNAL ERROR: authenticated invalid user %s",
+			    authctxt->user);
+		}
+		if (authctxt->postponed)
+			fatal("INTERNAL ERROR: authenticated and postponed");
+		/* prefer primary authmethod name to possible synonym */
+		if ((m = authmethod_byname(method)) == NULL)
+			fatal("INTERNAL ERROR: bad method %s", method);
+		method = m->name;
+	}
 
 	/* Special handling for root */
 	if (authenticated && authctxt->pw->pw_uid == 0 &&
@@ -496,23 +509,42 @@ authmethods_get(Authctxt *authctxt)
 }
 
 static Authmethod *
-authmethod_lookup(Authctxt *authctxt, const char *name)
+authmethod_byname(const char *name)
 {
 	int i;
 
-	if (name != NULL)
-		for (i = 0; authmethods[i] != NULL; i++)
-			if (authmethods[i]->enabled != NULL &&
-			    *(authmethods[i]->enabled) != 0 &&
-			    strcmp(name, authmethods[i]->name) == 0 &&
-			    auth2_method_allowed(authctxt,
-			    authmethods[i]->name, NULL))
-				return authmethods[i];
-	debug2("Unrecognized authentication method name: %s",
-	    name ? name : "NULL");
+	if (name == NULL)
+		fatal_f("NULL authentication method name");
+	for (i = 0; authmethods[i] != NULL; i++) {
+		if (strcmp(name, authmethods[i]->name) == 0 ||
+		    (authmethods[i]->synonym != NULL &&
+		    strcmp(name, authmethods[i]->synonym) == 0))
+			return authmethods[i];
+	}
+	debug_f("unrecognized authentication method name: %s", name);
 	return NULL;
 }
 
+static Authmethod *
+authmethod_lookup(Authctxt *authctxt, const char *name)
+{
+	Authmethod *method;
+
+	if ((method = authmethod_byname(name)) == NULL)
+		return NULL;
+
+	if (method->enabled == NULL || *(method->enabled) == 0) {
+		debug3_f("method %s not enabled", name);
+		return NULL;
+	}
+	if (!auth2_method_allowed(authctxt, method->name, NULL)) {
+		debug3_f("method %s not allowed "
+		    "by AuthenticationMethods", name);
+		return NULL;
+	}
+	return method;
+}
+
 /*
  * Check a comma-separated list of methods for validity. Is need_enable is
  * non-zero, then also require that the methods are enabled.
diff --git a/authfd.c b/authfd.c
index 9f092f7cf955..76e48aab779e 100644
--- a/authfd.c
+++ b/authfd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: authfd.c,v 1.127 2021/01/26 00:46:17 djm Exp $ */
+/* $OpenBSD: authfd.c,v 1.129 2021/12/19 22:10:24 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -454,12 +454,63 @@ ssh_agent_sign(int sock, const struct sshkey *key,
 
 /* Encode key for a message to the agent. */
 
+static int
+encode_dest_constraint_hop(struct sshbuf *m,
+    const struct dest_constraint_hop *dch)
+{
+	struct sshbuf *b;
+	u_int i;
+	int r;
+
+	if ((b = sshbuf_new()) == NULL)
+		return SSH_ERR_ALLOC_FAIL;
+	if ((r = sshbuf_put_cstring(b, dch->user)) != 0 ||
+	    (r = sshbuf_put_cstring(b, dch->hostname)) != 0 ||
+	    (r = sshbuf_put_string(b, NULL, 0)) != 0) /* reserved */
+		goto out;
+	for (i = 0; i < dch->nkeys; i++) {
+		if ((r = sshkey_puts(dch->keys[i], b)) != 0 ||
+		    (r = sshbuf_put_u8(b, dch->key_is_ca[i] != 0)) != 0)
+			goto out;
+	}
+	if ((r = sshbuf_put_stringb(m, b)) != 0)
+		goto out;
+	/* success */
+	r = 0;
+ out:
+	sshbuf_free(b);
+	return r;
+}
+
+static int
+encode_dest_constraint(struct sshbuf *m, const struct dest_constraint *dc)
+{
+	struct sshbuf *b;
+	int r;
+
+	if ((b = sshbuf_new()) == NULL)
+		return SSH_ERR_ALLOC_FAIL;
+	if ((r = encode_dest_constraint_hop(b, &dc->from) != 0) ||
+	    (r = encode_dest_constraint_hop(b, &dc->to) != 0) ||
+	    (r = sshbuf_put_string(b, NULL, 0)) != 0) /* reserved */
+		goto out;
+	if ((r = sshbuf_put_stringb(m, b)) != 0)
+		goto out;
+	/* success */
+	r = 0;
+ out:
+	sshbuf_free(b);
+	return r;
+}
 
 static int
 encode_constraints(struct sshbuf *m, u_int life, u_int confirm, u_int maxsign,
-    const char *provider)
+    const char *provider, struct dest_constraint **dest_constraints,
+    size_t ndest_constraints)
 {
 	int r;
+	struct sshbuf *b = NULL;
+	size_t i;
 
 	if (life != 0) {
 		if ((r = sshbuf_put_u8(m, SSH_AGENT_CONSTRAIN_LIFETIME)) != 0 ||
@@ -483,8 +534,26 @@ encode_constraints(struct sshbuf *m, u_int life, u_int confirm, u_int maxsign,
 		    (r = sshbuf_put_cstring(m, provider)) != 0)
 			goto out;
 	}
+	if (dest_constraints != NULL && ndest_constraints > 0) {
+		if ((b = sshbuf_new()) == NULL) {
+			r = SSH_ERR_ALLOC_FAIL;
+			goto out;
+		}
+		for (i = 0; i < ndest_constraints; i++) {
+			if ((r = encode_dest_constraint(b,
+			    dest_constraints[i])) != 0)
+				goto out;
+		}
+		if ((r = sshbuf_put_u8(m,
+		    SSH_AGENT_CONSTRAIN_EXTENSION)) != 0 ||
+		    (r = sshbuf_put_cstring(m,
+		    "restrict-destination-v00@openssh.com")) != 0 ||
+		    (r = sshbuf_put_stringb(m, b)) != 0)
+			goto out;
+	}
 	r = 0;
  out:
+	sshbuf_free(b);
 	return r;
 }
 
@@ -495,10 +564,12 @@ encode_constraints(struct sshbuf *m, u_int life, u_int confirm, u_int maxsign,
 int
 ssh_add_identity_constrained(int sock, struct sshkey *key,
     const char *comment, u_int life, u_int confirm, u_int maxsign,
-    const char *provider)
+    const char *provider, struct dest_constraint **dest_constraints,
+    size_t ndest_constraints)
 {
 	struct sshbuf *msg;
-	int r, constrained = (life || confirm || maxsign || provider);
+	int r, constrained = (life || confirm || maxsign ||
+	    provider || dest_constraints);
 	u_char type;
 
 	if ((msg = sshbuf_new()) == NULL)
@@ -536,7 +607,7 @@ ssh_add_identity_constrained(int sock, struct sshkey *key,
 	}
 	if (constrained &&
 	    (r = encode_constraints(msg, life, confirm, maxsign,
-	    provider)) != 0)
+	    provider, dest_constraints, ndest_constraints)) != 0)
 		goto out;
 	if ((r = ssh_request_reply_decode(sock, msg)) != 0)
 		goto out;
@@ -590,7 +661,8 @@ ssh_remove_identity(int sock, const struct sshkey *key)
  */
 int
 ssh_update_card(int sock, int add, const char *reader_id, const char *pin,
-    u_int life, u_int confirm)
+    u_int life, u_int confirm,
+    struct dest_constraint **dest_constraints, size_t ndest_constraints)
 {
 	struct sshbuf *msg;
 	int r, constrained = (life || confirm);
@@ -610,7 +682,8 @@ ssh_update_card(int sock, int add, const char *reader_id, const char *pin,
 	    (r = sshbuf_put_cstring(msg, pin)) != 0)
 		goto out;
 	if (constrained &&
-	    (r = encode_constraints(msg, life, confirm, 0, NULL)) != 0)
+	    (r = encode_constraints(msg, life, confirm, 0, NULL,
+	    dest_constraints, ndest_constraints)) != 0)
 		goto out;
 	if ((r = ssh_request_reply_decode(sock, msg)) != 0)
 		goto out;
@@ -650,3 +723,32 @@ ssh_remove_all_identities(int sock, int version)
 	sshbuf_free(msg);
 	return r;
 }
+
+/* Binds a session ID to a hostkey via the initial KEX signature. */
+int
+ssh_agent_bind_hostkey(int sock, const struct sshkey *key,
+    const struct sshbuf *session_id, const struct sshbuf *signature,
+    int forwarding)
+{
+	struct sshbuf *msg;
+	int r;
+
+	if (key == NULL || session_id == NULL || signature == NULL)
+		return SSH_ERR_INVALID_ARGUMENT;
+	if ((msg = sshbuf_new()) == NULL)
+		return SSH_ERR_ALLOC_FAIL;
+	if ((r = sshbuf_put_u8(msg, SSH_AGENTC_EXTENSION)) != 0 ||
+	    (r = sshbuf_put_cstring(msg, "session-bind@openssh.com")) != 0 ||
+	    (r = sshkey_puts(key, msg)) != 0 ||
+	    (r = sshbuf_put_stringb(msg, session_id)) != 0 ||
+	    (r = sshbuf_put_stringb(msg, signature)) != 0 ||
+	    (r = sshbuf_put_u8(msg, forwarding ? 1 : 0)) != 0)
+		goto out;
+	if ((r = ssh_request_reply_decode(sock, msg)) != 0)
+		goto out;
+	/* success */
+	r = 0;
+ out:
+	sshbuf_free(msg);
+	return r;
+}
diff --git a/authfd.h b/authfd.h
index 4fbf82f8c008..7a1c0ddff980 100644
--- a/authfd.h
+++ b/authfd.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: authfd.h,v 1.49 2020/06/26 05:03:36 djm Exp $ */
+/* $OpenBSD: authfd.h,v 1.51 2021/12/19 22:10:24 djm Exp $ */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -16,6 +16,9 @@
 #ifndef AUTHFD_H
 #define AUTHFD_H
 
+struct sshbuf;
+struct sshkey;
+
 /* List of identities returned by ssh_fetch_identitylist() */
 struct ssh_identitylist {
 	size_t nkeys;
@@ -23,6 +26,20 @@ struct ssh_identitylist {
 	char **comments;
 };
 
+/* Key destination restrictions */
+struct dest_constraint_hop {
+	char *user;	/* wildcards allowed */
+	char *hostname; /* used to matching cert principals and for display */
+	int is_ca;
+	u_int nkeys;	/* number of entries in *both* 'keys' and 'key_is_ca' */
+	struct sshkey **keys;
+	int *key_is_ca;
+};
+struct dest_constraint {
+	struct dest_constraint_hop from;
+	struct dest_constraint_hop to;
+};
+
 int	ssh_get_authentication_socket(int *fdp);
 int	ssh_get_authentication_socket_path(const char *authsocket, int *fdp);
 void	ssh_close_authentication_socket(int sock);
@@ -31,18 +48,25 @@ int	ssh_lock_agent(int sock, int lock, const char *password);
 int	ssh_fetch_identitylist(int sock, struct ssh_identitylist **idlp);
 void	ssh_free_identitylist(struct ssh_identitylist *idl);
 int	ssh_add_identity_constrained(int sock, struct sshkey *key,
-	    const char *comment, u_int life, u_int confirm, u_int maxsign,
-	    const char *provider);
+    const char *comment, u_int life, u_int confirm, u_int maxsign,
+    const char *provider, struct dest_constraint **dest_constraints,
+    size_t ndest_constraints);
 int	ssh_agent_has_key(int sock, const struct sshkey *key);
 int	ssh_remove_identity(int sock, const struct sshkey *key);
 int	ssh_update_card(int sock, int add, const char *reader_id,
-	    const char *pin, u_int life, u_int confirm);
+	    const char *pin, u_int life, u_int confirm,
+	    struct dest_constraint **dest_constraints,
+	    size_t ndest_constraints);
 int	ssh_remove_all_identities(int sock, int version);
 
 int	ssh_agent_sign(int sock, const struct sshkey *key,
 	    u_char **sigp, size_t *lenp,
 	    const u_char *data, size_t datalen, const char *alg, u_int compat);
 
+int	ssh_agent_bind_hostkey(int sock, const struct sshkey *key,
+    const struct sshbuf *session_id, const struct sshbuf *signature,
+    int forwarding);
+
 /* Messages for the authentication agent connection. */
 #define SSH_AGENTC_REQUEST_RSA_IDENTITIES	1
 #define SSH_AGENT_RSA_IDENTITIES_ANSWER		2
@@ -76,6 +100,9 @@ int	ssh_agent_sign(int sock, const struct sshkey *key,
 #define SSH2_AGENTC_ADD_ID_CONSTRAINED		25
 #define SSH_AGENTC_ADD_SMARTCARD_KEY_CONSTRAINED 26
 
+/* generic extension mechanism */
+#define SSH_AGENTC_EXTENSION			27
+
 #define	SSH_AGENT_CONSTRAIN_LIFETIME		1
 #define	SSH_AGENT_CONSTRAIN_CONFIRM		2
 #define	SSH_AGENT_CONSTRAIN_MAXSIGN		3
diff --git a/authfile.c b/authfile.c
index 946f50ca8114..a399efc3e738 100644
--- a/authfile.c
+++ b/authfile.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: authfile.c,v 1.141 2020/06/18 23:33:38 djm Exp $ */
+/* $OpenBSD: authfile.c,v 1.142 2022/01/01 01:55:30 jsg Exp $ */
 /*
  * Copyright (c) 2000, 2013 Markus Friedl.  All rights reserved.
  *
@@ -368,7 +368,7 @@ sshkey_load_private_cert(int type, const char *filename, const char *passphrase,
  * Returns success if the specified "key" is listed in the file "filename",
  * SSH_ERR_KEY_NOT_FOUND: if the key is not listed or another error.
  * If "strict_type" is set then the key type must match exactly,
- * otherwise a comparison that ignores certficiate data is performed.
+ * otherwise a comparison that ignores certificate data is performed.
  * If "check_ca" is set and "key" is a certificate, then its CA key is
  * also checked and sshkey_in_file() will return success if either is found.
  */
diff --git a/channels.c b/channels.c
index 1c714c845e18..73e93c032765 100644
--- a/channels.c
+++ b/channels.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: channels.c,v 1.408 2021/09/14 11:04:21 mbuhl Exp $ */
+/* $OpenBSD: channels.c,v 1.413 2022/02/17 10:58:27 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -57,6 +57,9 @@
 #include <fcntl.h>
 #include <limits.h>
 #include <netdb.h>
+#ifdef HAVE_POLL_H
+#include <poll.h>
+#endif
 #include <stdarg.h>
 #ifdef HAVE_STDINT_H
 # include <stdint.h>
@@ -84,6 +87,9 @@
 #include "pathnames.h"
 #include "match.h"
 
+/* XXX remove once we're satisfied there's no lurking bugs */
+/* #define DEBUG_CHANNEL_POLL 1 */
+
 /* -- agent forwarding */
 #define	NUM_SOCKS	10
 
@@ -98,9 +104,8 @@
 /* Maximum number of fake X11 displays to try. */
 #define MAX_DISPLAYS  1000
 
-/* Per-channel callback for pre/post select() actions */
-typedef void chan_fn(struct ssh *, Channel *c,
-    fd_set *readset, fd_set *writeset);
+/* Per-channel callback for pre/post IO actions */
+typedef void chan_fn(struct ssh *, Channel *c);
 
 /*
  * Data structure for storing which hosts are permitted for forward requests.
@@ -161,17 +166,11 @@ struct ssh_channels {
 	u_int channels_alloc;
 
 	/*
-	 * Maximum file descriptor value used in any of the channels.  This is
-	 * updated in channel_new.
-	 */
-	int channel_max_fd;
-
-	/*
-	 * 'channel_pre*' are called just before select() to add any bits
-	 * relevant to channels in the select bitmasks.
+	 * 'channel_pre*' are called just before IO to add any bits
+	 * relevant to channels in the c->io_want bitmasks.
 	 *
 	 * 'channel_post*': perform any appropriate operations for
-	 * channels which have events pending.
+	 * channels which have c->io_ready events pending.
 	 */
 	chan_fn **channel_pre;
 	chan_fn **channel_post;
@@ -305,13 +304,6 @@ static void
 channel_register_fds(struct ssh *ssh, Channel *c, int rfd, int wfd, int efd,
     int extusage, int nonblock, int is_tty)
 {
-	struct ssh_channels *sc = ssh->chanctxt;
-
-	/* Update the maximum file descriptor value. */
-	sc->channel_max_fd = MAXIMUM(sc->channel_max_fd, rfd);
-	sc->channel_max_fd = MAXIMUM(sc->channel_max_fd, wfd);
-	sc->channel_max_fd = MAXIMUM(sc->channel_max_fd, efd);
-
 	if (rfd != -1)
 		fcntl(rfd, F_SETFD, FD_CLOEXEC);
 	if (wfd != -1 && wfd != rfd)
@@ -423,28 +415,9 @@ channel_new(struct ssh *ssh, char *ctype, int type, int rfd, int wfd, int efd,
 	return c;
 }
 
-static void
-channel_find_maxfd(struct ssh_channels *sc)
-{
-	u_int i;
-	int max = 0;
-	Channel *c;
-
-	for (i = 0; i < sc->channels_alloc; i++) {
-		c = sc->channels[i];
-		if (c != NULL) {
-			max = MAXIMUM(max, c->rfd);
-			max = MAXIMUM(max, c->wfd);
-			max = MAXIMUM(max, c->efd);
-		}
-	}
-	sc->channel_max_fd = max;
-}
-
 int
 channel_close_fd(struct ssh *ssh, Channel *c, int *fdp)
 {
-	struct ssh_channels *sc = ssh->chanctxt;
 	int ret, fd = *fdp;
 
 	if (fd == -1)
@@ -455,10 +428,29 @@ channel_close_fd(struct ssh *ssh, Channel *c, int *fdp)
 	   (*fdp == c->efd && (c->restore_block & CHANNEL_RESTORE_EFD) != 0))
 		(void)fcntl(*fdp, F_SETFL, 0);	/* restore blocking */
 
+	if (*fdp == c->rfd) {
+		c->io_want &= ~SSH_CHAN_IO_RFD;
+		c->io_ready &= ~SSH_CHAN_IO_RFD;
+		c->rfd = -1;
+	}
+	if (*fdp == c->wfd) {
+		c->io_want &= ~SSH_CHAN_IO_WFD;
+		c->io_ready &= ~SSH_CHAN_IO_WFD;
+		c->wfd = -1;
+	}
+	if (*fdp == c->efd) {
+		c->io_want &= ~SSH_CHAN_IO_EFD;
+		c->io_ready &= ~SSH_CHAN_IO_EFD;
+		c->efd = -1;
+	}
+	if (*fdp == c->sock) {
+		c->io_want &= ~SSH_CHAN_IO_SOCK;
+		c->io_ready &= ~SSH_CHAN_IO_SOCK;
+		c->sock = -1;
+	}
+
 	ret = close(fd);
-	*fdp = -1;
-	if (fd == sc->channel_max_fd)
-		channel_find_maxfd(sc);
+	*fdp = -1; /* probably redundant */
 	return ret;
 }
 
@@ -543,7 +535,7 @@ permission_set_get_array(struct ssh *ssh, int who, int where,
 	}
 }
 
-/* Adds an entry to the spcified forwarding list */
+/* Adds an entry to the specified forwarding list */
 static int
 permission_set_add(struct ssh *ssh, int who, int where,
     const char *host_to_connect, int port_to_connect,
@@ -680,7 +672,6 @@ channel_free_all(struct ssh *ssh)
 	free(sc->channels);
 	sc->channels = NULL;
 	sc->channels_alloc = 0;
-	sc->channel_max_fd = 0;
 
 	free(sc->x11_saved_display);
 	sc->x11_saved_display = NULL;
@@ -872,13 +863,14 @@ channel_format_status(const Channel *c)
 	char *ret = NULL;
 
 	xasprintf(&ret, "t%d %s%u i%u/%zu o%u/%zu e[%s]/%zu "
-	    "fd %d/%d/%d sock %d cc %d",
+	    "fd %d/%d/%d sock %d cc %d io 0x%02x/0x%02x",
 	    c->type,
 	    c->have_remote_id ? "r" : "nr", c->remote_id,
 	    c->istate, sshbuf_len(c->input),
 	    c->ostate, sshbuf_len(c->output),
 	    channel_format_extended_usage(c), sshbuf_len(c->extended),
-	    c->rfd, c->wfd, c->efd, c->sock, c->ctl_chan);
+	    c->rfd, c->wfd, c->efd, c->sock, c->ctl_chan,
+	    c->io_want, c->io_ready);
 	return ret;
 }
 
@@ -1096,33 +1088,31 @@ channel_set_fds(struct ssh *ssh, int id, int rfd, int wfd, int efd,
 }
 
 static void
-channel_pre_listener(struct ssh *ssh, Channel *c,
-    fd_set *readset, fd_set *writeset)
+channel_pre_listener(struct ssh *ssh, Channel *c)
 {
-	FD_SET(c->sock, readset);
+	c->io_want = SSH_CHAN_IO_SOCK_R;
 }
 
 static void
-channel_pre_connecting(struct ssh *ssh, Channel *c,
-    fd_set *readset, fd_set *writeset)
+channel_pre_connecting(struct ssh *ssh, Channel *c)
 {
 	debug3("channel %d: waiting for connection", c->self);
-	FD_SET(c->sock, writeset);
+	c->io_want = SSH_CHAN_IO_SOCK_W;
 }
 
 static void
-channel_pre_open(struct ssh *ssh, Channel *c,
-    fd_set *readset, fd_set *writeset)
+channel_pre_open(struct ssh *ssh, Channel *c)
 {
+	c->io_want = 0;
 	if (c->istate == CHAN_INPUT_OPEN &&
 	    c->remote_window > 0 &&
 	    sshbuf_len(c->input) < c->remote_window &&
 	    sshbuf_check_reserve(c->input, CHAN_RBUF) == 0)
-		FD_SET(c->rfd, readset);
+		c->io_want |= SSH_CHAN_IO_RFD;
 	if (c->ostate == CHAN_OUTPUT_OPEN ||
 	    c->ostate == CHAN_OUTPUT_WAIT_DRAIN) {
 		if (sshbuf_len(c->output) > 0) {
-			FD_SET(c->wfd, writeset);
+			c->io_want |= SSH_CHAN_IO_WFD;
 		} else if (c->ostate == CHAN_OUTPUT_WAIT_DRAIN) {
 			if (CHANNEL_EFD_OUTPUT_ACTIVE(c))
 				debug2("channel %d: "
@@ -1137,12 +1127,12 @@ channel_pre_open(struct ssh *ssh, Channel *c,
 	    c->ostate == CHAN_OUTPUT_CLOSED)) {
 		if (c->extended_usage == CHAN_EXTENDED_WRITE &&
 		    sshbuf_len(c->extended) > 0)
-			FD_SET(c->efd, writeset);
+			c->io_want |= SSH_CHAN_IO_EFD_W;
 		else if (c->efd != -1 && !(c->flags & CHAN_EOF_SENT) &&
 		    (c->extended_usage == CHAN_EXTENDED_READ ||
 		    c->extended_usage == CHAN_EXTENDED_IGNORE) &&
 		    sshbuf_len(c->extended) < c->remote_window)
-			FD_SET(c->efd, readset);
+			c->io_want |= SSH_CHAN_IO_EFD_R;
 	}
 	/* XXX: What about efd? races? */
 }
@@ -1224,8 +1214,7 @@ x11_open_helper(struct ssh *ssh, struct sshbuf *b)
 }
 
 static void
-channel_pre_x11_open(struct ssh *ssh, Channel *c,
-    fd_set *readset, fd_set *writeset)
+channel_pre_x11_open(struct ssh *ssh, Channel *c)
 {
 	int ret = x11_open_helper(ssh, c->output);
 
@@ -1233,7 +1222,7 @@ channel_pre_x11_open(struct ssh *ssh, Channel *c,
 
 	if (ret == 1) {
 		c->type = SSH_CHANNEL_OPEN;
-		channel_pre_open(ssh, c, readset, writeset);
+		channel_pre_open(ssh, c);
 	} else if (ret == -1) {
 		logit("X11 connection rejected because of wrong authentication.");
 		debug2("X11 rejected %d i%d/o%d",
@@ -1248,12 +1237,12 @@ channel_pre_x11_open(struct ssh *ssh, Channel *c,
 }
 
 static void
-channel_pre_mux_client(struct ssh *ssh,
-    Channel *c, fd_set *readset, fd_set *writeset)
+channel_pre_mux_client(struct ssh *ssh, Channel *c)
 {
+	c->io_want = 0;
 	if (c->istate == CHAN_INPUT_OPEN && !c->mux_pause &&
 	    sshbuf_check_reserve(c->input, CHAN_RBUF) == 0)
-		FD_SET(c->rfd, readset);
+		c->io_want |= SSH_CHAN_IO_RFD;
 	if (c->istate == CHAN_INPUT_WAIT_DRAIN) {
 		/* clear buffer immediately (discard any partial packet) */
 		sshbuf_reset(c->input);
@@ -1264,7 +1253,7 @@ channel_pre_mux_client(struct ssh *ssh,
 	if (c->ostate == CHAN_OUTPUT_OPEN ||
 	    c->ostate == CHAN_OUTPUT_WAIT_DRAIN) {
 		if (sshbuf_len(c->output) > 0)
-			FD_SET(c->wfd, writeset);
+			c->io_want |= SSH_CHAN_IO_WFD;
 		else if (c->ostate == CHAN_OUTPUT_WAIT_DRAIN)
 			chan_obuf_empty(ssh, c);
 	}
@@ -1543,20 +1532,20 @@ channel_connect_stdio_fwd(struct ssh *ssh,
 
 /* dynamic port forwarding */
 static void
-channel_pre_dynamic(struct ssh *ssh, Channel *c,
-    fd_set *readset, fd_set *writeset)
+channel_pre_dynamic(struct ssh *ssh, Channel *c)
 {
 	const u_char *p;
 	u_int have;
 	int ret;
 
+	c->io_want = 0;
 	have = sshbuf_len(c->input);
 	debug2("channel %d: pre_dynamic: have %d", c->self, have);
 	/* sshbuf_dump(c->input, stderr); */
 	/* check if the fixed size part of the packet is in buffer. */
 	if (have < 3) {
 		/* need more */
-		FD_SET(c->sock, readset);
+		c->io_want |= SSH_CHAN_IO_RFD;
 		return;
 	}
 	/* try to guess the protocol */
@@ -1578,9 +1567,9 @@ channel_pre_dynamic(struct ssh *ssh, Channel *c,
 	} else if (ret == 0) {
 		debug2("channel %d: pre_dynamic: need more", c->self);
 		/* need more */
-		FD_SET(c->sock, readset);
+		c->io_want |= SSH_CHAN_IO_RFD;
 		if (sshbuf_len(c->output))
-			FD_SET(c->sock, writeset);
+			c->io_want |= SSH_CHAN_IO_WFD;
 	} else {
 		/* switch to the next state */
 		c->type = SSH_CHANNEL_OPENING;
@@ -1602,7 +1591,7 @@ rdynamic_close(struct ssh *ssh, Channel *c)
 
 /* reverse dynamic port forwarding */
 static void
-channel_before_prepare_select_rdynamic(struct ssh *ssh, Channel *c)
+channel_before_prepare_io_rdynamic(struct ssh *ssh, Channel *c)
 {
 	const u_char *p;
 	u_int have, len;
@@ -1660,8 +1649,7 @@ channel_before_prepare_select_rdynamic(struct ssh *ssh, Channel *c)
 
 /* This is our fake X11 server socket. */
 static void
-channel_post_x11_listener(struct ssh *ssh, Channel *c,
-    fd_set *readset, fd_set *writeset)
+channel_post_x11_listener(struct ssh *ssh, Channel *c)
 {
 	Channel *nc;
 	struct sockaddr_storage addr;
@@ -1669,7 +1657,7 @@ channel_post_x11_listener(struct ssh *ssh, Channel *c,
 	socklen_t addrlen;
 	char buf[16384], *remote_ipaddr;
 
-	if (!FD_ISSET(c->sock, readset))
+	if ((c->io_ready & SSH_CHAN_IO_SOCK_R) == 0)
 		return;
 
 	debug("X11 connection requested.");
@@ -1778,8 +1766,7 @@ channel_set_x11_refuse_time(struct ssh *ssh, u_int refuse_time)
  * This socket is listening for connections to a forwarded TCP/IP port.
  */
 static void
-channel_post_port_listener(struct ssh *ssh, Channel *c,
-    fd_set *readset, fd_set *writeset)
+channel_post_port_listener(struct ssh *ssh, Channel *c)
 {
 	Channel *nc;
 	struct sockaddr_storage addr;
@@ -1787,7 +1774,7 @@ channel_post_port_listener(struct ssh *ssh, Channel *c,
 	socklen_t addrlen;
 	char *rtype;
 
-	if (!FD_ISSET(c->sock, readset))
+	if ((c->io_ready & SSH_CHAN_IO_SOCK_R) == 0)
 		return;
 
 	debug("Connection to port %d forwarding to %.100s port %d requested.",
@@ -1838,15 +1825,14 @@ channel_post_port_listener(struct ssh *ssh, Channel *c,
  * clients.
  */
 static void
-channel_post_auth_listener(struct ssh *ssh, Channel *c,
-    fd_set *readset, fd_set *writeset)
+channel_post_auth_listener(struct ssh *ssh, Channel *c)
 {
 	Channel *nc;
 	int r, newsock;
 	struct sockaddr_storage addr;
 	socklen_t addrlen;
 
-	if (!FD_ISSET(c->sock, readset))
+	if ((c->io_ready & SSH_CHAN_IO_SOCK_R) == 0)
 		return;
 
 	addrlen = sizeof(addr);
@@ -1867,13 +1853,12 @@ channel_post_auth_listener(struct ssh *ssh, Channel *c,
 }
 
 static void
-channel_post_connecting(struct ssh *ssh, Channel *c,
-    fd_set *readset, fd_set *writeset)
+channel_post_connecting(struct ssh *ssh, Channel *c)
 {
 	int err = 0, sock, isopen, r;
 	socklen_t sz = sizeof(err);
 
-	if (!FD_ISSET(c->sock, writeset))
+	if ((c->io_ready & SSH_CHAN_IO_SOCK_W) == 0)
 		return;
 	if (!c->have_remote_id)
 		fatal_f("channel %d: no remote id", c->self);
@@ -1907,7 +1892,6 @@ channel_post_connecting(struct ssh *ssh, Channel *c,
 		if ((sock = connect_next(&c->connect_ctx)) > 0) {
 			close(c->sock);
 			c->sock = c->rfd = c->wfd = sock;
-			channel_find_maxfd(ssh->chanctxt);
 			return;
 		}
 		/* Exhausted all addresses */
@@ -1932,31 +1916,64 @@ channel_post_connecting(struct ssh *ssh, Channel *c,
 }
 
 static int
-channel_handle_rfd(struct ssh *ssh, Channel *c,
-    fd_set *readset, fd_set *writeset)
+channel_handle_rfd(struct ssh *ssh, Channel *c)
 {
 	char buf[CHAN_RBUF];
 	ssize_t len;
 	int r, force;
+	size_t have, avail, maxlen = CHANNEL_MAX_READ;
+	int pty_zeroread = 0;
+
+#ifdef PTY_ZEROREAD
+	/* Bug on AIX: read(1) can return 0 for a non-closed fd */
+	pty_zeroread = c->isatty;
+#endif
 
 	force = c->isatty && c->detach_close && c->istate != CHAN_INPUT_CLOSED;
 
-	if (c->rfd == -1 || (!force && !FD_ISSET(c->rfd, readset)))
+	if (!force && (c->io_ready & SSH_CHAN_IO_RFD) == 0)
+		return 1;
+	if ((avail = sshbuf_avail(c->input)) == 0)
+		return 1; /* Shouldn't happen */
+
+	/*
+	 * For "simple" channels (i.e. not datagram or filtered), we can
+	 * read directly to the channel buffer.
+	 */
+	if (!pty_zeroread && c->input_filter == NULL && !c->datagram) {
+		/* Only OPEN channels have valid rwin */
+		if (c->type == SSH_CHANNEL_OPEN) {
+			if ((have = sshbuf_len(c->input)) >= c->remote_window)
+				return 1; /* shouldn't happen */
+			if (maxlen > c->remote_window - have)
+				maxlen = c->remote_window - have;
+		}
+		if (maxlen > avail)
+			maxlen = avail;
+		if ((r = sshbuf_read(c->rfd, c->input, maxlen, NULL)) != 0) {
+			if (errno == EINTR || (!force &&
+			    (errno == EAGAIN || errno == EWOULDBLOCK)))
+				return 1;
+			debug2("channel %d: read failed rfd %d maxlen %zu: %s",
+			    c->self, c->rfd, maxlen, ssh_err(r));
+			goto rfail;
+		}
 		return 1;
+	}
 
 	errno = 0;
 	len = read(c->rfd, buf, sizeof(buf));
+	/* fixup AIX zero-length read with errno set to look more like errors */
+	if (pty_zeroread && len == 0 && errno != 0)
+		len = -1;
 	if (len == -1 && (errno == EINTR ||
 	    ((errno == EAGAIN || errno == EWOULDBLOCK) && !force)))
 		return 1;
-#ifndef PTY_ZEROREAD
-	if (len <= 0) {
-#else
-	if ((!c->isatty && len <= 0) ||
-	    (c->isatty && (len < 0 || (len == 0 && errno != 0)))) {
-#endif
-		debug2("channel %d: read<=0 rfd %d len %zd",
-		    c->self, c->rfd, len);
+	if (len < 0 || (!pty_zeroread && len == 0)) {
+		debug2("channel %d: read<=0 rfd %d len %zd: %s",
+		    c->self, c->rfd, len,
+		    len == 0 ? "closed" : strerror(errno));
+ rfail:
 		if (c->type != SSH_CHANNEL_OPEN) {
 			debug2("channel %d: not open", c->self);
 			chan_mark_dead(ssh, c);
@@ -1976,20 +1993,21 @@ channel_handle_rfd(struct ssh *ssh, Channel *c,
 			fatal_fr(r, "channel %i: put datagram", c->self);
 	} else if ((r = sshbuf_put(c->input, buf, len)) != 0)
 		fatal_fr(r, "channel %i: put data", c->self);
+
 	return 1;
 }
 
 static int
-channel_handle_wfd(struct ssh *ssh, Channel *c,
-   fd_set *readset, fd_set *writeset)
+channel_handle_wfd(struct ssh *ssh, Channel *c)
 {
 	struct termios tio;
 	u_char *data = NULL, *buf; /* XXX const; need filter API change */
 	size_t dlen, olen = 0;
 	int r, len;
 
-	if (c->wfd == -1 || !FD_ISSET(c->wfd, writeset) ||
-	    sshbuf_len(c->output) == 0)
+	if ((c->io_ready & SSH_CHAN_IO_WFD) == 0)
+		return 1;
+	if (sshbuf_len(c->output) == 0)
 		return 1;
 
 	/* Send buffered output data to the socket. */
@@ -2027,7 +2045,7 @@ channel_handle_wfd(struct ssh *ssh, Channel *c,
 #ifdef _AIX
 	/* XXX: Later AIX versions can't push as much data to tty */
 	if (c->wfd_isatty)
-		dlen = MIN(dlen, 8*1024);
+		dlen = MINIMUM(dlen, 8*1024);
 #endif
 
 	len = write(c->wfd, buf, dlen);
@@ -2070,13 +2088,14 @@ channel_handle_wfd(struct ssh *ssh, Channel *c,
 }
 
 static int
-channel_handle_efd_write(struct ssh *ssh, Channel *c,
-    fd_set *readset, fd_set *writeset)
+channel_handle_efd_write(struct ssh *ssh, Channel *c)
 {
 	int r;
 	ssize_t len;
 
-	if (!FD_ISSET(c->efd, writeset) || sshbuf_len(c->extended) == 0)
+	if ((c->io_ready & SSH_CHAN_IO_EFD_W) == 0)
+		return 1;
+	if (sshbuf_len(c->extended) == 0)
 		return 1;
 
 	len = write(c->efd, sshbuf_ptr(c->extended),
@@ -2097,8 +2116,7 @@ channel_handle_efd_write(struct ssh *ssh, Channel *c,
 }
 
 static int
-channel_handle_efd_read(struct ssh *ssh, Channel *c,
-    fd_set *readset, fd_set *writeset)
+channel_handle_efd_read(struct ssh *ssh, Channel *c)
 {
 	char buf[CHAN_RBUF];
 	ssize_t len;
@@ -2106,7 +2124,7 @@ channel_handle_efd_read(struct ssh *ssh, Channel *c,
 
 	force = c->isatty && c->detach_close && c->istate != CHAN_INPUT_CLOSED;
 
-	if (c->efd == -1 || (!force && !FD_ISSET(c->efd, readset)))
+	if (!force && (c->io_ready & SSH_CHAN_IO_EFD_R) == 0)
 		return 1;
 
 	len = read(c->efd, buf, sizeof(buf));
@@ -2125,8 +2143,7 @@ channel_handle_efd_read(struct ssh *ssh, Channel *c,
 }
 
 static int
-channel_handle_efd(struct ssh *ssh, Channel *c,
-    fd_set *readset, fd_set *writeset)
+channel_handle_efd(struct ssh *ssh, Channel *c)
 {
 	if (c->efd == -1)
 		return 1;
@@ -2134,10 +2151,10 @@ channel_handle_efd(struct ssh *ssh, Channel *c,
 	/** XXX handle drain efd, too */
 
 	if (c->extended_usage == CHAN_EXTENDED_WRITE)
-		return channel_handle_efd_write(ssh, c, readset, writeset);
+		return channel_handle_efd_write(ssh, c);
 	else if (c->extended_usage == CHAN_EXTENDED_READ ||
 	    c->extended_usage == CHAN_EXTENDED_IGNORE)
-		return channel_handle_efd_read(ssh, c, readset, writeset);
+		return channel_handle_efd_read(ssh, c);
 
 	return 1;
 }
@@ -2171,12 +2188,11 @@ channel_check_window(struct ssh *ssh, Channel *c)
 }
 
 static void
-channel_post_open(struct ssh *ssh, Channel *c,
-    fd_set *readset, fd_set *writeset)
+channel_post_open(struct ssh *ssh, Channel *c)
 {
-	channel_handle_rfd(ssh, c, readset, writeset);
-	channel_handle_wfd(ssh, c, readset, writeset);
-	channel_handle_efd(ssh, c, readset, writeset);
+	channel_handle_rfd(ssh, c);
+	channel_handle_wfd(ssh, c);
+	channel_handle_efd(ssh, c);
 	channel_check_window(ssh, c);
 }
 
@@ -2205,12 +2221,11 @@ read_mux(struct ssh *ssh, Channel *c, u_int need)
 }
 
 static void
-channel_post_mux_client_read(struct ssh *ssh, Channel *c,
-    fd_set *readset, fd_set *writeset)
+channel_post_mux_client_read(struct ssh *ssh, Channel *c)
 {
 	u_int need;
 
-	if (c->rfd == -1 || !FD_ISSET(c->rfd, readset))
+	if ((c->io_ready & SSH_CHAN_IO_RFD) == 0)
 		return;
 	if (c->istate != CHAN_INPUT_OPEN && c->istate != CHAN_INPUT_WAIT_DRAIN)
 		return;
@@ -2242,14 +2257,14 @@ channel_post_mux_client_read(struct ssh *ssh, Channel *c,
 }
 
 static void
-channel_post_mux_client_write(struct ssh *ssh, Channel *c,
-    fd_set *readset, fd_set *writeset)
+channel_post_mux_client_write(struct ssh *ssh, Channel *c)
 {
 	ssize_t len;
 	int r;
 
-	if (c->wfd == -1 || !FD_ISSET(c->wfd, writeset) ||
-	    sshbuf_len(c->output) == 0)
+	if ((c->io_ready & SSH_CHAN_IO_WFD) == 0)
+		return;
+	if (sshbuf_len(c->output) == 0)
 		return;
 
 	len = write(c->wfd, sshbuf_ptr(c->output), sshbuf_len(c->output));
@@ -2264,16 +2279,14 @@ channel_post_mux_client_write(struct ssh *ssh, Channel *c,
 }
 
 static void
-channel_post_mux_client(struct ssh *ssh, Channel *c,
-    fd_set *readset, fd_set *writeset)
+channel_post_mux_client(struct ssh *ssh, Channel *c)
 {
-	channel_post_mux_client_read(ssh, c, readset, writeset);
-	channel_post_mux_client_write(ssh, c, readset, writeset);
+	channel_post_mux_client_read(ssh, c);
+	channel_post_mux_client_write(ssh, c);
 }
 
 static void
-channel_post_mux_listener(struct ssh *ssh, Channel *c,
-    fd_set *readset, fd_set *writeset)
+channel_post_mux_listener(struct ssh *ssh, Channel *c)
 {
 	Channel *nc;
 	struct sockaddr_storage addr;
@@ -2282,7 +2295,7 @@ channel_post_mux_listener(struct ssh *ssh, Channel *c,
 	uid_t euid;
 	gid_t egid;
 
-	if (!FD_ISSET(c->sock, readset))
+	if ((c->io_ready & SSH_CHAN_IO_SOCK_R) == 0)
 		return;
 
 	debug("multiplexing control connection");
@@ -2388,8 +2401,7 @@ channel_garbage_collect(struct ssh *ssh, Channel *c)
 enum channel_table { CHAN_PRE, CHAN_POST };
 
 static void
-channel_handler(struct ssh *ssh, int table,
-    fd_set *readset, fd_set *writeset, time_t *unpause_secs)
+channel_handler(struct ssh *ssh, int table, time_t *unpause_secs)
 {
 	struct ssh_channels *sc = ssh->chanctxt;
 	chan_fn **ftab = table == CHAN_PRE ? sc->channel_pre : sc->channel_post;
@@ -2415,7 +2427,7 @@ channel_handler(struct ssh *ssh, int table,
 			 * Run handlers that are not paused.
 			 */
 			if (c->notbefore <= now)
-				(*ftab[c->type])(ssh, c, readset, writeset);
+				(*ftab[c->type])(ssh, c);
 			else if (unpause_secs != NULL) {
 				/*
 				 * Collect the time that the earliest
@@ -2437,12 +2449,13 @@ channel_handler(struct ssh *ssh, int table,
 }
 
 /*
- * Create sockets before allocating the select bitmasks.
+ * Create sockets before preparing IO.
  * This is necessary for things that need to happen after reading
- * the network-input but before channel_prepare_select().
+ * the network-input but need to be completed before IO event setup, e.g.
+ * because they may create new channels.
  */
 static void
-channel_before_prepare_select(struct ssh *ssh)
+channel_before_prepare_io(struct ssh *ssh)
 {
 	struct ssh_channels *sc = ssh->chanctxt;
 	Channel *c;
@@ -2453,53 +2466,266 @@ channel_before_prepare_select(struct ssh *ssh)
 		if (c == NULL)
 			continue;
 		if (c->type == SSH_CHANNEL_RDYNAMIC_OPEN)
-			channel_before_prepare_select_rdynamic(ssh, c);
+			channel_before_prepare_io_rdynamic(ssh, c);
 	}
 }
 
-/*
- * Allocate/update select bitmasks and add any bits relevant to channels in
- * select bitmasks.
- */
+static void
+dump_channel_poll(const char *func, const char *what, Channel *c,
+    u_int pollfd_offset, struct pollfd *pfd)
+{
+#ifdef DEBUG_CHANNEL_POLL
+	debug3_f("channel %d: rfd r%d w%d e%d s%d "
+	    "pfd[%u].fd=%d want 0x%02x ev 0x%02x ready 0x%02x rev 0x%02x",
+	    c->self, c->rfd, c->wfd, c->efd, c->sock, pollfd_offset, pfd->fd,
+	    c->io_want, pfd->events, c->io_ready, pfd->revents);
+#endif
+}
+
+/* Prepare pollfd entries for a single channel */
+static void
+channel_prepare_pollfd(Channel *c, u_int *next_pollfd,
+    struct pollfd *pfd, u_int npfd)
+{
+	u_int p = *next_pollfd;
+
+	if (c == NULL)
+		return;
+	if (p + 4 > npfd) {
+		/* Shouldn't happen */
+		fatal_f("channel %d: bad pfd offset %u (max %u)",
+		    c->self, p, npfd);
+	}
+	c->pollfd_offset = -1;
+	/*
+	 * prepare c->rfd
+	 *
+	 * This is a special case, since c->rfd might be the same as
+	 * c->wfd, c->efd and/or c->sock. Handle those here if they want
+	 * IO too.
+	 */
+	if (c->rfd != -1) {
+		if (c->pollfd_offset == -1)
+			c->pollfd_offset = p;
+		pfd[p].fd = c->rfd;
+		pfd[p].events = 0;
+		if ((c->io_want & SSH_CHAN_IO_RFD) != 0)
+			pfd[p].events |= POLLIN;
+		/* rfd == wfd */
+		if (c->wfd == c->rfd &&
+		    (c->io_want & SSH_CHAN_IO_WFD) != 0)
+			pfd[p].events |= POLLOUT;
+		/* rfd == efd */
+		if (c->efd == c->rfd &&
+		    (c->io_want & SSH_CHAN_IO_EFD_R) != 0)
+			pfd[p].events |= POLLIN;
+		if (c->efd == c->rfd &&
+		    (c->io_want & SSH_CHAN_IO_EFD_W) != 0)
+			pfd[p].events |= POLLOUT;
+		/* rfd == sock */
+		if (c->sock == c->rfd &&
+		    (c->io_want & SSH_CHAN_IO_SOCK_R) != 0)
+			pfd[p].events |= POLLIN;
+		if (c->sock == c->rfd &&
+		    (c->io_want & SSH_CHAN_IO_SOCK_W) != 0)
+			pfd[p].events |= POLLOUT;
+		dump_channel_poll(__func__, "rfd", c, p, &pfd[p]);
+		p++;
+	}
+	/* prepare c->wfd (if not already handled above) */
+	if (c->wfd != -1 && c->rfd != c->wfd) {
+		if (c->pollfd_offset == -1)
+			c->pollfd_offset = p;
+		pfd[p].fd = c->wfd;
+		pfd[p].events = 0;
+		if ((c->io_want & SSH_CHAN_IO_WFD) != 0)
+			pfd[p].events = POLLOUT;
+		dump_channel_poll(__func__, "wfd", c, p, &pfd[p]);
+		p++;
+	}
+	/* prepare c->efd (if not already handled above) */
+	if (c->efd != -1 && c->rfd != c->efd) {
+		if (c->pollfd_offset == -1)
+			c->pollfd_offset = p;
+		pfd[p].fd = c->efd;
+		pfd[p].events = 0;
+		if ((c->io_want & SSH_CHAN_IO_EFD_R) != 0)
+			pfd[p].events |= POLLIN;
+		if ((c->io_want & SSH_CHAN_IO_EFD_W) != 0)
+			pfd[p].events |= POLLOUT;
+		dump_channel_poll(__func__, "efd", c, p, &pfd[p]);
+		p++;
+	}
+	/* prepare c->sock (if not already handled above) */
+	if (c->sock != -1 && c->rfd != c->sock) {
+		if (c->pollfd_offset == -1)
+			c->pollfd_offset = p;
+		pfd[p].fd = c->sock;
+		pfd[p].events = 0;
+		if ((c->io_want & SSH_CHAN_IO_SOCK_R) != 0)
+			pfd[p].events |= POLLIN;
+		if ((c->io_want & SSH_CHAN_IO_SOCK_W) != 0)
+			pfd[p].events |= POLLOUT;
+		dump_channel_poll(__func__, "sock", c, p, &pfd[p]);
+		p++;
+	}
+	*next_pollfd = p;
+}
+
+/* * Allocate/prepare poll structure */
 void
-channel_prepare_select(struct ssh *ssh, fd_set **readsetp, fd_set **writesetp,
-    int *maxfdp, u_int *nallocp, time_t *minwait_secs)
+channel_prepare_poll(struct ssh *ssh, struct pollfd **pfdp, u_int *npfd_allocp,
+    u_int *npfd_activep, u_int npfd_reserved, time_t *minwait_secs)
 {
-	u_int n, sz, nfdset;
+	struct ssh_channels *sc = ssh->chanctxt;
+	u_int i, oalloc, p, npfd = npfd_reserved;
+
+	channel_before_prepare_io(ssh); /* might create a new channel */
 
-	channel_before_prepare_select(ssh); /* might update channel_max_fd */
+	/* Allocate 4x pollfd for each channel (rfd, wfd, efd, sock) */
+	if (sc->channels_alloc >= (INT_MAX / 4) - npfd_reserved)
+		fatal_f("too many channels"); /* shouldn't happen */
+	if (!ssh_packet_is_rekeying(ssh))
+		npfd += sc->channels_alloc * 4;
+	if (npfd > *npfd_allocp) {
+		*pfdp = xrecallocarray(*pfdp, *npfd_allocp,
+		    npfd, sizeof(**pfdp));
+		*npfd_allocp = npfd;
+	}
+	*npfd_activep = npfd_reserved;
+	if (ssh_packet_is_rekeying(ssh))
+		return;
 
-	n = MAXIMUM(*maxfdp, ssh->chanctxt->channel_max_fd);
+	oalloc = sc->channels_alloc;
 
-	nfdset = howmany(n+1, NFDBITS);
-	/* Explicitly test here, because xrealloc isn't always called */
-	if (nfdset && SIZE_MAX / nfdset < sizeof(fd_mask))
-		fatal("channel_prepare_select: max_fd (%d) is too large", n);
-	sz = nfdset * sizeof(fd_mask);
+	channel_handler(ssh, CHAN_PRE, minwait_secs);
 
-	/* perhaps check sz < nalloc/2 and shrink? */
-	if (*readsetp == NULL || sz > *nallocp) {
-		*readsetp = xreallocarray(*readsetp, nfdset, sizeof(fd_mask));
-		*writesetp = xreallocarray(*writesetp, nfdset, sizeof(fd_mask));
-		*nallocp = sz;
+	if (oalloc != sc->channels_alloc) {
+		/* shouldn't happen */
+		fatal_f("channels_alloc changed during CHAN_PRE "
+		    "(was %u, now %u)", oalloc, sc->channels_alloc);
 	}
-	*maxfdp = n;
-	memset(*readsetp, 0, sz);
-	memset(*writesetp, 0, sz);
 
-	if (!ssh_packet_is_rekeying(ssh))
-		channel_handler(ssh, CHAN_PRE, *readsetp, *writesetp,
-		    minwait_secs);
+	/* Prepare pollfd */
+	p = npfd_reserved;
+	for (i = 0; i < sc->channels_alloc; i++)
+		channel_prepare_pollfd(sc->channels[i], &p, *pfdp, npfd);
+	*npfd_activep = p;
+}
+
+static void
+fd_ready(Channel *c, u_int p, struct pollfd *pfds, int fd,
+    const char *what, u_int revents_mask, u_int ready)
+{
+	struct pollfd *pfd = &pfds[p];
+
+	if (fd == -1)
+		return;
+	dump_channel_poll(__func__, what, c, p, pfd);
+	if (pfd->fd != fd) {
+		fatal("channel %d: inconsistent %s fd=%d pollfd[%u].fd %d "
+		    "r%d w%d e%d s%d", c->self, what, fd, p, pfd->fd,
+		    c->rfd, c->wfd, c->efd, c->sock);
+	}
+	if ((pfd->revents & POLLNVAL) != 0) {
+		fatal("channel %d: invalid %s pollfd[%u].fd %d r%d w%d e%d s%d",
+		    c->self, what, p, pfd->fd, c->rfd, c->wfd, c->efd, c->sock);
+	}
+	if ((pfd->revents & (revents_mask|POLLHUP|POLLERR)) != 0)
+		c->io_ready |= ready & c->io_want;
 }
 
 /*
- * After select, perform any appropriate operations for channels which have
+ * After poll, perform any appropriate operations for channels which have
  * events pending.
  */
 void
-channel_after_select(struct ssh *ssh, fd_set *readset, fd_set *writeset)
+channel_after_poll(struct ssh *ssh, struct pollfd *pfd, u_int npfd)
 {
-	channel_handler(ssh, CHAN_POST, readset, writeset, NULL);
+	struct ssh_channels *sc = ssh->chanctxt;
+	u_int i, p;
+	Channel *c;
+
+#ifdef DEBUG_CHANNEL_POLL
+	for (p = 0; p < npfd; p++) {
+		if (pfd[p].revents == 0)
+			continue;
+		debug_f("pfd[%u].fd %d rev 0x%04x",
+		    p, pfd[p].fd, pfd[p].revents);
+	}
+#endif
+
+	/* Convert pollfd into c->io_ready */
+	for (i = 0; i < sc->channels_alloc; i++) {
+		c = sc->channels[i];
+		if (c == NULL || c->pollfd_offset < 0)
+			continue;
+		if ((u_int)c->pollfd_offset >= npfd) {
+			/* shouldn't happen */
+			fatal_f("channel %d: (before) bad pfd %u (max %u)",
+			    c->self, c->pollfd_offset, npfd);
+		}
+		/* if rfd is shared with efd/sock then wfd should be too */
+		if (c->rfd != -1 && c->wfd != -1 && c->rfd != c->wfd &&
+		    (c->rfd == c->efd || c->rfd == c->sock)) {
+			/* Shouldn't happen */
+			fatal_f("channel %d: unexpected fds r%d w%d e%d s%d",
+			    c->self, c->rfd, c->wfd, c->efd, c->sock);
+		}
+		c->io_ready = 0;
+		p = c->pollfd_offset;
+		/* rfd, potentially shared with wfd, efd and sock */
+		if (c->rfd != -1) {
+			fd_ready(c, p, pfd, c->rfd, "rfd", POLLIN,
+			    SSH_CHAN_IO_RFD);
+			if (c->rfd == c->wfd) {
+				fd_ready(c, p, pfd, c->wfd, "wfd/r", POLLOUT,
+				    SSH_CHAN_IO_WFD);
+			}
+			if (c->rfd == c->efd) {
+				fd_ready(c, p, pfd, c->efd, "efdr/r", POLLIN,
+				    SSH_CHAN_IO_EFD_R);
+				fd_ready(c, p, pfd, c->efd, "efdw/r", POLLOUT,
+				    SSH_CHAN_IO_EFD_W);
+			}
+			if (c->rfd == c->sock) {
+				fd_ready(c, p, pfd, c->sock, "sockr/r", POLLIN,
+				    SSH_CHAN_IO_SOCK_R);
+				fd_ready(c, p, pfd, c->sock, "sockw/r", POLLOUT,
+				    SSH_CHAN_IO_SOCK_W);
+			}
+			p++;
+		}
+		/* wfd */
+		if (c->wfd != -1 && c->wfd != c->rfd) {
+			fd_ready(c, p, pfd, c->wfd, "wfd", POLLOUT,
+			    SSH_CHAN_IO_WFD);
+			p++;
+		}
+		/* efd */
+		if (c->efd != -1 && c->efd != c->rfd) {
+			fd_ready(c, p, pfd, c->efd, "efdr", POLLIN,
+			    SSH_CHAN_IO_EFD_R);
+			fd_ready(c, p, pfd, c->efd, "efdw", POLLOUT,
+			    SSH_CHAN_IO_EFD_W);
+			p++;
+		}
+		/* sock */
+		if (c->sock != -1 && c->sock != c->rfd) {
+			fd_ready(c, p, pfd, c->sock, "sockr", POLLIN,
+			    SSH_CHAN_IO_SOCK_R);
+			fd_ready(c, p, pfd, c->sock, "sockw", POLLOUT,
+			    SSH_CHAN_IO_SOCK_W);
+			p++;
+		}
+
+		if (p > npfd) {
+			/* shouldn't happen */
+			fatal_f("channel %d: (after) bad pfd %u (max %u)",
+			    c->self, c->pollfd_offset, npfd);
+		}
+	}
+	channel_handler(ssh, CHAN_POST, NULL);
 }
 
 /*
diff --git a/channels.h b/channels.h
index 6bf86b003e53..82f33ba2ff14 100644
--- a/channels.h
+++ b/channels.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: channels.h,v 1.138 2021/05/19 01:24:05 djm Exp $ */
+/* $OpenBSD: channels.h,v 1.141 2022/01/22 00:49:34 djm Exp $ */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -136,6 +136,9 @@ struct Channel {
 	int     wfd;		/* write fd */
 	int     efd;		/* extended fd */
 	int     sock;		/* sock fd */
+	u_int	io_want;	/* bitmask of SSH_CHAN_IO_* */
+	u_int	io_ready;	/* bitmask of SSH_CHAN_IO_* */
+	int	pollfd_offset;	/* base offset into pollfd array (or -1) */
 	int     ctl_chan;	/* control channel (multiplexed connections) */
 	int     isatty;		/* rfd is a tty */
 #ifdef _AIX
@@ -144,10 +147,10 @@ struct Channel {
 	int	client_tty;	/* (client) TTY has been requested */
 	int     force_drain;	/* force close on iEOF */
 	time_t	notbefore;	/* Pause IO until deadline (time_t) */
-	int     delayed;	/* post-select handlers for newly created
+	int     delayed;	/* post-IO handlers for newly created
 				 * channels are delayed until the first call
-				 * to a matching pre-select handler.
-				 * this way post-select handlers are not
+				 * to a matching pre-IO handler.
+				 * this way post-IO handlers are not
 				 * accidentally called if a FD gets reused */
 	int	restore_block;	/* fd mask to restore blocking status */
 	struct sshbuf *input;	/* data read from socket, to be sent over
@@ -231,9 +234,22 @@ struct Channel {
 #define CHAN_EOF_RCVD			0x08
 #define CHAN_LOCAL			0x10
 
+/* file descriptor events */
+#define SSH_CHAN_IO_RFD			0x01
+#define SSH_CHAN_IO_WFD			0x02
+#define SSH_CHAN_IO_EFD_R		0x04
+#define SSH_CHAN_IO_EFD_W		0x08
+#define SSH_CHAN_IO_EFD			(SSH_CHAN_IO_EFD_R|SSH_CHAN_IO_EFD_W)
+#define SSH_CHAN_IO_SOCK_R		0x10
+#define SSH_CHAN_IO_SOCK_W		0x20
+#define SSH_CHAN_IO_SOCK		(SSH_CHAN_IO_SOCK_R|SSH_CHAN_IO_SOCK_W)
+
 /* Read buffer size */
 #define CHAN_RBUF	(16*1024)
 
+/* Maximum size for direct reads to buffers */
+#define CHANNEL_MAX_READ	CHAN_SES_PACKET_DEFAULT
+
 /* Maximum channel input buffer size */
 #define CHAN_INPUT_MAX	(16*1024*1024)
 
@@ -298,10 +314,11 @@ int	 channel_input_window_adjust(int, u_int32_t, struct ssh *);
 int	 channel_input_status_confirm(int, u_int32_t, struct ssh *);
 
 /* file descriptor handling (read/write) */
+struct pollfd;
 
-void	 channel_prepare_select(struct ssh *, fd_set **, fd_set **, int *,
-	    u_int*, time_t*);
-void     channel_after_select(struct ssh *, fd_set *, fd_set *);
+void	 channel_prepare_poll(struct ssh *, struct pollfd **,
+	    u_int *, u_int *, u_int, time_t *);
+void	 channel_after_poll(struct ssh *, struct pollfd *, u_int);
 void     channel_output_poll(struct ssh *);
 
 int      channel_not_very_much_buffered_data(struct ssh *);
diff --git a/clientloop.c b/clientloop.c
index da14d150791d..f8350e67224b 100644
--- a/clientloop.c
+++ b/clientloop.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: clientloop.c,v 1.370 2021/08/29 23:44:07 djm Exp $ */
+/* $OpenBSD: clientloop.c,v 1.378 2022/01/22 00:49:34 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -76,6 +76,9 @@
 #ifdef HAVE_PATHS_H
 #include <paths.h>
 #endif
+#ifdef HAVE_POLL_H
+#include <poll.h>
+#endif
 #include <signal.h>
 #include <stdio.h>
 #include <stdlib.h>
@@ -112,6 +115,9 @@
 #include "ssherr.h"
 #include "hostfile.h"
 
+/* Permitted RSA signature algorithms for UpdateHostkeys proofs */
+#define HOSTKEY_PROOF_RSA_ALGS	"rsa-sha2-512,rsa-sha2-256"
+
 /* import options */
 extern Options options;
 
@@ -184,6 +190,24 @@ static struct global_confirms global_confirms =
     TAILQ_HEAD_INITIALIZER(global_confirms);
 
 void ssh_process_session2_setup(int, int, int, struct sshbuf *);
+static void quit_message(const char *fmt, ...)
+    __attribute__((__format__ (printf, 1, 2)));
+
+static void
+quit_message(const char *fmt, ...)
+{
+	char *msg;
+	va_list args;
+	int r;
+
+	va_start(args, fmt);
+	xvasprintf(&msg, fmt, args);
+	va_end(args);
+
+	if ((r = sshbuf_putf(stderr_buffer, "%s\r\n", msg)) != 0)
+		fatal_fr(r, "sshbuf_putf");
+	quit_pending = 1;
+}
 
 /*
  * Signal handler for the window change signal (SIGWINCH).  This just sets a
@@ -488,37 +512,41 @@ server_alive_check(struct ssh *ssh)
  * one of the file descriptors).
  */
 static void
-client_wait_until_can_do_something(struct ssh *ssh,
-    fd_set **readsetp, fd_set **writesetp,
-    int *maxfdp, u_int *nallocp, int rekeying)
+client_wait_until_can_do_something(struct ssh *ssh, struct pollfd **pfdp,
+    u_int *npfd_allocp, u_int *npfd_activep, int rekeying,
+    int *conn_in_readyp, int *conn_out_readyp)
 {
-	struct timeval tv, *tvp;
-	int timeout_secs;
+	int timeout_secs, pollwait;
 	time_t minwait_secs = 0, now = monotime();
-	int r, ret;
+	int ret;
+	u_int p;
 
-	/* Add any selections by the channel mechanism. */
-	channel_prepare_select(ssh, readsetp, writesetp, maxfdp,
-	    nallocp, &minwait_secs);
+	*conn_in_readyp = *conn_out_readyp = 0;
 
-	/* channel_prepare_select could have closed the last channel */
+	/* Prepare channel poll. First two pollfd entries are reserved */
+	channel_prepare_poll(ssh, pfdp, npfd_allocp, npfd_activep, 2,
+	    &minwait_secs);
+	if (*npfd_activep < 2)
+		fatal_f("bad npfd %u", *npfd_activep); /* shouldn't happen */
+
+	/* channel_prepare_poll could have closed the last channel */
 	if (session_closed && !channel_still_open(ssh) &&
 	    !ssh_packet_have_data_to_write(ssh)) {
-		/* clear mask since we did not call select() */
-		memset(*readsetp, 0, *nallocp);
-		memset(*writesetp, 0, *nallocp);
+		/* clear events since we did not call poll() */
+		for (p = 0; p < *npfd_activep; p++)
+			(*pfdp)[p].revents = 0;
 		return;
 	}
 
-	FD_SET(connection_in, *readsetp);
-
-	/* Select server connection if have data to write to the server. */
-	if (ssh_packet_have_data_to_write(ssh))
-		FD_SET(connection_out, *writesetp);
+	/* Monitor server connection on reserved pollfd entries */
+	(*pfdp)[0].fd = connection_in;
+	(*pfdp)[0].events = POLLIN;
+	(*pfdp)[1].fd = connection_out;
+	(*pfdp)[1].events = ssh_packet_have_data_to_write(ssh) ? POLLOUT : 0;
 
 	/*
 	 * Wait for something to happen.  This will suspend the process until
-	 * some selected descriptor can be read, written, or has some other
+	 * some polled descriptor can be read, written, or has some other
 	 * event pending, or a timeout expires.
 	 */
 
@@ -538,37 +566,41 @@ client_wait_until_can_do_something(struct ssh *ssh,
 	if (minwait_secs != 0)
 		timeout_secs = MINIMUM(timeout_secs, (int)minwait_secs);
 	if (timeout_secs == INT_MAX)
-		tvp = NULL;
-	else {
-		tv.tv_sec = timeout_secs;
-		tv.tv_usec = 0;
-		tvp = &tv;
-	}
+		pollwait = -1;
+	else if (timeout_secs >= INT_MAX / 1000)
+		pollwait = INT_MAX;
+	else
+		pollwait = timeout_secs * 1000;
+
+	ret = poll(*pfdp, *npfd_activep, pollwait);
 
-	ret = select((*maxfdp)+1, *readsetp, *writesetp, NULL, tvp);
 	if (ret == -1) {
 		/*
-		 * We have to clear the select masks, because we return.
+		 * We have to clear the events because we return.
 		 * We have to return, because the mainloop checks for the flags
 		 * set by the signal handlers.
 		 */
-		memset(*readsetp, 0, *nallocp);
-		memset(*writesetp, 0, *nallocp);
+		for (p = 0; p < *npfd_activep; p++)
+			(*pfdp)[p].revents = 0;
 		if (errno == EINTR)
 			return;
 		/* Note: we might still have data in the buffers. */
-		if ((r = sshbuf_putf(stderr_buffer,
-		    "select: %s\r\n", strerror(errno))) != 0)
-			fatal_fr(r, "sshbuf_putf");
-		quit_pending = 1;
-	} else if (options.server_alive_interval > 0 && !FD_ISSET(connection_in,
-	    *readsetp) && monotime() >= server_alive_time)
+		quit_message("poll: %s", strerror(errno));
+		return;
+	}
+
+	*conn_in_readyp = (*pfdp)[0].revents != 0;
+	*conn_out_readyp = (*pfdp)[1].revents != 0;
+
+	if (options.server_alive_interval > 0 && !*conn_in_readyp &&
+	    monotime() >= server_alive_time) {
 		/*
-		 * ServerAlive check is needed. We can't rely on the select
+		 * ServerAlive check is needed. We can't rely on the poll
 		 * timing out since traffic on the client side such as port
 		 * forwards can keep waking it up.
 		 */
 		server_alive_check(ssh);
+	}
 }
 
 static void
@@ -598,53 +630,27 @@ client_suspend_self(struct sshbuf *bin, struct sshbuf *bout, struct sshbuf *berr
 }
 
 static void
-client_process_net_input(struct ssh *ssh, fd_set *readset)
+client_process_net_input(struct ssh *ssh)
 {
-	char buf[SSH_IOBUFSZ];
-	int r, len;
+	int r;
 
 	/*
 	 * Read input from the server, and add any such data to the buffer of
 	 * the packet subsystem.
 	 */
-	if (FD_ISSET(connection_in, readset)) {
-		schedule_server_alive_check();
-		/* Read as much as possible. */
-		len = read(connection_in, buf, sizeof(buf));
-		if (len == 0) {
-			/*
-			 * Received EOF.  The remote host has closed the
-			 * connection.
-			 */
-			if ((r = sshbuf_putf(stderr_buffer,
-			    "Connection to %.300s closed by remote host.\r\n",
-			    host)) != 0)
-				fatal_fr(r, "sshbuf_putf");
-			quit_pending = 1;
+	schedule_server_alive_check();
+	if ((r = ssh_packet_process_read(ssh, connection_in)) == 0)
+		return; /* success */
+	if (r == SSH_ERR_SYSTEM_ERROR) {
+		if (errno == EAGAIN || errno == EINTR || errno == EWOULDBLOCK)
 			return;
-		}
-		/*
-		 * There is a kernel bug on Solaris that causes select to
-		 * sometimes wake up even though there is no data available.
-		 */
-		if (len == -1 &&
-		    (errno == EAGAIN || errno == EINTR || errno == EWOULDBLOCK))
-			len = 0;
-
-		if (len == -1) {
-			/*
-			 * An error has encountered.  Perhaps there is a
-			 * network problem.
-			 */
-			if ((r = sshbuf_putf(stderr_buffer,
-			    "Read from remote host %.300s: %.100s\r\n",
-			    host, strerror(errno))) != 0)
-				fatal_fr(r, "sshbuf_putf");
-			quit_pending = 1;
+		if (errno == EPIPE) {
+			quit_message("Connection to %s closed by remote host.",
+			    host);
 			return;
 		}
-		ssh_packet_process_incoming(ssh, buf, len);
 	}
+	quit_message("Read from remote host %s: %s", host, ssh_err(r));
 }
 
 static void
@@ -1209,11 +1215,12 @@ int
 client_loop(struct ssh *ssh, int have_pty, int escape_char_arg,
     int ssh2_chan_id)
 {
-	fd_set *readset = NULL, *writeset = NULL;
+	struct pollfd *pfd = NULL;
+	u_int npfd_alloc = 0, npfd_active = 0;
 	double start_time, total_time;
-	int r, max_fd = 0, max_fd2 = 0, len;
+	int r, len;
 	u_int64_t ibytes, obytes;
-	u_int nalloc = 0;
+	int conn_in_ready, conn_out_ready;
 
 	debug("Entering interactive session.");
 
@@ -1231,7 +1238,7 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg,
 			fatal_f("pledge(): %s", strerror(errno));
 
 	} else if (options.update_hostkeys) {
-		debug("pledge: filesystem full");
+		debug("pledge: filesystem");
 		if (pledge("stdio rpath wpath cpath unix inet dns proc tty",
 		    NULL) == -1)
 			fatal_f("pledge(): %s", strerror(errno));
@@ -1255,7 +1262,6 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg,
 	exit_status = -1;
 	connection_in = ssh_packet_get_connection_in(ssh);
 	connection_out = ssh_packet_get_connection_out(ssh);
-	max_fd = MAXIMUM(connection_in, connection_out);
 
 	quit_pending = 0;
 
@@ -1335,19 +1341,20 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg,
 		 * Wait until we have something to do (something becomes
 		 * available on one of the descriptors).
 		 */
-		max_fd2 = max_fd;
-		client_wait_until_can_do_something(ssh, &readset, &writeset,
-		    &max_fd2, &nalloc, ssh_packet_is_rekeying(ssh));
+		client_wait_until_can_do_something(ssh, &pfd, &npfd_alloc,
+		    &npfd_active, ssh_packet_is_rekeying(ssh),
+		    &conn_in_ready, &conn_out_ready);
 
 		if (quit_pending)
 			break;
 
 		/* Do channel operations unless rekeying in progress. */
 		if (!ssh_packet_is_rekeying(ssh))
-			channel_after_select(ssh, readset, writeset);
+			channel_after_poll(ssh, pfd, npfd_active);
 
 		/* Buffer input from the connection.  */
-		client_process_net_input(ssh, readset);
+		if (conn_in_ready)
+			client_process_net_input(ssh);
 
 		if (quit_pending)
 			break;
@@ -1360,7 +1367,7 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg,
 		 * Send as much buffered packet data as possible to the
 		 * sender.
 		 */
-		if (FD_ISSET(connection_out, writeset)) {
+		if (conn_out_ready) {
 			if ((r = ssh_packet_write_poll(ssh)) != 0) {
 				sshpkt_fatal(ssh, r,
 				    "%s: ssh_packet_write_poll", __func__);
@@ -1379,8 +1386,7 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg,
 			}
 		}
 	}
-	free(readset);
-	free(writeset);
+	free(pfd);
 
 	/* Terminate the session. */
 
@@ -1420,11 +1426,8 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg,
 	 * In interactive mode (with pseudo tty) display a message indicating
 	 * that the connection has been closed.
 	 */
-	if (have_pty && options.log_level != SYSLOG_LEVEL_QUIET) {
-		if ((r = sshbuf_putf(stderr_buffer,
-		    "Connection to %.64s closed.\r\n", host)) != 0)
-			fatal_fr(r, "sshbuf_putf");
-	}
+	if (have_pty && options.log_level >= SYSLOG_LEVEL_INFO)
+		quit_message("Connection to %s closed.", host);
 
 	/* Output any buffered data for stderr. */
 	if (sshbuf_len(stderr_buffer) > 0) {
@@ -1597,6 +1600,12 @@ client_request_agent(struct ssh *ssh, const char *request_type, int rchan)
 			debug_fr(r, "ssh_get_authentication_socket");
 		return NULL;
 	}
+	if ((r = ssh_agent_bind_hostkey(sock, ssh->kex->initial_hostkey,
+	    ssh->kex->session_id, ssh->kex->initial_sig, 1)) == 0)
+		debug_f("bound agent to hostkey");
+	else
+		debug2_fr(r, "ssh_agent_bind_hostkey");
+
 	c = channel_new(ssh, "authentication agent connection",
 	    SSH_CHANNEL_OPEN, sock, sock, -1,
 	    CHAN_X11_WINDOW_DEFAULT, CHAN_TCP_PACKET_DEFAULT, 0,
@@ -2098,8 +2107,10 @@ client_global_hostkeys_private_confirm(struct ssh *ssh, int type,
 	struct hostkeys_update_ctx *ctx = (struct hostkeys_update_ctx *)_ctx;
 	size_t i, ndone;
 	struct sshbuf *signdata;
-	int r, kexsigtype, use_kexsigtype;
+	int r, plaintype;
 	const u_char *sig;
+	const char *rsa_kexalg = NULL;
+	char *alg = NULL;
 	size_t siglen;
 
 	if (ctx->nnew == 0)
@@ -2110,9 +2121,9 @@ client_global_hostkeys_private_confirm(struct ssh *ssh, int type,
 		hostkeys_update_ctx_free(ctx);
 		return;
 	}
-	kexsigtype = sshkey_type_plain(
-	    sshkey_type_from_name(ssh->kex->hostkey_alg));
-
+	if (sshkey_type_plain(sshkey_type_from_name(
+	    ssh->kex->hostkey_alg)) == KEY_RSA)
+		rsa_kexalg = ssh->kex->hostkey_alg;
 	if ((signdata = sshbuf_new()) == NULL)
 		fatal_f("sshbuf_new failed");
 	/*
@@ -2123,6 +2134,7 @@ client_global_hostkeys_private_confirm(struct ssh *ssh, int type,
 	for (ndone = i = 0; i < ctx->nkeys; i++) {
 		if (ctx->keys_match[i])
 			continue;
+		plaintype = sshkey_type_plain(ctx->keys[i]->type);
 		/* Prepare data to be signed: session ID, unique string, key */
 		sshbuf_reset(signdata);
 		if ( (r = sshbuf_put_cstring(signdata,
@@ -2136,19 +2148,33 @@ client_global_hostkeys_private_confirm(struct ssh *ssh, int type,
 			error_fr(r, "parse sig");
 			goto out;
 		}
+		if ((r = sshkey_get_sigtype(sig, siglen, &alg)) != 0) {
+			error_fr(r, "server gave unintelligible signature "
+			    "for %s key %zu", sshkey_type(ctx->keys[i]), i);
+			goto out;
+		}
 		/*
-		 * For RSA keys, prefer to use the signature type negotiated
-		 * during KEX to the default (SHA1).
+		 * Special case for RSA keys: if a RSA hostkey was negotiated,
+		 * then use its signature type for verification of RSA hostkey
+		 * proofs. Otherwise, accept only RSA-SHA256/512 signatures.
 		 */
-		use_kexsigtype = kexsigtype == KEY_RSA &&
-		    sshkey_type_plain(ctx->keys[i]->type) == KEY_RSA;
-		debug3_f("verify %s key %zu using %s sigalg",
-		    sshkey_type(ctx->keys[i]), i,
-		    use_kexsigtype ? ssh->kex->hostkey_alg : "default");
+		if (plaintype == KEY_RSA && rsa_kexalg == NULL &&
+		    match_pattern_list(alg, HOSTKEY_PROOF_RSA_ALGS, 0) != 1) {
+			debug_f("server used untrusted RSA signature algorithm "
+			    "%s for key %zu, disregarding", alg, i);
+			free(alg);
+			/* zap the key from the list */
+			sshkey_free(ctx->keys[i]);
+			ctx->keys[i] = NULL;
+			ndone++;
+			continue;
+		}
+		debug3_f("verify %s key %zu using sigalg %s",
+		    sshkey_type(ctx->keys[i]), i, alg);
+		free(alg);
 		if ((r = sshkey_verify(ctx->keys[i], sig, siglen,
 		    sshbuf_ptr(signdata), sshbuf_len(signdata),
-		    use_kexsigtype ? ssh->kex->hostkey_alg : NULL, 0,
-		    NULL)) != 0) {
+		    plaintype == KEY_RSA ? rsa_kexalg : NULL, 0, NULL)) != 0) {
 			error_fr(r, "server gave bad signature for %s key %zu",
 			    sshkey_type(ctx->keys[i]), i);
 			goto out;
diff --git a/config.h.in b/config.h.in
index 93d53f2646b4..ff308f8698dc 100644
--- a/config.h.in
+++ b/config.h.in
@@ -19,6 +19,9 @@
 /* The system has incomplete BSM API */
 #undef BROKEN_BSM_API
 
+/* broken in chroots on older kernels */
+#undef BROKEN_CLOSEFROM
+
 /* Define if cmsg_type is not passed correctly */
 #undef BROKEN_CMSG_TYPE
 
@@ -28,6 +31,9 @@
 /* getgroups(0,NULL) will return -1 */
 #undef BROKEN_GETGROUPS
 
+/* getline is not what we expect */
+#undef BROKEN_GETLINE
+
 /* FreeBSD glob does not do what we need */
 #undef BROKEN_GLOB
 
@@ -38,6 +44,9 @@
    */
 #undef BROKEN_ONE_BYTE_DIRENT_D_NAME
 
+/* System poll(2) implementation is broken */
+#undef BROKEN_POLL
+
 /* Can't do comparisons on readv */
 #undef BROKEN_READV_COMPARISON
 
@@ -282,6 +291,9 @@
 /* Define to 1 if you have the `closefrom' function. */
 #undef HAVE_CLOSEFROM
 
+/* Define to 1 if you have the `close_range' function. */
+#undef HAVE_CLOSE_RANGE
+
 /* Define if gai_strerror() returns const char * */
 #undef HAVE_CONST_GAI_STRERROR_PROTO
 
@@ -579,9 +591,15 @@
 /* Define to 1 if you have the <features.h> header file. */
 #undef HAVE_FEATURES_H
 
+/* Define to 1 if you have the `fido_assert_set_clientdata' function. */
+#undef HAVE_FIDO_ASSERT_SET_CLIENTDATA
+
 /* Define to 1 if you have the `fido_cred_prot' function. */
 #undef HAVE_FIDO_CRED_PROT
 
+/* Define to 1 if you have the `fido_cred_set_clientdata' function. */
+#undef HAVE_FIDO_CRED_SET_CLIENTDATA
+
 /* Define to 1 if you have the `fido_cred_set_prot' function. */
 #undef HAVE_FIDO_CRED_SET_PROT
 
@@ -943,12 +961,6 @@
 /* Define to 1 if you have the `mbtowc' function. */
 #undef HAVE_MBTOWC
 
-/* Define to 1 if you have the `md5_crypt' function. */
-#undef HAVE_MD5_CRYPT
-
-/* Define if you want to allow MD5 passwords */
-#undef HAVE_MD5_PASSWORDS
-
 /* Define to 1 if you have the `memmem' function. */
 #undef HAVE_MEMMEM
 
@@ -988,6 +1000,9 @@
 /* Define if you are on NeXT */
 #undef HAVE_NEXT
 
+/* Define to 1 if the system has the type `nfds_t'. */
+#undef HAVE_NFDS_T
+
 /* Define to 1 if you have the `ngetaddrinfo' function. */
 #undef HAVE_NGETADDRINFO
 
@@ -1052,6 +1067,9 @@
 /* Define to 1 if you have the <poll.h> header file. */
 #undef HAVE_POLL_H
 
+/* Define to 1 if you have the `ppoll' function. */
+#undef HAVE_PPOLL
+
 /* Define to 1 if you have the `prctl' function. */
 #undef HAVE_PRCTL
 
@@ -1401,6 +1419,9 @@
 /* Define to 1 if `pw_gecos' is a member of `struct passwd'. */
 #undef HAVE_STRUCT_PASSWD_PW_GECOS
 
+/* Define to 1 if `fd' is a member of `struct pollfd'. */
+#undef HAVE_STRUCT_POLLFD_FD
+
 /* define if you have struct sockaddr_in6 data type */
 #undef HAVE_STRUCT_SOCKADDR_IN6
 
@@ -1482,6 +1503,9 @@
 /* Define if your system defines sys_nerr */
 #undef HAVE_SYS_NERR
 
+/* Define to 1 if you have the <sys/param.h> header file. */
+#undef HAVE_SYS_PARAM_H
+
 /* Define to 1 if you have the <sys/poll.h> header file. */
 #undef HAVE_SYS_POLL_H
 
diff --git a/configure b/configure
index d40e942303a3..100203cbe5cd 100755
--- a/configure
+++ b/configure
@@ -645,7 +645,6 @@ SSHDLIBS
 SSH_PRIVSEP_USER
 LIBFIDO2
 SK_DUMMY_LIBRARY
-TEST_SSH_ECC
 PICFLAG
 LIBEDIT
 PKGCONFIG
@@ -776,7 +775,6 @@ with_xauth
 enable_strip
 with_maildir
 with_mantype
-with_md5_passwords
 with_shadow
 with_ipaddr_display
 enable_etc_default_login
@@ -1482,7 +1480,6 @@ Optional Packages:
   --with-xauth=PATH       Specify path to xauth program
   --with-maildir=/path/to/mail    Specify your system mail directory
   --with-mantype=man|cat|doc  Set man page type
-  --with-md5-passwords    Enable use of MD5 passwords
   --without-shadow        Disable shadow password support
   --with-ipaddr-display   Use ip address instead of hostname in $DISPLAY
   --with-default-path=    Specify default $PATH environment for server
@@ -2034,6 +2031,63 @@ $as_echo "$ac_res" >&6; }
 
 } # ac_fn_c_check_type
 
+# ac_fn_c_check_member LINENO AGGR MEMBER VAR INCLUDES
+# ----------------------------------------------------
+# Tries to find if the field MEMBER exists in type AGGR, after including
+# INCLUDES, setting cache variable VAR accordingly.
+ac_fn_c_check_member ()
+{
+  as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2.$3" >&5
+$as_echo_n "checking for $2.$3... " >&6; }
+if eval \${$4+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+$5
+int
+main ()
+{
+static $2 ac_aggr;
+if (ac_aggr.$3)
+return 0;
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  eval "$4=yes"
+else
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+$5
+int
+main ()
+{
+static $2 ac_aggr;
+if (sizeof ac_aggr.$3)
+return 0;
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  eval "$4=yes"
+else
+  eval "$4=no"
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+eval ac_res=\$$4
+	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+  eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
+
+} # ac_fn_c_check_member
+
 # ac_fn_c_compute_int LINENO EXPR VAR INCLUDES
 # --------------------------------------------
 # Tries to find the compile-time value of EXPR in a program that includes
@@ -2216,63 +2270,6 @@ rm -f conftest.val
   as_fn_set_status $ac_retval
 
 } # ac_fn_c_compute_int
-
-# ac_fn_c_check_member LINENO AGGR MEMBER VAR INCLUDES
-# ----------------------------------------------------
-# Tries to find if the field MEMBER exists in type AGGR, after including
-# INCLUDES, setting cache variable VAR accordingly.
-ac_fn_c_check_member ()
-{
-  as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
-  { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2.$3" >&5
-$as_echo_n "checking for $2.$3... " >&6; }
-if eval \${$4+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-$5
-int
-main ()
-{
-static $2 ac_aggr;
-if (ac_aggr.$3)
-return 0;
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-  eval "$4=yes"
-else
-  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-$5
-int
-main ()
-{
-static $2 ac_aggr;
-if (sizeof ac_aggr.$3)
-return 0;
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-  eval "$4=yes"
-else
-  eval "$4=no"
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-fi
-eval ac_res=\$$4
-	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
-$as_echo "$ac_res" >&6; }
-  eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
-
-} # ac_fn_c_check_member
 cat >config.log <<_ACEOF
 This file contains any messages produced by compilers while
 running configure, to aid debugging if configure makes a mistake.
@@ -2642,7 +2639,7 @@ ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
 ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
 ac_compiler_gnu=$ac_cv_c_compiler_gnu
 if test -n "$ac_tool_prefix"; then
-  for ac_prog in cc gcc
+  for ac_prog in cc gcc clang
   do
     # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args.
 set dummy $ac_tool_prefix$ac_prog; ac_word=$2
@@ -2686,7 +2683,7 @@ fi
 fi
 if test -z "$CC"; then
   ac_ct_CC=$CC
-  for ac_prog in cc gcc
+  for ac_prog in cc gcc clang
 do
   # Extract the first word of "$ac_prog", so it can be a program name with args.
 set dummy $ac_prog; ac_word=$2
@@ -6307,6 +6304,114 @@ int main(int argc, char **argv) {
 _ACEOF
 if ac_fn_c_try_compile "$LINENO"; then :
 
+if $ac_cv_path_EGREP -i "unrecognized option|warning.*ignored" conftest.err >/dev/null
+then
+		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+		CFLAGS="$saved_CFLAGS"
+else
+		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+$as_echo "yes" >&6; }
+		 CFLAGS="$saved_CFLAGS $_define_flag"
+fi
+else
+   { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+		  CFLAGS="$saved_CFLAGS"
+
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+}
+	{
+	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -Wmisleading-indentation" >&5
+$as_echo_n "checking if $CC supports compile flag -Wmisleading-indentation... " >&6; }
+	saved_CFLAGS="$CFLAGS"
+	CFLAGS="$CFLAGS $WERROR -Wmisleading-indentation"
+	_define_flag=""
+	test "x$_define_flag" = "x" && _define_flag="-Wmisleading-indentation"
+	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+#include <stdlib.h>
+#include <stdio.h>
+int main(int argc, char **argv) {
+	(void)argv;
+	/* Some math to catch -ftrapv problems in the toolchain */
+	int i = 123 * argc, j = 456 + argc, k = 789 - argc;
+	float l = i * 2.1;
+	double m = l / 0.5;
+	long long int n = argc * 12345LL, o = 12345LL * (long long int)argc;
+	printf("%d %d %d %f %f %lld %lld\n", i, j, k, l, m, n, o);
+	/*
+	 * Test fallthrough behaviour.  clang 10's -Wimplicit-fallthrough does
+	 * not understand comments and we don't use the "fallthrough" attribute
+	 * that it's looking for.
+	 */
+	switch(i){
+	case 0: j += i;
+		/* FALLTHROUGH */
+	default: j += k;
+	}
+	exit(0);
+}
+
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+
+if $ac_cv_path_EGREP -i "unrecognized option|warning.*ignored" conftest.err >/dev/null
+then
+		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+		CFLAGS="$saved_CFLAGS"
+else
+		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+$as_echo "yes" >&6; }
+		 CFLAGS="$saved_CFLAGS $_define_flag"
+fi
+else
+   { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+		  CFLAGS="$saved_CFLAGS"
+
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+}
+	{
+	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -Wbitwise-instead-of-logical" >&5
+$as_echo_n "checking if $CC supports compile flag -Wbitwise-instead-of-logical... " >&6; }
+	saved_CFLAGS="$CFLAGS"
+	CFLAGS="$CFLAGS $WERROR -Wbitwise-instead-of-logical"
+	_define_flag=""
+	test "x$_define_flag" = "x" && _define_flag="-Wbitwise-instead-of-logical"
+	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+#include <stdlib.h>
+#include <stdio.h>
+int main(int argc, char **argv) {
+	(void)argv;
+	/* Some math to catch -ftrapv problems in the toolchain */
+	int i = 123 * argc, j = 456 + argc, k = 789 - argc;
+	float l = i * 2.1;
+	double m = l / 0.5;
+	long long int n = argc * 12345LL, o = 12345LL * (long long int)argc;
+	printf("%d %d %d %f %f %lld %lld\n", i, j, k, l, m, n, o);
+	/*
+	 * Test fallthrough behaviour.  clang 10's -Wimplicit-fallthrough does
+	 * not understand comments and we don't use the "fallthrough" attribute
+	 * that it's looking for.
+	 */
+	switch(i){
+	case 0: j += i;
+		/* FALLTHROUGH */
+	default: j += k;
+	}
+	exit(0);
+}
+
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+
 if $ac_cv_path_EGREP -i "unrecognized option|warning.*ignored" conftest.err >/dev/null
 then
 		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
@@ -6722,6 +6827,114 @@ $as_echo "no" >&6; }
 fi
 rm -f core conftest.err conftest.$ac_objext \
     conftest$ac_exeext conftest.$ac_ext
+}
+	{
+	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -fzero-call-used-regs=all" >&5
+$as_echo_n "checking if $CC supports compile flag -fzero-call-used-regs=all... " >&6; }
+	saved_CFLAGS="$CFLAGS"
+	CFLAGS="$CFLAGS $WERROR -fzero-call-used-regs=all"
+	_define_flag=""
+	test "x$_define_flag" = "x" && _define_flag="-fzero-call-used-regs=all"
+	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+#include <stdlib.h>
+#include <stdio.h>
+int main(int argc, char **argv) {
+	(void)argv;
+	/* Some math to catch -ftrapv problems in the toolchain */
+	int i = 123 * argc, j = 456 + argc, k = 789 - argc;
+	float l = i * 2.1;
+	double m = l / 0.5;
+	long long int n = argc * 12345LL, o = 12345LL * (long long int)argc;
+	printf("%d %d %d %f %f %lld %lld\n", i, j, k, l, m, n, o);
+	/*
+	 * Test fallthrough behaviour.  clang 10's -Wimplicit-fallthrough does
+	 * not understand comments and we don't use the "fallthrough" attribute
+	 * that it's looking for.
+	 */
+	switch(i){
+	case 0: j += i;
+		/* FALLTHROUGH */
+	default: j += k;
+	}
+	exit(0);
+}
+
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+
+if $ac_cv_path_EGREP -i "unrecognized option|warning.*ignored" conftest.err >/dev/null
+then
+		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+		CFLAGS="$saved_CFLAGS"
+else
+		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+$as_echo "yes" >&6; }
+		 CFLAGS="$saved_CFLAGS $_define_flag"
+fi
+else
+   { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+		  CFLAGS="$saved_CFLAGS"
+
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+}
+	{
+	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -ftrivial-auto-var-init=zero" >&5
+$as_echo_n "checking if $CC supports compile flag -ftrivial-auto-var-init=zero... " >&6; }
+	saved_CFLAGS="$CFLAGS"
+	CFLAGS="$CFLAGS $WERROR -ftrivial-auto-var-init=zero"
+	_define_flag=""
+	test "x$_define_flag" = "x" && _define_flag="-ftrivial-auto-var-init=zero"
+	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+#include <stdlib.h>
+#include <stdio.h>
+int main(int argc, char **argv) {
+	(void)argv;
+	/* Some math to catch -ftrapv problems in the toolchain */
+	int i = 123 * argc, j = 456 + argc, k = 789 - argc;
+	float l = i * 2.1;
+	double m = l / 0.5;
+	long long int n = argc * 12345LL, o = 12345LL * (long long int)argc;
+	printf("%d %d %d %f %f %lld %lld\n", i, j, k, l, m, n, o);
+	/*
+	 * Test fallthrough behaviour.  clang 10's -Wimplicit-fallthrough does
+	 * not understand comments and we don't use the "fallthrough" attribute
+	 * that it's looking for.
+	 */
+	switch(i){
+	case 0: j += i;
+		/* FALLTHROUGH */
+	default: j += k;
+	}
+	exit(0);
+}
+
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+
+if $ac_cv_path_EGREP -i "unrecognized option|warning.*ignored" conftest.err >/dev/null
+then
+		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+		CFLAGS="$saved_CFLAGS"
+else
+		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+$as_echo "yes" >&6; }
+		 CFLAGS="$saved_CFLAGS $_define_flag"
+fi
+else
+   { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+		  CFLAGS="$saved_CFLAGS"
+
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
 }
     fi
 	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking gcc version" >&5
@@ -7135,6 +7348,7 @@ for ac_header in  \
 	sys/mman.h \
 	sys/label.h \
 	sys/ndir.h \
+	sys/param.h \
 	sys/poll.h \
 	sys/prctl.h \
 	sys/procctl.h \
@@ -7896,6 +8110,11 @@ _ACEOF
 fi
 done
 
+	# poll(2) is broken for character-special devices (at least).
+	# cf. Apple bug 3710161 (not public, but searchable)
+
+$as_echo "#define BROKEN_POLL 1" >>confdefs.h
+
 	;;
 *-*-dragonfly*)
 	SSHDLIBS="$SSHDLIBS -lcrypt"
@@ -8028,6 +8247,9 @@ fi
 		if test -z "$GCC"; then
 			CFLAGS="$CFLAGS -Ae"
 		fi
+
+$as_echo "#define BROKEN_GETLINE 1" >>confdefs.h
+
 		;;
 	*-*-hpux11*)
 
@@ -8128,6 +8350,9 @@ $as_echo "#define USE_BTMP 1" >>confdefs.h
 	check_for_openpty_ctty_bug=1
 			CPPFLAGS="$CPPFLAGS -D_XOPEN_SOURCE=600 -D_BSD_SOURCE -D_DEFAULT_SOURCE"
 
+$as_echo "#define BROKEN_CLOSEFROM 1" >>confdefs.h
+
+
 $as_echo "#define PAM_TTY_KLUDGE 1" >>confdefs.h
 
 
@@ -8344,6 +8569,14 @@ _ACEOF
 		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: architecture not supported" >&5
 $as_echo "architecture not supported" >&6; }
 	fi
+	;;
+*-*-minix)
+	$as_echo "#define SETEUID_BREAKS_SETUID 1" >>confdefs.h
+
+	# poll(2) seems to choke on /dev/null; "Bad file descriptor"
+
+$as_echo "#define BROKEN_POLL 1" >>confdefs.h
+
 	;;
 mips-sony-bsd|mips-sony-newsos4)
 
@@ -8405,6 +8638,11 @@ $as_echo "#define BROKEN_GLOB 1" >>confdefs.h
 
 $as_echo "#define SANDBOX_SKIP_RLIMIT_NOFILE 1" >>confdefs.h
 
+	case "$host" in
+	*-*-freebsd9.*|*-*-freebsd10.*)
+		# Capsicum on 9 and 10 do not allow ppoll() so don't auto-enable.
+		disable_capsicum=yes
+	esac
 	;;
 *-*-bsdi*)
 	$as_echo "#define SETEUID_BREAKS_SETUID 1" >>confdefs.h
@@ -11461,6 +11699,7 @@ for ac_func in  \
 	cap_rights_limit \
 	clock \
 	closefrom \
+	close_range \
 	dirfd \
 	endgrent \
 	err \
@@ -11503,7 +11742,6 @@ for ac_func in  \
 	localtime_r \
 	login_getcapbool \
 	login_getpwclass \
-	md5_crypt \
 	memmem \
 	memmove \
 	memset_s \
@@ -11514,6 +11752,7 @@ for ac_func in  \
 	openlog_r \
 	pledge \
 	poll \
+	ppoll \
 	prctl \
 	procctl \
 	pselect \
@@ -13240,23 +13479,17 @@ if test "${with_ssl_dir+set}" = set; then :
 				./*|../*)	withval="`pwd`/$withval"
 			esac
 			if test -d "$withval/lib"; then
-				if test -n "${rpath_opt}"; then
-					LDFLAGS="-L${withval}/lib ${rpath_opt}${withval}/lib ${LDFLAGS}"
-				else
-					LDFLAGS="-L${withval}/lib ${LDFLAGS}"
-				fi
+				libcrypto_path="${withval}/lib"
 			elif test -d "$withval/lib64"; then
-				if test -n "${rpath_opt}"; then
-					LDFLAGS="-L${withval}/lib64 ${rpath_opt}${withval}/lib64 ${LDFLAGS}"
-				else
-					LDFLAGS="-L${withval}/lib64 ${LDFLAGS}"
-				fi
+				libcrypto_path="$withval/lib64"
 			else
-				if test -n "${rpath_opt}"; then
-					LDFLAGS="-L${withval} ${rpath_opt}${withval} ${LDFLAGS}"
-				else
-					LDFLAGS="-L${withval} ${LDFLAGS}"
-				fi
+				# Built but not installed
+				libcrypto_path="${withval}"
+			fi
+			if test -n "${rpath_opt}"; then
+				LDFLAGS="-L${libcrypto_path} ${rpath_opt}${libcrypto_path} ${LDFLAGS}"
+			else
+				LDFLAGS="-L${libcrypto_path} ${LDFLAGS}"
 			fi
 			if test -d "$withval/include"; then
 				CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
@@ -14173,8 +14406,6 @@ fi
 rm -f core conftest.err conftest.$ac_objext \
     conftest$ac_exeext conftest.$ac_ext
 
-	TEST_SSH_ECC=no
-
 	if test x$enable_nistp256 = x1 || test x$enable_nistp384 = x1 || \
 	    test x$enable_nistp521 = x1; then
 
@@ -14199,7 +14430,6 @@ done
 
 $as_echo "#define OPENSSL_HAS_NISTP256 1" >>confdefs.h
 
-		TEST_SSH_ECC=yes
 	else
 		unsupported_algorithms="$unsupported_algorithms \
 			ecdsa-sha2-nistp256 \
@@ -14210,7 +14440,6 @@ $as_echo "#define OPENSSL_HAS_NISTP256 1" >>confdefs.h
 
 $as_echo "#define OPENSSL_HAS_NISTP384 1" >>confdefs.h
 
-		TEST_SSH_ECC=yes
 	else
 		unsupported_algorithms="$unsupported_algorithms \
 			ecdsa-sha2-nistp384 \
@@ -14221,7 +14450,6 @@ $as_echo "#define OPENSSL_HAS_NISTP384 1" >>confdefs.h
 
 $as_echo "#define OPENSSL_HAS_NISTP521 1" >>confdefs.h
 
-		TEST_SSH_ECC=yes
 	else
 		unsupported_algorithms="$unsupported_algorithms \
 			ecdh-sha2-nistp521 \
@@ -14229,7 +14457,6 @@ $as_echo "#define OPENSSL_HAS_NISTP521 1" >>confdefs.h
 			ecdsa-sha2-nistp521-cert-v01@openssh.com"
 	fi
 
-
 else
 	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for crypt in -lcrypt" >&5
 $as_echo_n "checking for crypt in -lcrypt... " >&6; }
@@ -14289,10 +14516,6 @@ enable_pkcs11=yes
 enable_sk=yes
 if test "x$openssl" != "xyes" ; then
 	enable_pkcs11="disabled; missing libcrypto"
-	enable_sk="disabled; missing libcrypto"
-fi
-if test "x$openssl_ecc" != "xyes" ; then
-	enable_sk="disabled; OpenSSL has no ECC support"
 fi
 if test "x$ac_cv_func_dlopen" != "xyes" ; then
 	enable_pkcs11="disabled; missing dlopen(3)"
@@ -14507,8 +14730,10 @@ fi
 	saved_LIBS="$LIBS"
 	LIBS="$LIBS $LIBFIDO2"
 	for ac_func in  \
+		fido_assert_set_clientdata \
 		fido_cred_prot \
 		fido_cred_set_prot \
+		fido_cred_set_clientdata \
 		fido_dev_get_touch_begin \
 		fido_dev_get_touch_status \
 		fido_dev_supports_cred_prot \
@@ -15097,11 +15322,12 @@ if test "${with_sandbox+set}" = set; then :
 fi
 
 
-# Some platforms (seems to be the ones that have a kernel poll(2)-type
-# function with which they implement select(2)) use an extra file descriptor
-# when calling select(2), which means we can't use the rlimit sandbox.
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if select works with descriptor rlimit" >&5
-$as_echo_n "checking if select works with descriptor rlimit... " >&6; }
+# POSIX specifies that poll() "shall fail with EINVAL if the nfds argument
+# is greater than OPEN_MAX".  On some platforms that includes implementions
+# ofselect in userspace on top of poll() so check both work with rlimit NOFILES
+# so check that both work before enabling the rlimit sandbox.
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if select and/or poll works with descriptor rlimit" >&5
+$as_echo_n "checking if select and/or poll works with descriptor rlimit... " >&6; }
 if test "$cross_compiling" = yes; then :
   { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: assuming yes" >&5
 $as_echo "$as_me: WARNING: cross compiling: assuming yes" >&2;}
@@ -15119,6 +15345,11 @@ else
 #ifdef HAVE_SYS_SELECT_H
 # include <sys/select.h>
 #endif
+#ifdef HAVE_POLL_H
+# include <poll.h>
+#elif HAVE_SYS_POLL_H
+# include <sys/poll.h>
+#endif
 #include <errno.h>
 #include <fcntl.h>
 #include <stdlib.h>
@@ -15131,6 +15362,9 @@ main ()
 	int fd, r;
 	fd_set fds;
 	struct timeval tv;
+#ifdef HAVE_POLL
+	struct pollfd pfd;
+#endif
 
 	fd = open("/dev/null", O_RDONLY);
 	FD_ZERO(&fds);
@@ -15141,7 +15375,16 @@ main ()
 	tv.tv_sec = 1;
 	tv.tv_usec = 0;
 	r = select(fd+1, &fds, NULL, NULL, &tv);
-	exit (r == -1 ? 1 : 0);
+	if (r == -1)
+		exit(1);
+#ifdef HAVE_POLL
+	pfd.fd = fd;
+	pfd.events = POLLIN;
+	r = poll(&pfd, 1, 1);
+	if (r == -1)
+		exit(2);
+#endif
+	exit(0);
 
   ;
   return 0;
@@ -15161,6 +15404,46 @@ rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \
 fi
 
 
+ac_fn_c_check_member "$LINENO" "struct pollfd" "fd" "ac_cv_member_struct_pollfd_fd" "
+#include <sys/types.h>
+#ifdef HAVE_POLL_H
+#include <poll.h>
+#endif
+#ifdef HAVE_SYS_POLL_H
+#include <sys/poll.h>
+#endif
+
+"
+if test "x$ac_cv_member_struct_pollfd_fd" = xyes; then :
+
+cat >>confdefs.h <<_ACEOF
+#define HAVE_STRUCT_POLLFD_FD 1
+_ACEOF
+
+
+fi
+
+
+ac_fn_c_check_type "$LINENO" "nfds_t" "ac_cv_type_nfds_t" "
+#include <sys/types.h>
+#ifdef HAVE_POLL_H
+#include <poll.h>
+#endif
+#ifdef HAVE_SYS_POLL_H
+#include <sys/poll.h>
+#endif
+
+"
+if test "x$ac_cv_type_nfds_t" = xyes; then :
+
+cat >>confdefs.h <<_ACEOF
+#define HAVE_NFDS_T 1
+_ACEOF
+
+
+fi
+
+
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking if setrlimit(RLIMIT_NOFILE,{0,0}) works" >&5
 $as_echo_n "checking if setrlimit(RLIMIT_NOFILE,{0,0}) works... " >&6; }
 if test "$cross_compiling" = yes; then :
@@ -15300,6 +15583,7 @@ $as_echo "#define SANDBOX_SECCOMP_FILTER 1" >>confdefs.h
 
 elif test "x$sandbox_arg" = "xcapsicum" || \
      ( test -z "$sandbox_arg" && \
+       test "x$disable_capsicum" != "xyes" && \
        test "x$ac_cv_header_sys_capsicum_h" = "xyes" && \
        test "x$ac_cv_func_cap_rights_limit" = "xyes") ; then
        test "x$ac_cv_header_sys_capsicum_h" != "xyes" && \
@@ -19843,23 +20127,6 @@ else
 fi
 
 
-# Check whether to enable MD5 passwords
-MD5_MSG="no"
-
-# Check whether --with-md5-passwords was given.
-if test "${with_md5_passwords+set}" = set; then :
-  withval=$with_md5_passwords;
-		if test "x$withval" != "xno" ; then
-
-$as_echo "#define HAVE_MD5_PASSWORDS 1" >>confdefs.h
-
-			MD5_MSG="yes"
-		fi
-
-
-fi
-
-
 # Whether to disable shadow password support
 
 # Check whether --with-shadow was given.
@@ -21998,7 +22265,6 @@ echo "                       PAM support: $PAM_MSG"
 echo "                   OSF SIA support: $SIA_MSG"
 echo "                 KerberosV support: $KRB5_MSG"
 echo "                   SELinux support: $SELINUX_MSG"
-echo "              MD5 password support: $MD5_MSG"
 echo "                   libedit support: $LIBEDIT_MSG"
 echo "                   libldns support: $LDNS_MSG"
 echo "  Solaris process contract support: $SPC_MSG"
diff --git a/configure.ac b/configure.ac
index 413913a7c72e..17fb1e609fbd 100644
--- a/configure.ac
+++ b/configure.ac
@@ -19,7 +19,7 @@ AC_CONFIG_SRCDIR([ssh.c])
 AC_LANG([C])
 
 AC_CONFIG_HEADERS([config.h])
-AC_PROG_CC([cc gcc])
+AC_PROG_CC([cc gcc clang])
 
 # XXX relax this after reimplementing logit() etc.
 AC_MSG_CHECKING([if $CC supports C99-style variadic macros])
@@ -176,6 +176,8 @@ if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
 	OSSH_CHECK_CFLAG_COMPILE([-Wunused-parameter], [-Wno-unused-parameter])
 	OSSH_CHECK_CFLAG_COMPILE([-Wunused-result], [-Wno-unused-result])
 	OSSH_CHECK_CFLAG_COMPILE([-Wimplicit-fallthrough])
+	OSSH_CHECK_CFLAG_COMPILE([-Wmisleading-indentation])
+	OSSH_CHECK_CFLAG_COMPILE([-Wbitwise-instead-of-logical])
 	OSSH_CHECK_CFLAG_COMPILE([-fno-strict-aliasing])
     if test "x$use_toolchain_hardening" = "x1"; then
 	OSSH_CHECK_CFLAG_COMPILE([-mretpoline]) # clang
@@ -190,6 +192,8 @@ if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
 	# actually links. The test program compiled/linked includes a number
 	# of integer operations that should exercise this.
 	OSSH_CHECK_CFLAG_LINK([-ftrapv])
+	OSSH_CHECK_CFLAG_COMPILE([-fzero-call-used-regs=all])
+	OSSH_CHECK_CFLAG_COMPILE([-ftrivial-auto-var-init=zero])
     fi
 	AC_MSG_CHECKING([gcc version])
 	GCC_VER=`$CC -v 2>&1 | $AWK '/gcc version /{print $3}'`
@@ -452,6 +456,7 @@ AC_CHECK_HEADERS([ \
 	sys/mman.h \
 	sys/label.h \
 	sys/ndir.h \
+	sys/param.h \
 	sys/poll.h \
 	sys/prctl.h \
 	sys/procctl.h \
@@ -727,6 +732,10 @@ main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
 	# proc_pidinfo()-based closefrom() replacement.
 	AC_CHECK_HEADERS([libproc.h])
 	AC_CHECK_FUNCS([proc_pidinfo])
+	# poll(2) is broken for character-special devices (at least).
+	# cf. Apple bug 3710161 (not public, but searchable)
+	AC_DEFINE([BROKEN_POLL], [1],
+	    [System poll(2) implementation is broken])
 	;;
 *-*-dragonfly*)
 	SSHDLIBS="$SSHDLIBS -lcrypt"
@@ -761,6 +770,7 @@ main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
 		if test -z "$GCC"; then
 			CFLAGS="$CFLAGS -Ae"
 		fi
+		AC_DEFINE([BROKEN_GETLINE], [1], [getline is not what we expect])
 		;;
 	*-*-hpux11*)
 		AC_DEFINE([PAM_SUN_CODEBASE], [1],
@@ -834,6 +844,7 @@ main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
 	dnl Target SUSv3/POSIX.1-2001 plus BSD specifics.
 	dnl _DEFAULT_SOURCE is the new name for _BSD_SOURCE
 	CPPFLAGS="$CPPFLAGS -D_XOPEN_SOURCE=600 -D_BSD_SOURCE -D_DEFAULT_SOURCE"
+	AC_DEFINE([BROKEN_CLOSEFROM], [1], [broken in chroots on older kernels])
 	AC_DEFINE([PAM_TTY_KLUDGE], [1],
 		[Work around problematic Linux PAM modules handling of PAM_TTY])
 	AC_DEFINE([LOCKED_PASSWD_PREFIX], ["!"],
@@ -957,6 +968,12 @@ main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
 		AC_MSG_RESULT([architecture not supported])
 	fi
 	;;
+*-*-minix)
+	AC_DEFINE([SETEUID_BREAKS_SETUID])
+	# poll(2) seems to choke on /dev/null; "Bad file descriptor"
+	AC_DEFINE([BROKEN_POLL], [1],
+	    [System poll(2) implementation is broken])
+	;;
 mips-sony-bsd|mips-sony-newsos4)
 	AC_DEFINE([NEED_SETPGRP], [1], [Need setpgrp to acquire controlling tty])
 	SONY=1
@@ -988,6 +1005,11 @@ mips-sony-bsd|mips-sony-newsos4)
 	# and will crash if they cannot be opened.
 	AC_DEFINE([SANDBOX_SKIP_RLIMIT_NOFILE], [1],
 	    [define if setrlimit RLIMIT_NOFILE breaks things])
+	case "$host" in
+	*-*-freebsd9.*|*-*-freebsd10.*)
+		# Capsicum on 9 and 10 do not allow ppoll() so don't auto-enable.
+		disable_capsicum=yes
+	esac
 	;;
 *-*-bsdi*)
 	AC_DEFINE([SETEUID_BREAKS_SETUID])
@@ -1815,6 +1837,7 @@ AC_CHECK_FUNCS([ \
 	cap_rights_limit \
 	clock \
 	closefrom \
+	close_range \
 	dirfd \
 	endgrent \
 	err \
@@ -1857,7 +1880,6 @@ AC_CHECK_FUNCS([ \
 	localtime_r \
 	login_getcapbool \
 	login_getpwclass \
-	md5_crypt \
 	memmem \
 	memmove \
 	memset_s \
@@ -1868,6 +1890,7 @@ AC_CHECK_FUNCS([ \
 	openlog_r \
 	pledge \
 	poll \
+	ppoll \
 	prctl \
 	procctl \
 	pselect \
@@ -2620,23 +2643,17 @@ AC_ARG_WITH([ssl-dir],
 				./*|../*)	withval="`pwd`/$withval"
 			esac
 			if test -d "$withval/lib"; then
-				if test -n "${rpath_opt}"; then
-					LDFLAGS="-L${withval}/lib ${rpath_opt}${withval}/lib ${LDFLAGS}"
-				else
-					LDFLAGS="-L${withval}/lib ${LDFLAGS}"
-				fi
+				libcrypto_path="${withval}/lib"
 			elif test -d "$withval/lib64"; then
-				if test -n "${rpath_opt}"; then
-					LDFLAGS="-L${withval}/lib64 ${rpath_opt}${withval}/lib64 ${LDFLAGS}"
-				else
-					LDFLAGS="-L${withval}/lib64 ${LDFLAGS}"
-				fi
+				libcrypto_path="$withval/lib64"
 			else
-				if test -n "${rpath_opt}"; then
-					LDFLAGS="-L${withval} ${rpath_opt}${withval} ${LDFLAGS}"
-				else
-					LDFLAGS="-L${withval} ${LDFLAGS}"
-				fi
+				# Built but not installed
+				libcrypto_path="${withval}"
+			fi
+			if test -n "${rpath_opt}"; then
+				LDFLAGS="-L${libcrypto_path} ${rpath_opt}${libcrypto_path} ${LDFLAGS}"
+			else
+				LDFLAGS="-L${libcrypto_path} ${LDFLAGS}"
 			fi
 			if test -d "$withval/include"; then
 				CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
@@ -3103,8 +3120,6 @@ if test "x$openssl" = "xyes" ; then
 		AC_MSG_RESULT([no])
 	)
 
-	TEST_SSH_ECC=no
-
 	if test x$enable_nistp256 = x1 || test x$enable_nistp384 = x1 || \
 	    test x$enable_nistp521 = x1; then
 		AC_DEFINE(OPENSSL_HAS_ECC, [1], [OpenSSL has ECC])
@@ -3116,7 +3131,6 @@ if test "x$openssl" = "xyes" ; then
 	if test x$enable_nistp256 = x1; then
 		AC_DEFINE([OPENSSL_HAS_NISTP256], [1],
 		    [libcrypto has NID_X9_62_prime256v1])
-		TEST_SSH_ECC=yes
 	else
 		unsupported_algorithms="$unsupported_algorithms \
 			ecdsa-sha2-nistp256 \
@@ -3125,7 +3139,6 @@ if test "x$openssl" = "xyes" ; then
 	fi
 	if test x$enable_nistp384 = x1; then
 		AC_DEFINE([OPENSSL_HAS_NISTP384], [1], [libcrypto has NID_secp384r1])
-		TEST_SSH_ECC=yes
 	else
 		unsupported_algorithms="$unsupported_algorithms \
 			ecdsa-sha2-nistp384 \
@@ -3134,7 +3147,6 @@ if test "x$openssl" = "xyes" ; then
 	fi
 	if test x$enable_nistp521 = x1; then
 		AC_DEFINE([OPENSSL_HAS_NISTP521], [1], [libcrypto has NID_secp521r1])
-		TEST_SSH_ECC=yes
 	else
 		unsupported_algorithms="$unsupported_algorithms \
 			ecdh-sha2-nistp521 \
@@ -3142,7 +3154,6 @@ if test "x$openssl" = "xyes" ; then
 			ecdsa-sha2-nistp521-cert-v01@openssh.com"
 	fi
 
-	AC_SUBST([TEST_SSH_ECC])
 else
 	AC_CHECK_LIB([crypt], [crypt], [LIBS="$LIBS -lcrypt"])
 	AC_CHECK_FUNCS([crypt])
@@ -3153,10 +3164,6 @@ enable_pkcs11=yes
 enable_sk=yes
 if test "x$openssl" != "xyes" ; then
 	enable_pkcs11="disabled; missing libcrypto"
-	enable_sk="disabled; missing libcrypto"
-fi
-if test "x$openssl_ecc" != "xyes" ; then
-	enable_sk="disabled; OpenSSL has no ECC support"
 fi
 if test "x$ac_cv_func_dlopen" != "xyes" ; then
 	enable_pkcs11="disabled; missing dlopen(3)"
@@ -3221,8 +3228,10 @@ if test "x$enable_sk" = "xyes" -a "x$enable_sk_internal" = "xyes" ; then
 	saved_LIBS="$LIBS"
 	LIBS="$LIBS $LIBFIDO2"
 	AC_CHECK_FUNCS([ \
+		fido_assert_set_clientdata \
 		fido_cred_prot \
 		fido_cred_set_prot \
+		fido_cred_set_clientdata \
 		fido_dev_get_touch_begin \
 		fido_dev_get_touch_status \
 		fido_dev_supports_cred_prot \
@@ -3509,10 +3518,11 @@ AC_ARG_WITH([sandbox],
 	]
 )
 
-# Some platforms (seems to be the ones that have a kernel poll(2)-type
-# function with which they implement select(2)) use an extra file descriptor
-# when calling select(2), which means we can't use the rlimit sandbox.
-AC_MSG_CHECKING([if select works with descriptor rlimit])
+# POSIX specifies that poll() "shall fail with EINVAL if the nfds argument
+# is greater than OPEN_MAX".  On some platforms that includes implementions
+# ofselect in userspace on top of poll() so check both work with rlimit NOFILES
+# so check that both work before enabling the rlimit sandbox.
+AC_MSG_CHECKING([if select and/or poll works with descriptor rlimit])
 AC_RUN_IFELSE(
 	[AC_LANG_PROGRAM([[
 #include <sys/types.h>
@@ -3523,6 +3533,11 @@ AC_RUN_IFELSE(
 #ifdef HAVE_SYS_SELECT_H
 # include <sys/select.h>
 #endif
+#ifdef HAVE_POLL_H
+# include <poll.h>
+#elif HAVE_SYS_POLL_H
+# include <sys/poll.h>
+#endif
 #include <errno.h>
 #include <fcntl.h>
 #include <stdlib.h>
@@ -3531,6 +3546,9 @@ AC_RUN_IFELSE(
 	int fd, r;
 	fd_set fds;
 	struct timeval tv;
+#ifdef HAVE_POLL
+	struct pollfd pfd;
+#endif
 
 	fd = open("/dev/null", O_RDONLY);
 	FD_ZERO(&fds);
@@ -3541,7 +3559,16 @@ AC_RUN_IFELSE(
 	tv.tv_sec = 1;
 	tv.tv_usec = 0;
 	r = select(fd+1, &fds, NULL, NULL, &tv);
-	exit (r == -1 ? 1 : 0);
+	if (r == -1)
+		exit(1);
+#ifdef HAVE_POLL
+	pfd.fd = fd;
+	pfd.events = POLLIN;
+	r = poll(&pfd, 1, 1);
+	if (r == -1)
+		exit(2);
+#endif
+	exit(0);
 	]])],
 	[AC_MSG_RESULT([yes])
 	 select_works_with_rlimit=yes],
@@ -3551,6 +3578,26 @@ AC_RUN_IFELSE(
 	 select_works_with_rlimit=yes]
 )
 
+AC_CHECK_MEMBERS([struct pollfd.fd], [], [], [[
+#include <sys/types.h>
+#ifdef HAVE_POLL_H
+#include <poll.h>
+#endif
+#ifdef HAVE_SYS_POLL_H
+#include <sys/poll.h>
+#endif
+]])
+
+AC_CHECK_TYPES([nfds_t], , , [
+#include <sys/types.h>
+#ifdef HAVE_POLL_H
+#include <poll.h>
+#endif
+#ifdef HAVE_SYS_POLL_H
+#include <sys/poll.h>
+#endif
+])
+
 AC_MSG_CHECKING([if setrlimit(RLIMIT_NOFILE,{0,0}) works])
 AC_RUN_IFELSE(
 	[AC_LANG_PROGRAM([[
@@ -3637,6 +3684,7 @@ elif test "x$sandbox_arg" = "xseccomp_filter" || \
 	AC_DEFINE([SANDBOX_SECCOMP_FILTER], [1], [Sandbox using seccomp filter])
 elif test "x$sandbox_arg" = "xcapsicum" || \
      ( test -z "$sandbox_arg" && \
+       test "x$disable_capsicum" != "xyes" && \
        test "x$ac_cv_header_sys_capsicum_h" = "xyes" && \
        test "x$ac_cv_func_cap_rights_limit" = "xyes") ; then
        test "x$ac_cv_header_sys_capsicum_h" != "xyes" && \
@@ -4951,19 +4999,6 @@ else
 fi
 AC_SUBST([mansubdir])
 
-# Check whether to enable MD5 passwords
-MD5_MSG="no"
-AC_ARG_WITH([md5-passwords],
-	[  --with-md5-passwords    Enable use of MD5 passwords],
-	[
-		if test "x$withval" != "xno" ; then
-			AC_DEFINE([HAVE_MD5_PASSWORDS], [1],
-				[Define if you want to allow MD5 passwords])
-			MD5_MSG="yes"
-		fi
-	]
-)
-
 # Whether to disable shadow password support
 AC_ARG_WITH([shadow],
 	[  --without-shadow        Disable shadow password support],
@@ -5558,7 +5593,6 @@ echo "                       PAM support: $PAM_MSG"
 echo "                   OSF SIA support: $SIA_MSG"
 echo "                 KerberosV support: $KRB5_MSG"
 echo "                   SELinux support: $SELINUX_MSG"
-echo "              MD5 password support: $MD5_MSG"
 echo "                   libedit support: $LIBEDIT_MSG"
 echo "                   libldns support: $LDNS_MSG"
 echo "  Solaris process contract support: $SPC_MSG"
diff --git a/contrib/redhat/openssh.spec b/contrib/redhat/openssh.spec
index 2905db0e8c39..95ab2199b269 100644
--- a/contrib/redhat/openssh.spec
+++ b/contrib/redhat/openssh.spec
@@ -1,4 +1,4 @@
-%global ver 8.8p1
+%global ver 8.9p1
 %global rel 1%{?dist}
 
 # OpenSSH privilege separation requires a user & group ID
@@ -66,7 +66,7 @@
 # rpm -ba|--rebuild --define "smartcard 1"
 %{?smartcard:%global scard 1}
 
-# Is this a build for the rescue CD (without PAM, with MD5)? (1=yes 0=no)
+# Is this a build for the rescue CD (without PAM)? (1=yes 0=no)
 %global rescue 0
 %{?build_rescue:%global rescue 1}
 
@@ -211,7 +211,6 @@ CFLAGS="$RPM_OPT_FLAGS -Os"; export CFLAGS
 	--with-default-path=/usr/local/bin:/bin:/usr/bin \
 	--with-superuser-path=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin \
 	--with-privsep-path=%{_var}/empty/sshd \
-	--with-md5-passwords \
 	--mandir=%{_mandir} \
 	--with-mantype=man \
 	--disable-strip \
@@ -424,7 +423,10 @@ fi
 %endif
 
 %changelog
-* Mon Jul 20 2020 Damien Miller <djm@mindrto.org>
+* Thu Oct 28 2021 Damien Miller <djm@mindrot.org>
+- Remove remaining traces of --with-md5-passwords
+
+* Mon Jul 20 2020 Damien Miller <djm@mindrot.org>
 - Add ssh-sk-helper and corresponding manual page.
 
 * Sat Feb 10 2018 Darren Tucker <dtucker@dtucker.net>
diff --git a/contrib/suse/openssh.spec b/contrib/suse/openssh.spec
index ee320c76d8d0..8df0ae3b0b44 100644
--- a/contrib/suse/openssh.spec
+++ b/contrib/suse/openssh.spec
@@ -13,7 +13,7 @@
 
 Summary:	OpenSSH, a free Secure Shell (SSH) protocol implementation
 Name:		openssh
-Version:	8.8p1
+Version:	8.9p1
 URL:		https://www.openssh.com/
 Release:	1
 Source0:	openssh-%{version}.tar.gz
diff --git a/defines.h b/defines.h
index 857abb8b1d6f..279e509aae22 100644
--- a/defines.h
+++ b/defines.h
@@ -66,7 +66,9 @@ enum
 #endif /* IPTOS_LOWDELAY */
 
 /*
- * Definitions for DiffServ Codepoints as per RFC2474
+ * Definitions for DiffServ Codepoints as per RFCs 2474, 3246, 4594 & 8622.
+ * These are the 6 most significant bits as they appear on the wire, so the
+ * two least significant bits must be zero.
  */
 #ifndef IPTOS_DSCP_AF11
 # define	IPTOS_DSCP_AF11		0x28
@@ -97,7 +99,7 @@ enum
 # define	IPTOS_DSCP_EF		0xb8
 #endif /* IPTOS_DSCP_EF */
 #ifndef IPTOS_DSCP_LE
-# define	IPTOS_DSCP_LE		0x01
+# define	IPTOS_DSCP_LE		0x04
 #endif /* IPTOS_DSCP_LE */
 #ifndef IPTOS_PREC_CRITIC_ECP
 # define IPTOS_PREC_CRITIC_ECP		0xa0
@@ -532,6 +534,39 @@ struct winsize {
 	    ((tsp)->tv_sec cmp (usp)->tv_sec))
 #endif
 
+/* Operations on timespecs. */
+#ifndef timespecclear
+#define	timespecclear(tsp)		(tsp)->tv_sec = (tsp)->tv_nsec = 0
+#endif
+#ifndef timespeccmp
+#define	timespeccmp(tsp, usp, cmp)					\
+	(((tsp)->tv_sec == (usp)->tv_sec) ?				\
+	    ((tsp)->tv_nsec cmp (usp)->tv_nsec) :			\
+	    ((tsp)->tv_sec cmp (usp)->tv_sec))
+#endif
+#ifndef timespecadd
+#define	timespecadd(tsp, usp, vsp)					\
+	do {								\
+		(vsp)->tv_sec = (tsp)->tv_sec + (usp)->tv_sec;		\
+		(vsp)->tv_nsec = (tsp)->tv_nsec + (usp)->tv_nsec;	\
+		if ((vsp)->tv_nsec >= 1000000000L) {			\
+			(vsp)->tv_sec++;				\
+			(vsp)->tv_nsec -= 1000000000L;			\
+		}							\
+	} while (0)
+#endif
+#ifndef timespecsub
+#define	timespecsub(tsp, usp, vsp)					\
+	do {								\
+		(vsp)->tv_sec = (tsp)->tv_sec - (usp)->tv_sec;		\
+		(vsp)->tv_nsec = (tsp)->tv_nsec - (usp)->tv_nsec;	\
+		if ((vsp)->tv_nsec < 0) {				\
+			(vsp)->tv_sec--;				\
+			(vsp)->tv_nsec += 1000000000L;			\
+		}							\
+	} while (0)
+#endif
+
 #ifndef __P
 # define __P(x) x
 #endif
diff --git a/digest-libc.c b/digest-libc.c
index 86a1dbf291a8..6e77a4492dd4 100644
--- a/digest-libc.c
+++ b/digest-libc.c
@@ -36,6 +36,16 @@
 #include <sha2.h>
 #endif
 
+#if !defined(SHA256_BLOCK_LENGTH) && defined(SHA256_HMAC_BLOCK_SIZE)
+#define SHA256_BLOCK_LENGTH SHA256_HMAC_BLOCK_SIZE
+#endif
+#if !defined(SHA384_BLOCK_LENGTH) && defined(SHA512_HMAC_BLOCK_SIZE)
+#define SHA384_BLOCK_LENGTH SHA512_HMAC_BLOCK_SIZE
+#endif
+#if !defined(SHA512_BLOCK_LENGTH) && defined(SHA512_HMAC_BLOCK_SIZE)
+#define SHA512_BLOCK_LENGTH SHA512_HMAC_BLOCK_SIZE
+#endif
+
 #include "ssherr.h"
 #include "sshbuf.h"
 #include "digest.h"
diff --git a/dns.c b/dns.c
index 1cfc38e7cc43..f2310bec2b08 100644
--- a/dns.c
+++ b/dns.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: dns.c,v 1.41 2021/07/19 03:13:28 dtucker Exp $ */
+/* $OpenBSD: dns.c,v 1.42 2022/02/01 23:32:51 djm Exp $ */
 
 /*
  * Copyright (c) 2003 Wesley Griffin. All rights reserved.
@@ -43,7 +43,7 @@
 #include "log.h"
 #include "digest.h"
 
-static const char *errset_text[] = {
+static const char * const errset_text[] = {
 	"success",		/* 0 ERRSET_SUCCESS */
 	"out of memory",	/* 1 ERRSET_NOMEMORY */
 	"general failure",	/* 2 ERRSET_FAIL */
diff --git a/gss-genr.c b/gss-genr.c
index 6852805171a8..2cd695e543c4 100644
--- a/gss-genr.c
+++ b/gss-genr.c
@@ -34,6 +34,7 @@
 #include <stdarg.h>
 #include <string.h>
 #include <signal.h>
+#include <stdlib.h>
 #include <unistd.h>
 
 #include "xmalloc.h"
diff --git a/hostfile.c b/hostfile.c
index ce00cd713549..bd49e3ac7c48 100644
--- a/hostfile.c
+++ b/hostfile.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: hostfile.c,v 1.91 2021/07/05 01:16:46 dtucker Exp $ */
+/* $OpenBSD: hostfile.c,v 1.93 2022/01/06 22:02:52 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -118,7 +118,7 @@ host_hash(const char *host, const char *name_from_hostfile, u_int src_len)
 	struct ssh_hmac_ctx *ctx;
 	u_char salt[256], result[256];
 	char uu_salt[512], uu_result[512];
-	static char encoded[1024];
+	char *encoded = NULL;
 	u_int len;
 
 	len = ssh_digest_bytes(SSH_DIGEST_SHA1);
@@ -143,9 +143,8 @@ host_hash(const char *host, const char *name_from_hostfile, u_int src_len)
 	if (__b64_ntop(salt, len, uu_salt, sizeof(uu_salt)) == -1 ||
 	    __b64_ntop(result, len, uu_result, sizeof(uu_result)) == -1)
 		fatal_f("__b64_ntop failed");
-
-	snprintf(encoded, sizeof(encoded), "%s%s%c%s", HASH_MAGIC, uu_salt,
-	    HASH_DELIM, uu_result);
+	xasprintf(&encoded, "%s%s%c%s", HASH_MAGIC, uu_salt, HASH_DELIM,
+	    uu_result);
 
 	return (encoded);
 }
@@ -456,6 +455,7 @@ write_host_entry(FILE *f, const char *host, const char *ip,
 	else {
 		fprintf(f, "%s ", lhost);
 	}
+	free(hashed_host);
 	free(lhost);
 	if ((r = sshkey_write(key, f)) == 0)
 		success = 1;
@@ -642,7 +642,7 @@ hostfile_replace_entries(const char *filename, const char *host, const char *ip,
 	/* Re-add the requested keys */
 	want = HKF_MATCH_HOST | (ip == NULL ? 0 : HKF_MATCH_IP);
 	for (i = 0; i < nkeys; i++) {
-		if ((want & ctx.match_keys[i]) == want)
+		if (keys[i] == NULL || (want & ctx.match_keys[i]) == want)
 			continue;
 		if ((fp = sshkey_fingerprint(keys[i], hash_alg,
 		    SSH_FP_DEFAULT)) == NULL) {
@@ -730,8 +730,8 @@ hostfile_replace_entries(const char *filename, const char *host, const char *ip,
 static int
 match_maybe_hashed(const char *host, const char *names, int *was_hashed)
 {
-	int hashed = *names == HASH_DELIM;
-	const char *hashed_host;
+	int hashed = *names == HASH_DELIM, ret;
+	char *hashed_host = NULL;
 	size_t nlen = strlen(names);
 
 	if (was_hashed != NULL)
@@ -739,8 +739,10 @@ match_maybe_hashed(const char *host, const char *names, int *was_hashed)
 	if (hashed) {
 		if ((hashed_host = host_hash(host, names, nlen)) == NULL)
 			return -1;
-		return nlen == strlen(hashed_host) &&
-		    strncmp(hashed_host, names, nlen) == 0;
+		ret = (nlen == strlen(hashed_host) &&
+		    strncmp(hashed_host, names, nlen) == 0);
+		free(hashed_host);
+		return ret;
 	}
 	return match_hostname(host, names) == 1;
 }
diff --git a/includes.h b/includes.h
index 0fd71792e1ac..6d17ef6da933 100644
--- a/includes.h
+++ b/includes.h
@@ -23,7 +23,6 @@
 #endif
 
 #include <sys/types.h>
-#include <sys/param.h>
 #include <sys/socket.h> /* For CMSG_* */
 
 #ifdef HAVE_LIMITS_H
diff --git a/kex.c b/kex.c
index 709a0ec63aa0..0bcd27dc5825 100644
--- a/kex.c
+++ b/kex.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: kex.c,v 1.168 2021/04/03 06:18:40 djm Exp $ */
+/* $OpenBSD: kex.c,v 1.172 2022/02/01 23:32:51 djm Exp $ */
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
  *
@@ -66,7 +66,7 @@
 static int kex_choose_conf(struct ssh *);
 static int kex_input_newkeys(int, u_int32_t, struct ssh *);
 
-static const char *proposal_names[PROPOSAL_MAX] = {
+static const char * const proposal_names[PROPOSAL_MAX] = {
 	"KEX algorithms",
 	"host key algorithms",
 	"ciphers ctos",
@@ -436,9 +436,12 @@ kex_send_ext_info(struct ssh *ssh)
 		return SSH_ERR_ALLOC_FAIL;
 	/* XXX filter algs list by allowed pubkey/hostbased types */
 	if ((r = sshpkt_start(ssh, SSH2_MSG_EXT_INFO)) != 0 ||
-	    (r = sshpkt_put_u32(ssh, 1)) != 0 ||
+	    (r = sshpkt_put_u32(ssh, 2)) != 0 ||
 	    (r = sshpkt_put_cstring(ssh, "server-sig-algs")) != 0 ||
 	    (r = sshpkt_put_cstring(ssh, algs)) != 0 ||
+	    (r = sshpkt_put_cstring(ssh,
+	    "publickey-hostbound@openssh.com")) != 0 ||
+	    (r = sshpkt_put_cstring(ssh, "0")) != 0 ||
 	    (r = sshpkt_send(ssh)) != 0) {
 		error_fr(r, "compose");
 		goto out;
@@ -498,6 +501,21 @@ kex_input_ext_info(int type, u_int32_t seq, struct ssh *ssh)
 			debug_f("%s=<%s>", name, val);
 			kex->server_sig_algs = val;
 			val = NULL;
+		} else if (strcmp(name,
+		    "publickey-hostbound@openssh.com") == 0) {
+			/* XXX refactor */
+			/* Ensure no \0 lurking in value */
+			if (memchr(val, '\0', vlen) != NULL) {
+				error_f("nul byte in %s", name);
+				return SSH_ERR_INVALID_FORMAT;
+			}
+			debug_f("%s=<%s>", name, val);
+			if (strcmp(val, "0") == 0)
+				kex->flags |= KEX_HAS_PUBKEY_HOSTBOUND;
+			else {
+				debug_f("unsupported version of %s extension",
+				    name);
+			}
 		} else
 			debug_f("%s (unrecognised)", name);
 		free(name);
@@ -699,6 +717,8 @@ kex_free(struct kex *kex)
 	sshbuf_free(kex->server_version);
 	sshbuf_free(kex->client_pub);
 	sshbuf_free(kex->session_id);
+	sshbuf_free(kex->initial_sig);
+	sshkey_free(kex->initial_hostkey);
 	free(kex->failed_choice);
 	free(kex->hostkey_alg);
 	free(kex->name);
@@ -880,6 +900,18 @@ proposals_match(char *my[PROPOSAL_MAX], char *peer[PROPOSAL_MAX])
 	return (1);
 }
 
+/* returns non-zero if proposal contains any algorithm from algs */
+static int
+has_any_alg(const char *proposal, const char *algs)
+{
+	char *cp;
+
+	if ((cp = match_list(proposal, algs, NULL)) == NULL)
+		return 0;
+	free(cp);
+	return 1;
+}
+
 static int
 kex_choose_conf(struct ssh *ssh)
 {
@@ -915,6 +947,16 @@ kex_choose_conf(struct ssh *ssh)
 		free(ext);
 	}
 
+	/* Check whether client supports rsa-sha2 algorithms */
+	if (kex->server && (kex->flags & KEX_INITIAL)) {
+		if (has_any_alg(peer[PROPOSAL_SERVER_HOST_KEY_ALGS],
+		    "rsa-sha2-256,rsa-sha2-256-cert-v01@openssh.com"))
+			kex->flags |= KEX_RSA_SHA2_256_SUPPORTED;
+		if (has_any_alg(peer[PROPOSAL_SERVER_HOST_KEY_ALGS],
+		    "rsa-sha2-512,rsa-sha2-512-cert-v01@openssh.com"))
+			kex->flags |= KEX_RSA_SHA2_512_SUPPORTED;
+	}
+
 	/* Algorithm Negotiation */
 	if ((r = choose_kex(kex, cprop[PROPOSAL_KEX_ALGS],
 	    sprop[PROPOSAL_KEX_ALGS])) != 0) {
diff --git a/kex.h b/kex.h
index 9605ed528ea4..c35329501871 100644
--- a/kex.h
+++ b/kex.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: kex.h,v 1.114 2021/01/31 22:55:29 djm Exp $ */
+/* $OpenBSD: kex.h,v 1.117 2022/01/06 21:55:23 djm Exp $ */
 
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
@@ -105,8 +105,12 @@ enum kex_exchange {
 	KEX_MAX
 };
 
-#define KEX_INIT_SENT	0x0001
-#define KEX_INITIAL	0x0002
+/* kex->flags */
+#define KEX_INIT_SENT			0x0001
+#define KEX_INITIAL			0x0002
+#define KEX_HAS_PUBKEY_HOSTBOUND	0x0004
+#define KEX_RSA_SHA2_256_SUPPORTED 	0x0008 /* only set in server for now */
+#define KEX_RSA_SHA2_512_SUPPORTED 	0x0010 /* only set in server for now */
 
 struct sshenc {
 	char	*name;
@@ -130,6 +134,7 @@ struct newkeys {
 };
 
 struct ssh;
+struct sshbuf;
 
 struct kex {
 	struct newkeys	*newkeys[MODE_MAX];
@@ -148,6 +153,8 @@ struct kex {
 	struct sshbuf *client_version;
 	struct sshbuf *server_version;
 	struct sshbuf *session_id;
+	struct sshbuf *initial_sig;
+	struct sshkey *initial_hostkey;
 	sig_atomic_t done;
 	u_int	flags;
 	int	hash_alg;
diff --git a/kexgen.c b/kexgen.c
index bde28053ddf1..20f3c57110a8 100644
--- a/kexgen.c
+++ b/kexgen.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: kexgen.c,v 1.7 2021/04/03 06:18:40 djm Exp $ */
+/* $OpenBSD: kexgen.c,v 1.8 2021/12/19 22:08:06 djm Exp $ */
 /*
  * Copyright (c) 2019 Markus Friedl.  All rights reserved.
  *
@@ -218,8 +218,26 @@ input_kex_gen_reply(int type, u_int32_t seq, struct ssh *ssh)
 	    kex->hostkey_alg, ssh->compat, NULL)) != 0)
 		goto out;
 
-	if ((r = kex_derive_keys(ssh, hash, hashlen, shared_secret)) == 0)
-		r = kex_send_newkeys(ssh);
+	if ((r = kex_derive_keys(ssh, hash, hashlen, shared_secret)) != 0 ||
+	    (r = kex_send_newkeys(ssh)) != 0)
+		goto out;
+
+	/* save initial signature and hostkey */
+	if ((kex->flags & KEX_INITIAL) != 0) {
+		if (kex->initial_hostkey != NULL || kex->initial_sig != NULL) {
+			r = SSH_ERR_INTERNAL_ERROR;
+			goto out;
+		}
+		if ((kex->initial_sig = sshbuf_new()) == NULL) {
+			r = SSH_ERR_ALLOC_FAIL;
+			goto out;
+		}
+		if ((r = sshbuf_put(kex->initial_sig, signature, slen)) != 0)
+			goto out;
+		kex->initial_hostkey = server_host_key;
+		server_host_key = NULL;
+	}
+	/* success */
 out:
 	explicit_bzero(hash, sizeof(hash));
 	explicit_bzero(kex->c25519_client_key, sizeof(kex->c25519_client_key));
@@ -333,8 +351,15 @@ input_kex_gen_init(int type, u_int32_t seq, struct ssh *ssh)
 	    (r = sshpkt_send(ssh)) != 0)
 		goto out;
 
-	if ((r = kex_derive_keys(ssh, hash, hashlen, shared_secret)) == 0)
-		r = kex_send_newkeys(ssh);
+	if ((r = kex_derive_keys(ssh, hash, hashlen, shared_secret)) != 0 ||
+	    (r = kex_send_newkeys(ssh)) != 0)
+		goto out;
+	/* retain copy of hostkey used at initial KEX */
+	if (kex->initial_hostkey == NULL &&
+	    (r = sshkey_from_private(server_host_public,
+	    &kex->initial_hostkey)) != 0)
+		goto out;
+	/* success */
 out:
 	explicit_bzero(hash, sizeof(hash));
 	sshbuf_free(server_host_key_blob);
diff --git a/kexgexc.c b/kexgexc.c
index 4a2e741d8458..e99e0cf216e7 100644
--- a/kexgexc.c
+++ b/kexgexc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: kexgexc.c,v 1.37 2021/01/31 22:55:29 djm Exp $ */
+/* $OpenBSD: kexgexc.c,v 1.38 2021/12/19 22:08:06 djm Exp $ */
 /*
  * Copyright (c) 2000 Niels Provos.  All rights reserved.
  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
@@ -206,8 +206,26 @@ input_kex_dh_gex_reply(int type, u_int32_t seq, struct ssh *ssh)
 	    hashlen, kex->hostkey_alg, ssh->compat, NULL)) != 0)
 		goto out;
 
-	if ((r = kex_derive_keys(ssh, hash, hashlen, shared_secret)) == 0)
-		r = kex_send_newkeys(ssh);
+	if ((r = kex_derive_keys(ssh, hash, hashlen, shared_secret)) != 0 ||
+	    (r = kex_send_newkeys(ssh)) != 0)
+		goto out;
+
+	/* save initial signature and hostkey */
+	if ((kex->flags & KEX_INITIAL) != 0) {
+		if (kex->initial_hostkey != NULL || kex->initial_sig != NULL) {
+			r = SSH_ERR_INTERNAL_ERROR;
+			goto out;
+		}
+		if ((kex->initial_sig = sshbuf_new()) == NULL) {
+			r = SSH_ERR_ALLOC_FAIL;
+			goto out;
+		}
+		if ((r = sshbuf_put(kex->initial_sig, signature, slen)) != 0)
+			goto out;
+		kex->initial_hostkey = server_host_key;
+		server_host_key = NULL;
+	}
+	/* success */
  out:
 	explicit_bzero(hash, sizeof(hash));
 	DH_free(kex->dh);
diff --git a/kexgexs.c b/kexgexs.c
index f0fbcb912543..72b444f6906b 100644
--- a/kexgexs.c
+++ b/kexgexs.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: kexgexs.c,v 1.43 2021/01/31 22:55:29 djm Exp $ */
+/* $OpenBSD: kexgexs.c,v 1.44 2021/12/19 22:08:06 djm Exp $ */
 /*
  * Copyright (c) 2000 Niels Provos.  All rights reserved.
  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
@@ -194,8 +194,16 @@ input_kex_dh_gex_init(int type, u_int32_t seq, struct ssh *ssh)
 	    (r = sshpkt_send(ssh)) != 0)
 		goto out;
 
-	if ((r = kex_derive_keys(ssh, hash, hashlen, shared_secret)) == 0)
-		r = kex_send_newkeys(ssh);
+	if ((r = kex_derive_keys(ssh, hash, hashlen, shared_secret)) != 0 ||
+	    (r = kex_send_newkeys(ssh)) != 0)
+		goto out;
+
+	/* retain copy of hostkey used at initial KEX */
+	if (kex->initial_hostkey == NULL &&
+	    (r = sshkey_from_private(server_host_public,
+	    &kex->initial_hostkey)) != 0)
+		goto out;
+	/* success */
  out:
 	explicit_bzero(hash, sizeof(hash));
 	DH_free(kex->dh);
diff --git a/kexsntrup761x25519.c b/kexsntrup761x25519.c
index e3007fa29125..6afb1bad560d 100644
--- a/kexsntrup761x25519.c
+++ b/kexsntrup761x25519.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: kexsntrup761x25519.c,v 1.1 2020/12/29 00:59:15 djm Exp $ */
+/* $OpenBSD: kexsntrup761x25519.c,v 1.2 2021/12/05 12:28:27 jsg Exp $ */
 /*
  * Copyright (c) 2019 Markus Friedl.  All rights reserved.
  *
@@ -132,7 +132,7 @@ kex_kem_sntrup761x25519_enc(struct kex *kex,
 	dump_digest("server public key 25519:", server_pub, CURVE25519_SIZE);
 	dump_digest("server cipher text:", ciphertext,
 	    crypto_kem_sntrup761_CIPHERTEXTBYTES);
-	dump_digest("server kem key:", kem_key, sizeof(kem_key));
+	dump_digest("server kem key:", kem_key, crypto_kem_sntrup761_BYTES);
 	dump_digest("concatenation of KEM key and ECDH shared key:",
 	    sshbuf_ptr(buf), sshbuf_len(buf));
 #endif
diff --git a/loginrec.c b/loginrec.c
index ea058fd6fa75..4f21499586af 100644
--- a/loginrec.c
+++ b/loginrec.c
@@ -181,6 +181,7 @@
 #include "auth.h"
 #include "sshbuf.h"
 #include "ssherr.h"
+#include "misc.h"
 
 #ifdef HAVE_UTIL_H
 # include <util.h>
@@ -801,7 +802,7 @@ construct_utmpx(struct logininfo *li, struct utmpx *utx)
 # endif
 # ifdef HAVE_SYSLEN_IN_UTMPX
 	/* ut_syslen is the length of the utx_host string */
-	utx->ut_syslen = MIN(strlen(li->hostname), sizeof(utx->ut_host));
+	utx->ut_syslen = MINIMUM(strlen(li->hostname), sizeof(utx->ut_host));
 # endif
 }
 #endif /* USE_UTMPX || USE_WTMPX */
diff --git a/md5crypt.c b/md5crypt.c
deleted file mode 100644
index 52cf2959a832..000000000000
--- a/md5crypt.c
+++ /dev/null
@@ -1,165 +0,0 @@
-/*
- * ----------------------------------------------------------------------------
- * "THE BEER-WARE LICENSE" (Revision 42):
- * <phk@login.dknet.dk> wrote this file.  As long as you retain this
- * notice you can do whatever you want with this stuff. If we meet some
- * day, and you think this stuff is worth it, you can buy me a beer in
- * return.   Poul-Henning Kamp
- * ----------------------------------------------------------------------------
- */
-
-#include "includes.h"
-
-#if defined(HAVE_MD5_PASSWORDS) && !defined(HAVE_MD5_CRYPT)
-#include <sys/types.h>
-
-#include <string.h>
-
-#include <openssl/md5.h>
-
-/* 0 ... 63 => ascii - 64 */
-static unsigned char itoa64[] =
-    "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
-
-static char *magic = "$1$";
-
-static char *
-to64(unsigned long v, int n)
-{
-	static char buf[5];
-	char *s = buf;
-
-	if (n > 4)
-		return (NULL);
-
-	memset(buf, '\0', sizeof(buf));
-	while (--n >= 0) {
-		*s++ = itoa64[v&0x3f];
-		v >>= 6;
-	}
-
-	return (buf);
-}
-
-int
-is_md5_salt(const char *salt)
-{
-	return (strncmp(salt, magic, strlen(magic)) == 0);
-}
-
-char *
-md5_crypt(const char *pw, const char *salt)
-{
-	static char passwd[120], salt_copy[9];
-	static const char *sp, *ep;
-	unsigned char final[16];
-	int sl, pl, i, j;
-	MD5_CTX	ctx, ctx1;
-	unsigned long l;
-
-	/* Refine the Salt first */
-	sp = salt;
-
-	/* If it starts with the magic string, then skip that */
-	if(strncmp(sp, magic, strlen(magic)) == 0)
-		sp += strlen(magic);
-
-	/* It stops at the first '$', max 8 chars */
-	for (ep = sp; *ep != '$'; ep++) {
-		if (*ep == '\0' || ep >= (sp + 8))
-			return (NULL);
-	}
-
-	/* get the length of the true salt */
-	sl = ep - sp;
-
-	/* Stash the salt */
-	memcpy(salt_copy, sp, sl);
-	salt_copy[sl] = '\0';
-
-	MD5_Init(&ctx);
-
-	/* The password first, since that is what is most unknown */
-	MD5_Update(&ctx, pw, strlen(pw));
-
-	/* Then our magic string */
-	MD5_Update(&ctx, magic, strlen(magic));
-
-	/* Then the raw salt */
-	MD5_Update(&ctx, sp, sl);
-
-	/* Then just as many characters of the MD5(pw, salt, pw) */
-	MD5_Init(&ctx1);
-	MD5_Update(&ctx1, pw, strlen(pw));
-	MD5_Update(&ctx1, sp, sl);
-	MD5_Update(&ctx1, pw, strlen(pw));
-	MD5_Final(final, &ctx1);
-
-	for(pl = strlen(pw); pl > 0; pl -= 16)
-		MD5_Update(&ctx, final, pl > 16 ? 16 : pl);
-
-	/* Don't leave anything around in vm they could use. */
-	memset(final, '\0', sizeof final);
-
-	/* Then something really weird... */
-	for (j = 0, i = strlen(pw); i != 0; i >>= 1)
-		if (i & 1)
-			MD5_Update(&ctx, final + j, 1);
-		else
-			MD5_Update(&ctx, pw + j, 1);
-
-	/* Now make the output string */
-	snprintf(passwd, sizeof(passwd), "%s%s$", magic, salt_copy);
-
-	MD5_Final(final, &ctx);
-
-	/*
-	 * and now, just to make sure things don't run too fast
-	 * On a 60 Mhz Pentium this takes 34 msec, so you would
-	 * need 30 seconds to build a 1000 entry dictionary...
-	 */
-	for(i = 0; i < 1000; i++) {
-		MD5_Init(&ctx1);
-		if (i & 1)
-			MD5_Update(&ctx1, pw, strlen(pw));
-		else
-			MD5_Update(&ctx1, final, 16);
-
-		if (i % 3)
-			MD5_Update(&ctx1, sp, sl);
-
-		if (i % 7)
-			MD5_Update(&ctx1, pw, strlen(pw));
-
-		if (i & 1)
-			MD5_Update(&ctx1, final, 16);
-		else
-			MD5_Update(&ctx1, pw, strlen(pw));
-
-		MD5_Final(final, &ctx1);
-	}
-
-	l = (final[ 0]<<16) | (final[ 6]<<8) | final[12];
-	strlcat(passwd, to64(l, 4), sizeof(passwd));
-	l = (final[ 1]<<16) | (final[ 7]<<8) | final[13];
-	strlcat(passwd, to64(l, 4), sizeof(passwd));
-	l = (final[ 2]<<16) | (final[ 8]<<8) | final[14];
-	strlcat(passwd, to64(l, 4), sizeof(passwd));
-	l = (final[ 3]<<16) | (final[ 9]<<8) | final[15];
-	strlcat(passwd, to64(l, 4), sizeof(passwd));
-	l = (final[ 4]<<16) | (final[10]<<8) | final[ 5];
-	strlcat(passwd, to64(l, 4), sizeof(passwd));
-	l =                    final[11]                ;
-	strlcat(passwd, to64(l, 2), sizeof(passwd));
-
-	/* Don't leave anything around in vm they could use. */
-	memset(final, 0, sizeof(final));
-	memset(salt_copy, 0, sizeof(salt_copy));
-	memset(&ctx, 0, sizeof(ctx));
-	memset(&ctx1, 0, sizeof(ctx1));
-	(void)to64(0, 4);
-
-	return (passwd);
-}
-
-#endif /* defined(HAVE_MD5_PASSWORDS) && !defined(HAVE_MD5_CRYPT) */
diff --git a/md5crypt.h b/md5crypt.h
deleted file mode 100644
index 978e579c86d0..000000000000
--- a/md5crypt.h
+++ /dev/null
@@ -1,22 +0,0 @@
-/*
- * ----------------------------------------------------------------------------
- * "THE BEER-WARE LICENSE" (Revision 42):
- * <phk@login.dknet.dk> wrote this file.  As long as you retain this notice you
- * can do whatever you want with this stuff. If we meet some day, and you think
- * this stuff is worth it, you can buy me a beer in return.   Poul-Henning Kamp
- * ----------------------------------------------------------------------------
- */
-
-#ifndef _MD5CRYPT_H
-#define _MD5CRYPT_H
-
-#include "config.h"
-
-#if defined(HAVE_MD5_PASSWORDS) && !defined(HAVE_MD5_CRYPT)
-
-int is_md5_salt(const char *);
-char *md5_crypt(const char *, const char *);
-
-#endif /* defined(HAVE_MD5_PASSWORDS) && !defined(HAVE_MD5_CRYPT) */
-
-#endif /* MD5CRYPT_H */
diff --git a/misc.c b/misc.c
index 0134d69492e4..417498deb7a2 100644
--- a/misc.c
+++ b/misc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: misc.c,v 1.170 2021/09/26 14:01:03 djm Exp $ */
+/* $OpenBSD: misc.c,v 1.174 2022/02/11 00:43:56 dtucker Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  * Copyright (c) 2005-2020 Damien Miller.  All rights reserved.
@@ -719,10 +719,16 @@ hpdelim2(char **cp, char *delim)
 	return old;
 }
 
+/* The common case: only accept colon as delimiter. */
 char *
 hpdelim(char **cp)
 {
-	return hpdelim2(cp, NULL);
+	char *r, delim = '\0';
+
+	r =  hpdelim2(cp, &delim);
+	if (delim == '/')
+		return NULL;
+	return r;
 }
 
 char *
@@ -1119,53 +1125,69 @@ freeargs(arglist *args)
 int
 tilde_expand(const char *filename, uid_t uid, char **retp)
 {
-	const char *path, *sep;
-	char user[128], *ret;
+	char *ocopy = NULL, *copy, *s = NULL;
+	const char *path = NULL, *user = NULL;
 	struct passwd *pw;
-	u_int len, slash;
+	size_t len;
+	int ret = -1, r, slash;
 
+	*retp = NULL;
 	if (*filename != '~') {
 		*retp = xstrdup(filename);
 		return 0;
 	}
-	filename++;
+	ocopy = copy = xstrdup(filename + 1);
 
-	path = strchr(filename, '/');
-	if (path != NULL && path > filename) {		/* ~user/path */
-		slash = path - filename;
-		if (slash > sizeof(user) - 1) {
-			error_f("~username too long");
-			return -1;
+	if (*copy == '\0')				/* ~ */
+		path = NULL;
+	else if (*copy == '/') {
+		copy += strspn(copy, "/");
+		if (*copy == '\0')
+			path = NULL;			/* ~/ */
+		else
+			path = copy;			/* ~/path */
+	} else {
+		user = copy;
+		if ((path = strchr(copy, '/')) != NULL) {
+			copy[path - copy] = '\0';
+			path++;
+			path += strspn(path, "/");
+			if (*path == '\0')		/* ~user/ */
+				path = NULL;
+			/* else				 ~user/path */
 		}
-		memcpy(user, filename, slash);
-		user[slash] = '\0';
+		/* else					~user */
+	}
+	if (user != NULL) {
 		if ((pw = getpwnam(user)) == NULL) {
 			error_f("No such user %s", user);
-			return -1;
+			goto out;
 		}
-	} else if ((pw = getpwuid(uid)) == NULL) {	/* ~/path */
+	} else if ((pw = getpwuid(uid)) == NULL) {
 		error_f("No such uid %ld", (long)uid);
-		return -1;
+		goto out;
 	}
 
 	/* Make sure directory has a trailing '/' */
-	len = strlen(pw->pw_dir);
-	if (len == 0 || pw->pw_dir[len - 1] != '/')
-		sep = "/";
-	else
-		sep = "";
-
-	/* Skip leading '/' from specified path */
-	if (path != NULL)
-		filename = path + 1;
+	slash = (len = strlen(pw->pw_dir)) == 0 || pw->pw_dir[len - 1] != '/';
 
-	if (xasprintf(&ret, "%s%s%s", pw->pw_dir, sep, filename) >= PATH_MAX) {
+	if ((r = xasprintf(&s, "%s%s%s", pw->pw_dir,
+	    slash ? "/" : "", path != NULL ? path : "")) <= 0) {
+		error_f("xasprintf failed");
+		goto out;
+	}
+	if (r >= PATH_MAX) {
 		error_f("Path too long");
-		return -1;
+		goto out;
 	}
-
-	*retp = ret;
-	return 0;
+	/* success */
+	ret = 0;
+	*retp = s;
+	s = NULL;
+ out:
+	free(s);
+	free(ocopy);
+	return ret;
 }
 
 char *
@@ -1616,12 +1638,12 @@ ms_subtract_diff(struct timeval *start, int *ms)
 }
 
 void
-ms_to_timeval(struct timeval *tv, int ms)
+ms_to_timespec(struct timespec *ts, int ms)
 {
 	if (ms < 0)
 		ms = 0;
-	tv->tv_sec = ms / 1000;
-	tv->tv_usec = (ms % 1000) * 1000;
+	ts->tv_sec = ms / 1000;
+	ts->tv_nsec = (ms % 1000) * 1000 * 1000;
 }
 
 void
diff --git a/misc.h b/misc.h
index 2e2dca54bf45..2e1b5fecaa01 100644
--- a/misc.h
+++ b/misc.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: misc.h,v 1.98 2021/08/09 23:47:44 djm Exp $ */
+/* $OpenBSD: misc.h,v 1.99 2021/11/13 21:14:13 deraadt Exp $ */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -82,7 +82,7 @@ void	 xextendf(char **s, const char *sep, const char *fmt, ...)
     __attribute__((__format__ (printf, 3, 4))) __attribute__((__nonnull__ (3)));
 void	 sanitise_stdfd(void);
 void	 ms_subtract_diff(struct timeval *, int *);
-void	 ms_to_timeval(struct timeval *, int);
+void	 ms_to_timespec(struct timespec *, int);
 void	 monotime_ts(struct timespec *);
 void	 monotime_tv(struct timeval *);
 time_t	 monotime(void);
diff --git a/moduli b/moduli
index 81afe331b3b6..1362f20e1bd1 100644
--- a/moduli
+++ b/moduli
@@ -1,450 +1,383 @@
-#    $OpenBSD: moduli,v 1.30 2021/05/17 07:22:45 dtucker Exp $
+#    $OpenBSD: moduli,v 1.31 2021/09/28 11:10:05 dtucker Exp $
 # Time Type Tests Tries Size Generator Modulus
-20210510040256 2 6 100 2047 5 C7CE688A891B095F8844E2381248DFAE8FA10F704F18EC478287964C92B6931F4DCEF6250CEE631DC7217BB9BCEDF38B29FBFE1E62C4461F3B4FB0DD872C3D7B1AF59DF757564EFFEADFBCD4529760A9B8F277E31BAF8F986BB5C5298ECF5E0760977111396ACB3782D2F6D91B6059160F28A667B6BD61ABDCFBDA374930FFF31A2620DF9AA6BFE8C2C27E78A8423FDD0DBDAF6D3E52EC80E345D5D64D5F6B20BD8D12E13D415788B69868EBA41360E1C88A25BE04B7E0182284276EC4E3BF2CE45C373C2E43C6B575C2A579209FEAEA885E20C11471DD884942266B9E3847B8839FC2A79F8F1594ADD8A10ABAC9C7881B2CF99D762B5E2E7A0BC52B6F7F372F
-20210510040337 2 6 100 2047 2 C7CE688A891B095F8844E2381248DFAE8FA10F704F18EC478287964C92B6931F4DCEF6250CEE631DC7217BB9BCEDF38B29FBFE1E62C4461F3B4FB0DD872C3D7B1AF59DF757564EFFEADFBCD4529760A9B8F277E31BAF8F986BB5C5298ECF5E0760977111396ACB3782D2F6D91B6059160F28A667B6BD61ABDCFBDA374930FFF31A2620DF9AA6BFE8C2C27E78A8423FDD0DBDAF6D3E52EC80E345D5D64D5F6B20BD8D12E13D415788B69868EBA41360E1C88A25BE04B7E0182284276EC4E3BF2CE45C373C2E43C6B575C2A579209FEAEA885E20C11471DD884942266B9E3847B8839FC2A79F8F1594ADD8A10ABAC9C7881B2CF99D762B5E2E7A0BC52B6FC9DF33
-20210510040415 2 6 100 2047 2 C7CE688A891B095F8844E2381248DFAE8FA10F704F18EC478287964C92B6931F4DCEF6250CEE631DC7217BB9BCEDF38B29FBFE1E62C4461F3B4FB0DD872C3D7B1AF59DF757564EFFEADFBCD4529760A9B8F277E31BAF8F986BB5C5298ECF5E0760977111396ACB3782D2F6D91B6059160F28A667B6BD61ABDCFBDA374930FFF31A2620DF9AA6BFE8C2C27E78A8423FDD0DBDAF6D3E52EC80E345D5D64D5F6B20BD8D12E13D415788B69868EBA41360E1C88A25BE04B7E0182284276EC4E3BF2CE45C373C2E43C6B575C2A579209FEAEA885E20C11471DD884942266B9E3847B8839FC2A79F8F1594ADD8A10ABAC9C7881B2CF99D762B5E2E7A0BC52B700C2C43
-20210510040454 2 6 100 2047 5 C7CE688A891B095F8844E2381248DFAE8FA10F704F18EC478287964C92B6931F4DCEF6250CEE631DC7217BB9BCEDF38B29FBFE1E62C4461F3B4FB0DD872C3D7B1AF59DF757564EFFEADFBCD4529760A9B8F277E31BAF8F986BB5C5298ECF5E0760977111396ACB3782D2F6D91B6059160F28A667B6BD61ABDCFBDA374930FFF31A2620DF9AA6BFE8C2C27E78A8423FDD0DBDAF6D3E52EC80E345D5D64D5F6B20BD8D12E13D415788B69868EBA41360E1C88A25BE04B7E0182284276EC4E3BF2CE45C373C2E43C6B575C2A579209FEAEA885E20C11471DD884942266B9E3847B8839FC2A79F8F1594ADD8A10ABAC9C7881B2CF99D762B5E2E7A0BC52B7052E7EF
-20210510040524 2 6 100 2047 5 C7CE688A891B095F8844E2381248DFAE8FA10F704F18EC478287964C92B6931F4DCEF6250CEE631DC7217BB9BCEDF38B29FBFE1E62C4461F3B4FB0DD872C3D7B1AF59DF757564EFFEADFBCD4529760A9B8F277E31BAF8F986BB5C5298ECF5E0760977111396ACB3782D2F6D91B6059160F28A667B6BD61ABDCFBDA374930FFF31A2620DF9AA6BFE8C2C27E78A8423FDD0DBDAF6D3E52EC80E345D5D64D5F6B20BD8D12E13D415788B69868EBA41360E1C88A25BE04B7E0182284276EC4E3BF2CE45C373C2E43C6B575C2A579209FEAEA885E20C11471DD884942266B9E3847B8839FC2A79F8F1594ADD8A10ABAC9C7881B2CF99D762B5E2E7A0BC52B708A4C17
-20210510040600 2 6 100 2047 5 C7CE688A891B095F8844E2381248DFAE8FA10F704F18EC478287964C92B6931F4DCEF6250CEE631DC7217BB9BCEDF38B29FBFE1E62C4461F3B4FB0DD872C3D7B1AF59DF757564EFFEADFBCD4529760A9B8F277E31BAF8F986BB5C5298ECF5E0760977111396ACB3782D2F6D91B6059160F28A667B6BD61ABDCFBDA374930FFF31A2620DF9AA6BFE8C2C27E78A8423FDD0DBDAF6D3E52EC80E345D5D64D5F6B20BD8D12E13D415788B69868EBA41360E1C88A25BE04B7E0182284276EC4E3BF2CE45C373C2E43C6B575C2A579209FEAEA885E20C11471DD884942266B9E3847B8839FC2A79F8F1594ADD8A10ABAC9C7881B2CF99D762B5E2E7A0BC52B70CAD2BF
-20210510040723 2 6 100 2047 2 C7CE688A891B095F8844E2381248DFAE8FA10F704F18EC478287964C92B6931F4DCEF6250CEE631DC7217BB9BCEDF38B29FBFE1E62C4461F3B4FB0DD872C3D7B1AF59DF757564EFFEADFBCD4529760A9B8F277E31BAF8F986BB5C5298ECF5E0760977111396ACB3782D2F6D91B6059160F28A667B6BD61ABDCFBDA374930FFF31A2620DF9AA6BFE8C2C27E78A8423FDD0DBDAF6D3E52EC80E345D5D64D5F6B20BD8D12E13D415788B69868EBA41360E1C88A25BE04B7E0182284276EC4E3BF2CE45C373C2E43C6B575C2A579209FEAEA885E20C11471DD884942266B9E3847B8839FC2A79F8F1594ADD8A10ABAC9C7881B2CF99D762B5E2E7A0BC52B716449C3
-20210510040743 2 6 100 2047 5 C7CE688A891B095F8844E2381248DFAE8FA10F704F18EC478287964C92B6931F4DCEF6250CEE631DC7217BB9BCEDF38B29FBFE1E62C4461F3B4FB0DD872C3D7B1AF59DF757564EFFEADFBCD4529760A9B8F277E31BAF8F986BB5C5298ECF5E0760977111396ACB3782D2F6D91B6059160F28A667B6BD61ABDCFBDA374930FFF31A2620DF9AA6BFE8C2C27E78A8423FDD0DBDAF6D3E52EC80E345D5D64D5F6B20BD8D12E13D415788B69868EBA41360E1C88A25BE04B7E0182284276EC4E3BF2CE45C373C2E43C6B575C2A579209FEAEA885E20C11471DD884942266B9E3847B8839FC2A79F8F1594ADD8A10ABAC9C7881B2CF99D762B5E2E7A0BC52B718416DF
-20210510040805 2 6 100 2047 2 C7CE688A891B095F8844E2381248DFAE8FA10F704F18EC478287964C92B6931F4DCEF6250CEE631DC7217BB9BCEDF38B29FBFE1E62C4461F3B4FB0DD872C3D7B1AF59DF757564EFFEADFBCD4529760A9B8F277E31BAF8F986BB5C5298ECF5E0760977111396ACB3782D2F6D91B6059160F28A667B6BD61ABDCFBDA374930FFF31A2620DF9AA6BFE8C2C27E78A8423FDD0DBDAF6D3E52EC80E345D5D64D5F6B20BD8D12E13D415788B69868EBA41360E1C88A25BE04B7E0182284276EC4E3BF2CE45C373C2E43C6B575C2A579209FEAEA885E20C11471DD884942266B9E3847B8839FC2A79F8F1594ADD8A10ABAC9C7881B2CF99D762B5E2E7A0BC52B71A5291B
-20210510040833 2 6 100 2047 2 C7CE688A891B095F8844E2381248DFAE8FA10F704F18EC478287964C92B6931F4DCEF6250CEE631DC7217BB9BCEDF38B29FBFE1E62C4461F3B4FB0DD872C3D7B1AF59DF757564EFFEADFBCD4529760A9B8F277E31BAF8F986BB5C5298ECF5E0760977111396ACB3782D2F6D91B6059160F28A667B6BD61ABDCFBDA374930FFF31A2620DF9AA6BFE8C2C27E78A8423FDD0DBDAF6D3E52EC80E345D5D64D5F6B20BD8D12E13D415788B69868EBA41360E1C88A25BE04B7E0182284276EC4E3BF2CE45C373C2E43C6B575C2A579209FEAEA885E20C11471DD884942266B9E3847B8839FC2A79F8F1594ADD8A10ABAC9C7881B2CF99D762B5E2E7A0BC52B71D2EB43
-20210510040926 2 6 100 2047 2 C7CE688A891B095F8844E2381248DFAE8FA10F704F18EC478287964C92B6931F4DCEF6250CEE631DC7217BB9BCEDF38B29FBFE1E62C4461F3B4FB0DD872C3D7B1AF59DF757564EFFEADFBCD4529760A9B8F277E31BAF8F986BB5C5298ECF5E0760977111396ACB3782D2F6D91B6059160F28A667B6BD61ABDCFBDA374930FFF31A2620DF9AA6BFE8C2C27E78A8423FDD0DBDAF6D3E52EC80E345D5D64D5F6B20BD8D12E13D415788B69868EBA41360E1C88A25BE04B7E0182284276EC4E3BF2CE45C373C2E43C6B575C2A579209FEAEA885E20C11471DD884942266B9E3847B8839FC2A79F8F1594ADD8A10ABAC9C7881B2CF99D762B5E2E7A0BC52B7233C20B
-20210510040945 2 6 100 2047 5 C7CE688A891B095F8844E2381248DFAE8FA10F704F18EC478287964C92B6931F4DCEF6250CEE631DC7217BB9BCEDF38B29FBFE1E62C4461F3B4FB0DD872C3D7B1AF59DF757564EFFEADFBCD4529760A9B8F277E31BAF8F986BB5C5298ECF5E0760977111396ACB3782D2F6D91B6059160F28A667B6BD61ABDCFBDA374930FFF31A2620DF9AA6BFE8C2C27E78A8423FDD0DBDAF6D3E52EC80E345D5D64D5F6B20BD8D12E13D415788B69868EBA41360E1C88A25BE04B7E0182284276EC4E3BF2CE45C373C2E43C6B575C2A579209FEAEA885E20C11471DD884942266B9E3847B8839FC2A79F8F1594ADD8A10ABAC9C7881B2CF99D762B5E2E7A0BC52B7250533F
-20210510040952 2 6 100 2047 5 C7CE688A891B095F8844E2381248DFAE8FA10F704F18EC478287964C92B6931F4DCEF6250CEE631DC7217BB9BCEDF38B29FBFE1E62C4461F3B4FB0DD872C3D7B1AF59DF757564EFFEADFBCD4529760A9B8F277E31BAF8F986BB5C5298ECF5E0760977111396ACB3782D2F6D91B6059160F28A667B6BD61ABDCFBDA374930FFF31A2620DF9AA6BFE8C2C27E78A8423FDD0DBDAF6D3E52EC80E345D5D64D5F6B20BD8D12E13D415788B69868EBA41360E1C88A25BE04B7E0182284276EC4E3BF2CE45C373C2E43C6B575C2A579209FEAEA885E20C11471DD884942266B9E3847B8839FC2A79F8F1594ADD8A10ABAC9C7881B2CF99D762B5E2E7A0BC52B7255E727
-20210510041013 2 6 100 2047 5 C7CE688A891B095F8844E2381248DFAE8FA10F704F18EC478287964C92B6931F4DCEF6250CEE631DC7217BB9BCEDF38B29FBFE1E62C4461F3B4FB0DD872C3D7B1AF59DF757564EFFEADFBCD4529760A9B8F277E31BAF8F986BB5C5298ECF5E0760977111396ACB3782D2F6D91B6059160F28A667B6BD61ABDCFBDA374930FFF31A2620DF9AA6BFE8C2C27E78A8423FDD0DBDAF6D3E52EC80E345D5D64D5F6B20BD8D12E13D415788B69868EBA41360E1C88A25BE04B7E0182284276EC4E3BF2CE45C373C2E43C6B575C2A579209FEAEA885E20C11471DD884942266B9E3847B8839FC2A79F8F1594ADD8A10ABAC9C7881B2CF99D762B5E2E7A0BC52B7276D7F7
-20210510041024 2 6 100 2047 2 C7CE688A891B095F8844E2381248DFAE8FA10F704F18EC478287964C92B6931F4DCEF6250CEE631DC7217BB9BCEDF38B29FBFE1E62C4461F3B4FB0DD872C3D7B1AF59DF757564EFFEADFBCD4529760A9B8F277E31BAF8F986BB5C5298ECF5E0760977111396ACB3782D2F6D91B6059160F28A667B6BD61ABDCFBDA374930FFF31A2620DF9AA6BFE8C2C27E78A8423FDD0DBDAF6D3E52EC80E345D5D64D5F6B20BD8D12E13D415788B69868EBA41360E1C88A25BE04B7E0182284276EC4E3BF2CE45C373C2E43C6B575C2A579209FEAEA885E20C11471DD884942266B9E3847B8839FC2A79F8F1594ADD8A10ABAC9C7881B2CF99D762B5E2E7A0BC52B7285067B
-20210510041122 2 6 100 2047 2 C7CE688A891B095F8844E2381248DFAE8FA10F704F18EC478287964C92B6931F4DCEF6250CEE631DC7217BB9BCEDF38B29FBFE1E62C4461F3B4FB0DD872C3D7B1AF59DF757564EFFEADFBCD4529760A9B8F277E31BAF8F986BB5C5298ECF5E0760977111396ACB3782D2F6D91B6059160F28A667B6BD61ABDCFBDA374930FFF31A2620DF9AA6BFE8C2C27E78A8423FDD0DBDAF6D3E52EC80E345D5D64D5F6B20BD8D12E13D415788B69868EBA41360E1C88A25BE04B7E0182284276EC4E3BF2CE45C373C2E43C6B575C2A579209FEAEA885E20C11471DD884942266B9E3847B8839FC2A79F8F1594ADD8A10ABAC9C7881B2CF99D762B5E2E7A0BC52B72EF5963
-20210510041140 2 6 100 2047 2 C7CE688A891B095F8844E2381248DFAE8FA10F704F18EC478287964C92B6931F4DCEF6250CEE631DC7217BB9BCEDF38B29FBFE1E62C4461F3B4FB0DD872C3D7B1AF59DF757564EFFEADFBCD4529760A9B8F277E31BAF8F986BB5C5298ECF5E0760977111396ACB3782D2F6D91B6059160F28A667B6BD61ABDCFBDA374930FFF31A2620DF9AA6BFE8C2C27E78A8423FDD0DBDAF6D3E52EC80E345D5D64D5F6B20BD8D12E13D415788B69868EBA41360E1C88A25BE04B7E0182284276EC4E3BF2CE45C373C2E43C6B575C2A579209FEAEA885E20C11471DD884942266B9E3847B8839FC2A79F8F1594ADD8A10ABAC9C7881B2CF99D762B5E2E7A0BC52B730BC05B
-20210510041146 2 6 100 2047 2 C7CE688A891B095F8844E2381248DFAE8FA10F704F18EC478287964C92B6931F4DCEF6250CEE631DC7217BB9BCEDF38B29FBFE1E62C4461F3B4FB0DD872C3D7B1AF59DF757564EFFEADFBCD4529760A9B8F277E31BAF8F986BB5C5298ECF5E0760977111396ACB3782D2F6D91B6059160F28A667B6BD61ABDCFBDA374930FFF31A2620DF9AA6BFE8C2C27E78A8423FDD0DBDAF6D3E52EC80E345D5D64D5F6B20BD8D12E13D415788B69868EBA41360E1C88A25BE04B7E0182284276EC4E3BF2CE45C373C2E43C6B575C2A579209FEAEA885E20C11471DD884942266B9E3847B8839FC2A79F8F1594ADD8A10ABAC9C7881B2CF99D762B5E2E7A0BC52B730F5103
-20210510041159 2 6 100 2047 2 C7CE688A891B095F8844E2381248DFAE8FA10F704F18EC478287964C92B6931F4DCEF6250CEE631DC7217BB9BCEDF38B29FBFE1E62C4461F3B4FB0DD872C3D7B1AF59DF757564EFFEADFBCD4529760A9B8F277E31BAF8F986BB5C5298ECF5E0760977111396ACB3782D2F6D91B6059160F28A667B6BD61ABDCFBDA374930FFF31A2620DF9AA6BFE8C2C27E78A8423FDD0DBDAF6D3E52EC80E345D5D64D5F6B20BD8D12E13D415788B69868EBA41360E1C88A25BE04B7E0182284276EC4E3BF2CE45C373C2E43C6B575C2A579209FEAEA885E20C11471DD884942266B9E3847B8839FC2A79F8F1594ADD8A10ABAC9C7881B2CF99D762B5E2E7A0BC52B7321C19B
-20210510041220 2 6 100 2047 2 C7CE688A891B095F8844E2381248DFAE8FA10F704F18EC478287964C92B6931F4DCEF6250CEE631DC7217BB9BCEDF38B29FBFE1E62C4461F3B4FB0DD872C3D7B1AF59DF757564EFFEADFBCD4529760A9B8F277E31BAF8F986BB5C5298ECF5E0760977111396ACB3782D2F6D91B6059160F28A667B6BD61ABDCFBDA374930FFF31A2620DF9AA6BFE8C2C27E78A8423FDD0DBDAF6D3E52EC80E345D5D64D5F6B20BD8D12E13D415788B69868EBA41360E1C88A25BE04B7E0182284276EC4E3BF2CE45C373C2E43C6B575C2A579209FEAEA885E20C11471DD884942266B9E3847B8839FC2A79F8F1594ADD8A10ABAC9C7881B2CF99D762B5E2E7A0BC52B7341D4E3
-20210510041337 2 6 100 2047 2 C7CE688A891B095F8844E2381248DFAE8FA10F704F18EC478287964C92B6931F4DCEF6250CEE631DC7217BB9BCEDF38B29FBFE1E62C4461F3B4FB0DD872C3D7B1AF59DF757564EFFEADFBCD4529760A9B8F277E31BAF8F986BB5C5298ECF5E0760977111396ACB3782D2F6D91B6059160F28A667B6BD61ABDCFBDA374930FFF31A2620DF9AA6BFE8C2C27E78A8423FDD0DBDAF6D3E52EC80E345D5D64D5F6B20BD8D12E13D415788B69868EBA41360E1C88A25BE04B7E0182284276EC4E3BF2CE45C373C2E43C6B575C2A579209FEAEA885E20C11471DD884942266B9E3847B8839FC2A79F8F1594ADD8A10ABAC9C7881B2CF99D762B5E2E7A0BC52B73D507FB
-20210510041353 2 6 100 2047 2 C7CE688A891B095F8844E2381248DFAE8FA10F704F18EC478287964C92B6931F4DCEF6250CEE631DC7217BB9BCEDF38B29FBFE1E62C4461F3B4FB0DD872C3D7B1AF59DF757564EFFEADFBCD4529760A9B8F277E31BAF8F986BB5C5298ECF5E0760977111396ACB3782D2F6D91B6059160F28A667B6BD61ABDCFBDA374930FFF31A2620DF9AA6BFE8C2C27E78A8423FDD0DBDAF6D3E52EC80E345D5D64D5F6B20BD8D12E13D415788B69868EBA41360E1C88A25BE04B7E0182284276EC4E3BF2CE45C373C2E43C6B575C2A579209FEAEA885E20C11471DD884942266B9E3847B8839FC2A79F8F1594ADD8A10ABAC9C7881B2CF99D762B5E2E7A0BC52B73EBBAB3
-20210510041423 2 6 100 2047 5 C7CE688A891B095F8844E2381248DFAE8FA10F704F18EC478287964C92B6931F4DCEF6250CEE631DC7217BB9BCEDF38B29FBFE1E62C4461F3B4FB0DD872C3D7B1AF59DF757564EFFEADFBCD4529760A9B8F277E31BAF8F986BB5C5298ECF5E0760977111396ACB3782D2F6D91B6059160F28A667B6BD61ABDCFBDA374930FFF31A2620DF9AA6BFE8C2C27E78A8423FDD0DBDAF6D3E52EC80E345D5D64D5F6B20BD8D12E13D415788B69868EBA41360E1C88A25BE04B7E0182284276EC4E3BF2CE45C373C2E43C6B575C2A579209FEAEA885E20C11471DD884942266B9E3847B8839FC2A79F8F1594ADD8A10ABAC9C7881B2CF99D762B5E2E7A0BC52B741F0C37
-20210510041442 2 6 100 2047 5 C7CE688A891B095F8844E2381248DFAE8FA10F704F18EC478287964C92B6931F4DCEF6250CEE631DC7217BB9BCEDF38B29FBFE1E62C4461F3B4FB0DD872C3D7B1AF59DF757564EFFEADFBCD4529760A9B8F277E31BAF8F986BB5C5298ECF5E0760977111396ACB3782D2F6D91B6059160F28A667B6BD61ABDCFBDA374930FFF31A2620DF9AA6BFE8C2C27E78A8423FDD0DBDAF6D3E52EC80E345D5D64D5F6B20BD8D12E13D415788B69868EBA41360E1C88A25BE04B7E0182284276EC4E3BF2CE45C373C2E43C6B575C2A579209FEAEA885E20C11471DD884942266B9E3847B8839FC2A79F8F1594ADD8A10ABAC9C7881B2CF99D762B5E2E7A0BC52B743B9717
-20210510041457 2 6 100 2047 2 C7CE688A891B095F8844E2381248DFAE8FA10F704F18EC478287964C92B6931F4DCEF6250CEE631DC7217BB9BCEDF38B29FBFE1E62C4461F3B4FB0DD872C3D7B1AF59DF757564EFFEADFBCD4529760A9B8F277E31BAF8F986BB5C5298ECF5E0760977111396ACB3782D2F6D91B6059160F28A667B6BD61ABDCFBDA374930FFF31A2620DF9AA6BFE8C2C27E78A8423FDD0DBDAF6D3E52EC80E345D5D64D5F6B20BD8D12E13D415788B69868EBA41360E1C88A25BE04B7E0182284276EC4E3BF2CE45C373C2E43C6B575C2A579209FEAEA885E20C11471DD884942266B9E3847B8839FC2A79F8F1594ADD8A10ABAC9C7881B2CF99D762B5E2E7A0BC52B74537023
-20210510041516 2 6 100 2047 2 C7CE688A891B095F8844E2381248DFAE8FA10F704F18EC478287964C92B6931F4DCEF6250CEE631DC7217BB9BCEDF38B29FBFE1E62C4461F3B4FB0DD872C3D7B1AF59DF757564EFFEADFBCD4529760A9B8F277E31BAF8F986BB5C5298ECF5E0760977111396ACB3782D2F6D91B6059160F28A667B6BD61ABDCFBDA374930FFF31A2620DF9AA6BFE8C2C27E78A8423FDD0DBDAF6D3E52EC80E345D5D64D5F6B20BD8D12E13D415788B69868EBA41360E1C88A25BE04B7E0182284276EC4E3BF2CE45C373C2E43C6B575C2A579209FEAEA885E20C11471DD884942266B9E3847B8839FC2A79F8F1594ADD8A10ABAC9C7881B2CF99D762B5E2E7A0BC52B74718223
-20210510041554 2 6 100 2047 5 C7CE688A891B095F8844E2381248DFAE8FA10F704F18EC478287964C92B6931F4DCEF6250CEE631DC7217BB9BCEDF38B29FBFE1E62C4461F3B4FB0DD872C3D7B1AF59DF757564EFFEADFBCD4529760A9B8F277E31BAF8F986BB5C5298ECF5E0760977111396ACB3782D2F6D91B6059160F28A667B6BD61ABDCFBDA374930FFF31A2620DF9AA6BFE8C2C27E78A8423FDD0DBDAF6D3E52EC80E345D5D64D5F6B20BD8D12E13D415788B69868EBA41360E1C88A25BE04B7E0182284276EC4E3BF2CE45C373C2E43C6B575C2A579209FEAEA885E20C11471DD884942266B9E3847B8839FC2A79F8F1594ADD8A10ABAC9C7881B2CF99D762B5E2E7A0BC52B74B62DE7
-20210510041603 2 6 100 2047 2 C7CE688A891B095F8844E2381248DFAE8FA10F704F18EC478287964C92B6931F4DCEF6250CEE631DC7217BB9BCEDF38B29FBFE1E62C4461F3B4FB0DD872C3D7B1AF59DF757564EFFEADFBCD4529760A9B8F277E31BAF8F986BB5C5298ECF5E0760977111396ACB3782D2F6D91B6059160F28A667B6BD61ABDCFBDA374930FFF31A2620DF9AA6BFE8C2C27E78A8423FDD0DBDAF6D3E52EC80E345D5D64D5F6B20BD8D12E13D415788B69868EBA41360E1C88A25BE04B7E0182284276EC4E3BF2CE45C373C2E43C6B575C2A579209FEAEA885E20C11471DD884942266B9E3847B8839FC2A79F8F1594ADD8A10ABAC9C7881B2CF99D762B5E2E7A0BC52B74BF7D13
-20210510041611 2 6 100 2047 5 C7CE688A891B095F8844E2381248DFAE8FA10F704F18EC478287964C92B6931F4DCEF6250CEE631DC7217BB9BCEDF38B29FBFE1E62C4461F3B4FB0DD872C3D7B1AF59DF757564EFFEADFBCD4529760A9B8F277E31BAF8F986BB5C5298ECF5E0760977111396ACB3782D2F6D91B6059160F28A667B6BD61ABDCFBDA374930FFF31A2620DF9AA6BFE8C2C27E78A8423FDD0DBDAF6D3E52EC80E345D5D64D5F6B20BD8D12E13D415788B69868EBA41360E1C88A25BE04B7E0182284276EC4E3BF2CE45C373C2E43C6B575C2A579209FEAEA885E20C11471DD884942266B9E3847B8839FC2A79F8F1594ADD8A10ABAC9C7881B2CF99D762B5E2E7A0BC52B74C76FC7
-20210510041709 2 6 100 2047 2 C7CE688A891B095F8844E2381248DFAE8FA10F704F18EC478287964C92B6931F4DCEF6250CEE631DC7217BB9BCEDF38B29FBFE1E62C4461F3B4FB0DD872C3D7B1AF59DF757564EFFEADFBCD4529760A9B8F277E31BAF8F986BB5C5298ECF5E0760977111396ACB3782D2F6D91B6059160F28A667B6BD61ABDCFBDA374930FFF31A2620DF9AA6BFE8C2C27E78A8423FDD0DBDAF6D3E52EC80E345D5D64D5F6B20BD8D12E13D415788B69868EBA41360E1C88A25BE04B7E0182284276EC4E3BF2CE45C373C2E43C6B575C2A579209FEAEA885E20C11471DD884942266B9E3847B8839FC2A79F8F1594ADD8A10ABAC9C7881B2CF99D762B5E2E7A0BC52B7534B763
-20210510041738 2 6 100 2047 2 C7CE688A891B095F8844E2381248DFAE8FA10F704F18EC478287964C92B6931F4DCEF6250CEE631DC7217BB9BCEDF38B29FBFE1E62C4461F3B4FB0DD872C3D7B1AF59DF757564EFFEADFBCD4529760A9B8F277E31BAF8F986BB5C5298ECF5E0760977111396ACB3782D2F6D91B6059160F28A667B6BD61ABDCFBDA374930FFF31A2620DF9AA6BFE8C2C27E78A8423FDD0DBDAF6D3E52EC80E345D5D64D5F6B20BD8D12E13D415788B69868EBA41360E1C88A25BE04B7E0182284276EC4E3BF2CE45C373C2E43C6B575C2A579209FEAEA885E20C11471DD884942266B9E3847B8839FC2A79F8F1594ADD8A10ABAC9C7881B2CF99D762B5E2E7A0BC52B75649FDB
-20210510041815 2 6 100 2047 2 C7CE688A891B095F8844E2381248DFAE8FA10F704F18EC478287964C92B6931F4DCEF6250CEE631DC7217BB9BCEDF38B29FBFE1E62C4461F3B4FB0DD872C3D7B1AF59DF757564EFFEADFBCD4529760A9B8F277E31BAF8F986BB5C5298ECF5E0760977111396ACB3782D2F6D91B6059160F28A667B6BD61ABDCFBDA374930FFF31A2620DF9AA6BFE8C2C27E78A8423FDD0DBDAF6D3E52EC80E345D5D64D5F6B20BD8D12E13D415788B69868EBA41360E1C88A25BE04B7E0182284276EC4E3BF2CE45C373C2E43C6B575C2A579209FEAEA885E20C11471DD884942266B9E3847B8839FC2A79F8F1594ADD8A10ABAC9C7881B2CF99D762B5E2E7A0BC52B75A664CB
-20210510041822 2 6 100 2047 5 C7CE688A891B095F8844E2381248DFAE8FA10F704F18EC478287964C92B6931F4DCEF6250CEE631DC7217BB9BCEDF38B29FBFE1E62C4461F3B4FB0DD872C3D7B1AF59DF757564EFFEADFBCD4529760A9B8F277E31BAF8F986BB5C5298ECF5E0760977111396ACB3782D2F6D91B6059160F28A667B6BD61ABDCFBDA374930FFF31A2620DF9AA6BFE8C2C27E78A8423FDD0DBDAF6D3E52EC80E345D5D64D5F6B20BD8D12E13D415788B69868EBA41360E1C88A25BE04B7E0182284276EC4E3BF2CE45C373C2E43C6B575C2A579209FEAEA885E20C11471DD884942266B9E3847B8839FC2A79F8F1594ADD8A10ABAC9C7881B2CF99D762B5E2E7A0BC52B75AAA067
-20210510041829 2 6 100 2047 2 C7CE688A891B095F8844E2381248DFAE8FA10F704F18EC478287964C92B6931F4DCEF6250CEE631DC7217BB9BCEDF38B29FBFE1E62C4461F3B4FB0DD872C3D7B1AF59DF757564EFFEADFBCD4529760A9B8F277E31BAF8F986BB5C5298ECF5E0760977111396ACB3782D2F6D91B6059160F28A667B6BD61ABDCFBDA374930FFF31A2620DF9AA6BFE8C2C27E78A8423FDD0DBDAF6D3E52EC80E345D5D64D5F6B20BD8D12E13D415788B69868EBA41360E1C88A25BE04B7E0182284276EC4E3BF2CE45C373C2E43C6B575C2A579209FEAEA885E20C11471DD884942266B9E3847B8839FC2A79F8F1594ADD8A10ABAC9C7881B2CF99D762B5E2E7A0BC52B75B05003
-20210510041939 2 6 100 2047 2 C7CE688A891B095F8844E2381248DFAE8FA10F704F18EC478287964C92B6931F4DCEF6250CEE631DC7217BB9BCEDF38B29FBFE1E62C4461F3B4FB0DD872C3D7B1AF59DF757564EFFEADFBCD4529760A9B8F277E31BAF8F986BB5C5298ECF5E0760977111396ACB3782D2F6D91B6059160F28A667B6BD61ABDCFBDA374930FFF31A2620DF9AA6BFE8C2C27E78A8423FDD0DBDAF6D3E52EC80E345D5D64D5F6B20BD8D12E13D415788B69868EBA41360E1C88A25BE04B7E0182284276EC4E3BF2CE45C373C2E43C6B575C2A579209FEAEA885E20C11471DD884942266B9E3847B8839FC2A79F8F1594ADD8A10ABAC9C7881B2CF99D762B5E2E7A0BC52B76327F4B
-20210510042001 2 6 100 2047 5 C7CE688A891B095F8844E2381248DFAE8FA10F704F18EC478287964C92B6931F4DCEF6250CEE631DC7217BB9BCEDF38B29FBFE1E62C4461F3B4FB0DD872C3D7B1AF59DF757564EFFEADFBCD4529760A9B8F277E31BAF8F986BB5C5298ECF5E0760977111396ACB3782D2F6D91B6059160F28A667B6BD61ABDCFBDA374930FFF31A2620DF9AA6BFE8C2C27E78A8423FDD0DBDAF6D3E52EC80E345D5D64D5F6B20BD8D12E13D415788B69868EBA41360E1C88A25BE04B7E0182284276EC4E3BF2CE45C373C2E43C6B575C2A579209FEAEA885E20C11471DD884942266B9E3847B8839FC2A79F8F1594ADD8A10ABAC9C7881B2CF99D762B5E2E7A0BC52B7657FF9F
-20210510042024 2 6 100 2047 5 C7CE688A891B095F8844E2381248DFAE8FA10F704F18EC478287964C92B6931F4DCEF6250CEE631DC7217BB9BCEDF38B29FBFE1E62C4461F3B4FB0DD872C3D7B1AF59DF757564EFFEADFBCD4529760A9B8F277E31BAF8F986BB5C5298ECF5E0760977111396ACB3782D2F6D91B6059160F28A667B6BD61ABDCFBDA374930FFF31A2620DF9AA6BFE8C2C27E78A8423FDD0DBDAF6D3E52EC80E345D5D64D5F6B20BD8D12E13D415788B69868EBA41360E1C88A25BE04B7E0182284276EC4E3BF2CE45C373C2E43C6B575C2A579209FEAEA885E20C11471DD884942266B9E3847B8839FC2A79F8F1594ADD8A10ABAC9C7881B2CF99D762B5E2E7A0BC52B767BF81F
-20210510042108 2 6 100 2047 2 C7CE688A891B095F8844E2381248DFAE8FA10F704F18EC478287964C92B6931F4DCEF6250CEE631DC7217BB9BCEDF38B29FBFE1E62C4461F3B4FB0DD872C3D7B1AF59DF757564EFFEADFBCD4529760A9B8F277E31BAF8F986BB5C5298ECF5E0760977111396ACB3782D2F6D91B6059160F28A667B6BD61ABDCFBDA374930FFF31A2620DF9AA6BFE8C2C27E78A8423FDD0DBDAF6D3E52EC80E345D5D64D5F6B20BD8D12E13D415788B69868EBA41360E1C88A25BE04B7E0182284276EC4E3BF2CE45C373C2E43C6B575C2A579209FEAEA885E20C11471DD884942266B9E3847B8839FC2A79F8F1594ADD8A10ABAC9C7881B2CF99D762B5E2E7A0BC52B76CC8253
-20210510042208 2 6 100 2047 2 C7CE688A891B095F8844E2381248DFAE8FA10F704F18EC478287964C92B6931F4DCEF6250CEE631DC7217BB9BCEDF38B29FBFE1E62C4461F3B4FB0DD872C3D7B1AF59DF757564EFFEADFBCD4529760A9B8F277E31BAF8F986BB5C5298ECF5E0760977111396ACB3782D2F6D91B6059160F28A667B6BD61ABDCFBDA374930FFF31A2620DF9AA6BFE8C2C27E78A8423FDD0DBDAF6D3E52EC80E345D5D64D5F6B20BD8D12E13D415788B69868EBA41360E1C88A25BE04B7E0182284276EC4E3BF2CE45C373C2E43C6B575C2A579209FEAEA885E20C11471DD884942266B9E3847B8839FC2A79F8F1594ADD8A10ABAC9C7881B2CF99D762B5E2E7A0BC52B773A4483
-20210510042307 2 6 100 2047 5 C9E8F5A2E2CD5EF3BA0F9EEC69453B2B69DC4E7B7A250B773348A24D152ED220DDE0084C99D5F24904BA1D98907FBEB17DC1BA0E347D7B0A370A57CE6AC47D0339B639F4BCD0CF1FF1B10EE95513CF3CF9A912CFBACFBB779B4D696778940E7A0D0B43CADC0908358EA85CF8B1E8E5AAEA96BACFFDA93C9DAF9B717717302BEB039E4A17BBC93CE228E9AA9D35D560B3A6F1C60A7FD610D8449C6C0828464FB8DBD3F328371449BCF34FD693927F63F58047FD190B30EF16B45157C7ABCA21347C12BC652B2A4C5024963400DB5131B67D371691C6C27081C433CA7C158CB99F6E4C89E744EA42018DB79D6FF78BB316B700370B813B81112456D75DB9689F57
-20210510042318 2 6 100 2047 2 C9E8F5A2E2CD5EF3BA0F9EEC69453B2B69DC4E7B7A250B773348A24D152ED220DDE0084C99D5F24904BA1D98907FBEB17DC1BA0E347D7B0A370A57CE6AC47D0339B639F4BCD0CF1FF1B10EE95513CF3CF9A912CFBACFBB779B4D696778940E7A0D0B43CADC0908358EA85CF8B1E8E5AAEA96BACFFDA93C9DAF9B717717302BEB039E4A17BBC93CE228E9AA9D35D560B3A6F1C60A7FD610D8449C6C0828464FB8DBD3F328371449BCF34FD693927F63F58047FD190B30EF16B45157C7ABCA21347C12BC652B2A4C5024963400DB5131B67D371691C6C27081C433CA7C158CB99F6E4C89E744EA42018DB79D6FF78BB316B700370B813B81112456D75DB9759EDB
-20210510042544 2 6 100 2047 2 C9E8F5A2E2CD5EF3BA0F9EEC69453B2B69DC4E7B7A250B773348A24D152ED220DDE0084C99D5F24904BA1D98907FBEB17DC1BA0E347D7B0A370A57CE6AC47D0339B639F4BCD0CF1FF1B10EE95513CF3CF9A912CFBACFBB779B4D696778940E7A0D0B43CADC0908358EA85CF8B1E8E5AAEA96BACFFDA93C9DAF9B717717302BEB039E4A17BBC93CE228E9AA9D35D560B3A6F1C60A7FD610D8449C6C0828464FB8DBD3F328371449BCF34FD693927F63F58047FD190B30EF16B45157C7ABCA21347C12BC652B2A4C5024963400DB5131B67D371691C6C27081C433CA7C158CB99F6E4C89E744EA42018DB79D6FF78BB316B700370B813B81112456D75DBA901DE3
-20210510042605 2 6 100 2047 5 C9E8F5A2E2CD5EF3BA0F9EEC69453B2B69DC4E7B7A250B773348A24D152ED220DDE0084C99D5F24904BA1D98907FBEB17DC1BA0E347D7B0A370A57CE6AC47D0339B639F4BCD0CF1FF1B10EE95513CF3CF9A912CFBACFBB779B4D696778940E7A0D0B43CADC0908358EA85CF8B1E8E5AAEA96BACFFDA93C9DAF9B717717302BEB039E4A17BBC93CE228E9AA9D35D560B3A6F1C60A7FD610D8449C6C0828464FB8DBD3F328371449BCF34FD693927F63F58047FD190B30EF16B45157C7ABCA21347C12BC652B2A4C5024963400DB5131B67D371691C6C27081C433CA7C158CB99F6E4C89E744EA42018DB79D6FF78BB316B700370B813B81112456D75DBAAFDBFF
-20210510042627 2 6 100 2047 2 C9E8F5A2E2CD5EF3BA0F9EEC69453B2B69DC4E7B7A250B773348A24D152ED220DDE0084C99D5F24904BA1D98907FBEB17DC1BA0E347D7B0A370A57CE6AC47D0339B639F4BCD0CF1FF1B10EE95513CF3CF9A912CFBACFBB779B4D696778940E7A0D0B43CADC0908358EA85CF8B1E8E5AAEA96BACFFDA93C9DAF9B717717302BEB039E4A17BBC93CE228E9AA9D35D560B3A6F1C60A7FD610D8449C6C0828464FB8DBD3F328371449BCF34FD693927F63F58047FD190B30EF16B45157C7ABCA21347C12BC652B2A4C5024963400DB5131B67D371691C6C27081C433CA7C158CB99F6E4C89E744EA42018DB79D6FF78BB316B700370B813B81112456D75DBAD1CA43
-20210510042651 2 6 100 2047 2 C9E8F5A2E2CD5EF3BA0F9EEC69453B2B69DC4E7B7A250B773348A24D152ED220DDE0084C99D5F24904BA1D98907FBEB17DC1BA0E347D7B0A370A57CE6AC47D0339B639F4BCD0CF1FF1B10EE95513CF3CF9A912CFBACFBB779B4D696778940E7A0D0B43CADC0908358EA85CF8B1E8E5AAEA96BACFFDA93C9DAF9B717717302BEB039E4A17BBC93CE228E9AA9D35D560B3A6F1C60A7FD610D8449C6C0828464FB8DBD3F328371449BCF34FD693927F63F58047FD190B30EF16B45157C7ABCA21347C12BC652B2A4C5024963400DB5131B67D371691C6C27081C433CA7C158CB99F6E4C89E744EA42018DB79D6FF78BB316B700370B813B81112456D75DBAF89D2B
-20210510042714 2 6 100 2047 5 C9E8F5A2E2CD5EF3BA0F9EEC69453B2B69DC4E7B7A250B773348A24D152ED220DDE0084C99D5F24904BA1D98907FBEB17DC1BA0E347D7B0A370A57CE6AC47D0339B639F4BCD0CF1FF1B10EE95513CF3CF9A912CFBACFBB779B4D696778940E7A0D0B43CADC0908358EA85CF8B1E8E5AAEA96BACFFDA93C9DAF9B717717302BEB039E4A17BBC93CE228E9AA9D35D560B3A6F1C60A7FD610D8449C6C0828464FB8DBD3F328371449BCF34FD693927F63F58047FD190B30EF16B45157C7ABCA21347C12BC652B2A4C5024963400DB5131B67D371691C6C27081C433CA7C158CB99F6E4C89E744EA42018DB79D6FF78BB316B700370B813B81112456D75DBB1B9777
-20210510042739 2 6 100 2047 5 C9E8F5A2E2CD5EF3BA0F9EEC69453B2B69DC4E7B7A250B773348A24D152ED220DDE0084C99D5F24904BA1D98907FBEB17DC1BA0E347D7B0A370A57CE6AC47D0339B639F4BCD0CF1FF1B10EE95513CF3CF9A912CFBACFBB779B4D696778940E7A0D0B43CADC0908358EA85CF8B1E8E5AAEA96BACFFDA93C9DAF9B717717302BEB039E4A17BBC93CE228E9AA9D35D560B3A6F1C60A7FD610D8449C6C0828464FB8DBD3F328371449BCF34FD693927F63F58047FD190B30EF16B45157C7ABCA21347C12BC652B2A4C5024963400DB5131B67D371691C6C27081C433CA7C158CB99F6E4C89E744EA42018DB79D6FF78BB316B700370B813B81112456D75DBB467097
-20210510042750 2 6 100 2047 2 C9E8F5A2E2CD5EF3BA0F9EEC69453B2B69DC4E7B7A250B773348A24D152ED220DDE0084C99D5F24904BA1D98907FBEB17DC1BA0E347D7B0A370A57CE6AC47D0339B639F4BCD0CF1FF1B10EE95513CF3CF9A912CFBACFBB779B4D696778940E7A0D0B43CADC0908358EA85CF8B1E8E5AAEA96BACFFDA93C9DAF9B717717302BEB039E4A17BBC93CE228E9AA9D35D560B3A6F1C60A7FD610D8449C6C0828464FB8DBD3F328371449BCF34FD693927F63F58047FD190B30EF16B45157C7ABCA21347C12BC652B2A4C5024963400DB5131B67D371691C6C27081C433CA7C158CB99F6E4C89E744EA42018DB79D6FF78BB316B700370B813B81112456D75DBB55E393
-20210510042822 2 6 100 2047 5 C9E8F5A2E2CD5EF3BA0F9EEC69453B2B69DC4E7B7A250B773348A24D152ED220DDE0084C99D5F24904BA1D98907FBEB17DC1BA0E347D7B0A370A57CE6AC47D0339B639F4BCD0CF1FF1B10EE95513CF3CF9A912CFBACFBB779B4D696778940E7A0D0B43CADC0908358EA85CF8B1E8E5AAEA96BACFFDA93C9DAF9B717717302BEB039E4A17BBC93CE228E9AA9D35D560B3A6F1C60A7FD610D8449C6C0828464FB8DBD3F328371449BCF34FD693927F63F58047FD190B30EF16B45157C7ABCA21347C12BC652B2A4C5024963400DB5131B67D371691C6C27081C433CA7C158CB99F6E4C89E744EA42018DB79D6FF78BB316B700370B813B81112456D75DBB90099F
-20210510042827 2 6 100 2047 2 C9E8F5A2E2CD5EF3BA0F9EEC69453B2B69DC4E7B7A250B773348A24D152ED220DDE0084C99D5F24904BA1D98907FBEB17DC1BA0E347D7B0A370A57CE6AC47D0339B639F4BCD0CF1FF1B10EE95513CF3CF9A912CFBACFBB779B4D696778940E7A0D0B43CADC0908358EA85CF8B1E8E5AAEA96BACFFDA93C9DAF9B717717302BEB039E4A17BBC93CE228E9AA9D35D560B3A6F1C60A7FD610D8449C6C0828464FB8DBD3F328371449BCF34FD693927F63F58047FD190B30EF16B45157C7ABCA21347C12BC652B2A4C5024963400DB5131B67D371691C6C27081C433CA7C158CB99F6E4C89E744EA42018DB79D6FF78BB316B700370B813B81112456D75DBB9285DB
-20210510042900 2 6 100 2047 2 C9E8F5A2E2CD5EF3BA0F9EEC69453B2B69DC4E7B7A250B773348A24D152ED220DDE0084C99D5F24904BA1D98907FBEB17DC1BA0E347D7B0A370A57CE6AC47D0339B639F4BCD0CF1FF1B10EE95513CF3CF9A912CFBACFBB779B4D696778940E7A0D0B43CADC0908358EA85CF8B1E8E5AAEA96BACFFDA93C9DAF9B717717302BEB039E4A17BBC93CE228E9AA9D35D560B3A6F1C60A7FD610D8449C6C0828464FB8DBD3F328371449BCF34FD693927F63F58047FD190B30EF16B45157C7ABCA21347C12BC652B2A4C5024963400DB5131B67D371691C6C27081C433CA7C158CB99F6E4C89E744EA42018DB79D6FF78BB316B700370B813B81112456D75DBBCC8583
-20210510042912 2 6 100 2047 2 C9E8F5A2E2CD5EF3BA0F9EEC69453B2B69DC4E7B7A250B773348A24D152ED220DDE0084C99D5F24904BA1D98907FBEB17DC1BA0E347D7B0A370A57CE6AC47D0339B639F4BCD0CF1FF1B10EE95513CF3CF9A912CFBACFBB779B4D696778940E7A0D0B43CADC0908358EA85CF8B1E8E5AAEA96BACFFDA93C9DAF9B717717302BEB039E4A17BBC93CE228E9AA9D35D560B3A6F1C60A7FD610D8449C6C0828464FB8DBD3F328371449BCF34FD693927F63F58047FD190B30EF16B45157C7ABCA21347C12BC652B2A4C5024963400DB5131B67D371691C6C27081C433CA7C158CB99F6E4C89E744EA42018DB79D6FF78BB316B700370B813B81112456D75DBBDABFB3
-20210510042934 2 6 100 2047 2 C9E8F5A2E2CD5EF3BA0F9EEC69453B2B69DC4E7B7A250B773348A24D152ED220DDE0084C99D5F24904BA1D98907FBEB17DC1BA0E347D7B0A370A57CE6AC47D0339B639F4BCD0CF1FF1B10EE95513CF3CF9A912CFBACFBB779B4D696778940E7A0D0B43CADC0908358EA85CF8B1E8E5AAEA96BACFFDA93C9DAF9B717717302BEB039E4A17BBC93CE228E9AA9D35D560B3A6F1C60A7FD610D8449C6C0828464FB8DBD3F328371449BCF34FD693927F63F58047FD190B30EF16B45157C7ABCA21347C12BC652B2A4C5024963400DB5131B67D371691C6C27081C433CA7C158CB99F6E4C89E744EA42018DB79D6FF78BB316B700370B813B81112456D75DBBFE3253
-20210510043037 2 6 100 2047 2 C9E8F5A2E2CD5EF3BA0F9EEC69453B2B69DC4E7B7A250B773348A24D152ED220DDE0084C99D5F24904BA1D98907FBEB17DC1BA0E347D7B0A370A57CE6AC47D0339B639F4BCD0CF1FF1B10EE95513CF3CF9A912CFBACFBB779B4D696778940E7A0D0B43CADC0908358EA85CF8B1E8E5AAEA96BACFFDA93C9DAF9B717717302BEB039E4A17BBC93CE228E9AA9D35D560B3A6F1C60A7FD610D8449C6C0828464FB8DBD3F328371449BCF34FD693927F63F58047FD190B30EF16B45157C7ABCA21347C12BC652B2A4C5024963400DB5131B67D371691C6C27081C433CA7C158CB99F6E4C89E744EA42018DB79D6FF78BB316B700370B813B81112456D75DBC711233
-20210510043054 2 6 100 2047 2 C9E8F5A2E2CD5EF3BA0F9EEC69453B2B69DC4E7B7A250B773348A24D152ED220DDE0084C99D5F24904BA1D98907FBEB17DC1BA0E347D7B0A370A57CE6AC47D0339B639F4BCD0CF1FF1B10EE95513CF3CF9A912CFBACFBB779B4D696778940E7A0D0B43CADC0908358EA85CF8B1E8E5AAEA96BACFFDA93C9DAF9B717717302BEB039E4A17BBC93CE228E9AA9D35D560B3A6F1C60A7FD610D8449C6C0828464FB8DBD3F328371449BCF34FD693927F63F58047FD190B30EF16B45157C7ABCA21347C12BC652B2A4C5024963400DB5131B67D371691C6C27081C433CA7C158CB99F6E4C89E744EA42018DB79D6FF78BB316B700370B813B81112456D75DBC8A48CB
-20210510043100 2 6 100 2047 5 C9E8F5A2E2CD5EF3BA0F9EEC69453B2B69DC4E7B7A250B773348A24D152ED220DDE0084C99D5F24904BA1D98907FBEB17DC1BA0E347D7B0A370A57CE6AC47D0339B639F4BCD0CF1FF1B10EE95513CF3CF9A912CFBACFBB779B4D696778940E7A0D0B43CADC0908358EA85CF8B1E8E5AAEA96BACFFDA93C9DAF9B717717302BEB039E4A17BBC93CE228E9AA9D35D560B3A6F1C60A7FD610D8449C6C0828464FB8DBD3F328371449BCF34FD693927F63F58047FD190B30EF16B45157C7ABCA21347C12BC652B2A4C5024963400DB5131B67D371691C6C27081C433CA7C158CB99F6E4C89E744EA42018DB79D6FF78BB316B700370B813B81112456D75DBC8DDC1F
-20210510043115 2 6 100 2047 5 C9E8F5A2E2CD5EF3BA0F9EEC69453B2B69DC4E7B7A250B773348A24D152ED220DDE0084C99D5F24904BA1D98907FBEB17DC1BA0E347D7B0A370A57CE6AC47D0339B639F4BCD0CF1FF1B10EE95513CF3CF9A912CFBACFBB779B4D696778940E7A0D0B43CADC0908358EA85CF8B1E8E5AAEA96BACFFDA93C9DAF9B717717302BEB039E4A17BBC93CE228E9AA9D35D560B3A6F1C60A7FD610D8449C6C0828464FB8DBD3F328371449BCF34FD693927F63F58047FD190B30EF16B45157C7ABCA21347C12BC652B2A4C5024963400DB5131B67D371691C6C27081C433CA7C158CB99F6E4C89E744EA42018DB79D6FF78BB316B700370B813B81112456D75DBCA597AF
-20210510043209 2 6 100 2047 2 C9E8F5A2E2CD5EF3BA0F9EEC69453B2B69DC4E7B7A250B773348A24D152ED220DDE0084C99D5F24904BA1D98907FBEB17DC1BA0E347D7B0A370A57CE6AC47D0339B639F4BCD0CF1FF1B10EE95513CF3CF9A912CFBACFBB779B4D696778940E7A0D0B43CADC0908358EA85CF8B1E8E5AAEA96BACFFDA93C9DAF9B717717302BEB039E4A17BBC93CE228E9AA9D35D560B3A6F1C60A7FD610D8449C6C0828464FB8DBD3F328371449BCF34FD693927F63F58047FD190B30EF16B45157C7ABCA21347C12BC652B2A4C5024963400DB5131B67D371691C6C27081C433CA7C158CB99F6E4C89E744EA42018DB79D6FF78BB316B700370B813B81112456D75DBD076783
-20210510043220 2 6 100 2047 2 C9E8F5A2E2CD5EF3BA0F9EEC69453B2B69DC4E7B7A250B773348A24D152ED220DDE0084C99D5F24904BA1D98907FBEB17DC1BA0E347D7B0A370A57CE6AC47D0339B639F4BCD0CF1FF1B10EE95513CF3CF9A912CFBACFBB779B4D696778940E7A0D0B43CADC0908358EA85CF8B1E8E5AAEA96BACFFDA93C9DAF9B717717302BEB039E4A17BBC93CE228E9AA9D35D560B3A6F1C60A7FD610D8449C6C0828464FB8DBD3F328371449BCF34FD693927F63F58047FD190B30EF16B45157C7ABCA21347C12BC652B2A4C5024963400DB5131B67D371691C6C27081C433CA7C158CB99F6E4C89E744EA42018DB79D6FF78BB316B700370B813B81112456D75DBD14801B
-20210510043228 2 6 100 2047 2 C9E8F5A2E2CD5EF3BA0F9EEC69453B2B69DC4E7B7A250B773348A24D152ED220DDE0084C99D5F24904BA1D98907FBEB17DC1BA0E347D7B0A370A57CE6AC47D0339B639F4BCD0CF1FF1B10EE95513CF3CF9A912CFBACFBB779B4D696778940E7A0D0B43CADC0908358EA85CF8B1E8E5AAEA96BACFFDA93C9DAF9B717717302BEB039E4A17BBC93CE228E9AA9D35D560B3A6F1C60A7FD610D8449C6C0828464FB8DBD3F328371449BCF34FD693927F63F58047FD190B30EF16B45157C7ABCA21347C12BC652B2A4C5024963400DB5131B67D371691C6C27081C433CA7C158CB99F6E4C89E744EA42018DB79D6FF78BB316B700370B813B81112456D75DBD1D92AB
-20210510043239 2 6 100 2047 2 C9E8F5A2E2CD5EF3BA0F9EEC69453B2B69DC4E7B7A250B773348A24D152ED220DDE0084C99D5F24904BA1D98907FBEB17DC1BA0E347D7B0A370A57CE6AC47D0339B639F4BCD0CF1FF1B10EE95513CF3CF9A912CFBACFBB779B4D696778940E7A0D0B43CADC0908358EA85CF8B1E8E5AAEA96BACFFDA93C9DAF9B717717302BEB039E4A17BBC93CE228E9AA9D35D560B3A6F1C60A7FD610D8449C6C0828464FB8DBD3F328371449BCF34FD693927F63F58047FD190B30EF16B45157C7ABCA21347C12BC652B2A4C5024963400DB5131B67D371691C6C27081C433CA7C158CB99F6E4C89E744EA42018DB79D6FF78BB316B700370B813B81112456D75DBD28D563
-20210510043253 2 6 100 2047 2 C9E8F5A2E2CD5EF3BA0F9EEC69453B2B69DC4E7B7A250B773348A24D152ED220DDE0084C99D5F24904BA1D98907FBEB17DC1BA0E347D7B0A370A57CE6AC47D0339B639F4BCD0CF1FF1B10EE95513CF3CF9A912CFBACFBB779B4D696778940E7A0D0B43CADC0908358EA85CF8B1E8E5AAEA96BACFFDA93C9DAF9B717717302BEB039E4A17BBC93CE228E9AA9D35D560B3A6F1C60A7FD610D8449C6C0828464FB8DBD3F328371449BCF34FD693927F63F58047FD190B30EF16B45157C7ABCA21347C12BC652B2A4C5024963400DB5131B67D371691C6C27081C433CA7C158CB99F6E4C89E744EA42018DB79D6FF78BB316B700370B813B81112456D75DBD3BDADB
-20210510043313 2 6 100 2047 2 C9E8F5A2E2CD5EF3BA0F9EEC69453B2B69DC4E7B7A250B773348A24D152ED220DDE0084C99D5F24904BA1D98907FBEB17DC1BA0E347D7B0A370A57CE6AC47D0339B639F4BCD0CF1FF1B10EE95513CF3CF9A912CFBACFBB779B4D696778940E7A0D0B43CADC0908358EA85CF8B1E8E5AAEA96BACFFDA93C9DAF9B717717302BEB039E4A17BBC93CE228E9AA9D35D560B3A6F1C60A7FD610D8449C6C0828464FB8DBD3F328371449BCF34FD693927F63F58047FD190B30EF16B45157C7ABCA21347C12BC652B2A4C5024963400DB5131B67D371691C6C27081C433CA7C158CB99F6E4C89E744EA42018DB79D6FF78BB316B700370B813B81112456D75DBD5D71B3
-20210510043347 2 6 100 2047 2 C9E8F5A2E2CD5EF3BA0F9EEC69453B2B69DC4E7B7A250B773348A24D152ED220DDE0084C99D5F24904BA1D98907FBEB17DC1BA0E347D7B0A370A57CE6AC47D0339B639F4BCD0CF1FF1B10EE95513CF3CF9A912CFBACFBB779B4D696778940E7A0D0B43CADC0908358EA85CF8B1E8E5AAEA96BACFFDA93C9DAF9B717717302BEB039E4A17BBC93CE228E9AA9D35D560B3A6F1C60A7FD610D8449C6C0828464FB8DBD3F328371449BCF34FD693927F63F58047FD190B30EF16B45157C7ABCA21347C12BC652B2A4C5024963400DB5131B67D371691C6C27081C433CA7C158CB99F6E4C89E744EA42018DB79D6FF78BB316B700370B813B81112456D75DBD9B7913
-20210510043419 2 6 100 2047 5 C9E8F5A2E2CD5EF3BA0F9EEC69453B2B69DC4E7B7A250B773348A24D152ED220DDE0084C99D5F24904BA1D98907FBEB17DC1BA0E347D7B0A370A57CE6AC47D0339B639F4BCD0CF1FF1B10EE95513CF3CF9A912CFBACFBB779B4D696778940E7A0D0B43CADC0908358EA85CF8B1E8E5AAEA96BACFFDA93C9DAF9B717717302BEB039E4A17BBC93CE228E9AA9D35D560B3A6F1C60A7FD610D8449C6C0828464FB8DBD3F328371449BCF34FD693927F63F58047FD190B30EF16B45157C7ABCA21347C12BC652B2A4C5024963400DB5131B67D371691C6C27081C433CA7C158CB99F6E4C89E744EA42018DB79D6FF78BB316B700370B813B81112456D75DBDD144B7
-20210510043448 2 6 100 2047 2 C9E8F5A2E2CD5EF3BA0F9EEC69453B2B69DC4E7B7A250B773348A24D152ED220DDE0084C99D5F24904BA1D98907FBEB17DC1BA0E347D7B0A370A57CE6AC47D0339B639F4BCD0CF1FF1B10EE95513CF3CF9A912CFBACFBB779B4D696778940E7A0D0B43CADC0908358EA85CF8B1E8E5AAEA96BACFFDA93C9DAF9B717717302BEB039E4A17BBC93CE228E9AA9D35D560B3A6F1C60A7FD610D8449C6C0828464FB8DBD3F328371449BCF34FD693927F63F58047FD190B30EF16B45157C7ABCA21347C12BC652B2A4C5024963400DB5131B67D371691C6C27081C433CA7C158CB99F6E4C89E744EA42018DB79D6FF78BB316B700370B813B81112456D75DBE03F6C3
-20210510043524 2 6 100 2047 5 C9E8F5A2E2CD5EF3BA0F9EEC69453B2B69DC4E7B7A250B773348A24D152ED220DDE0084C99D5F24904BA1D98907FBEB17DC1BA0E347D7B0A370A57CE6AC47D0339B639F4BCD0CF1FF1B10EE95513CF3CF9A912CFBACFBB779B4D696778940E7A0D0B43CADC0908358EA85CF8B1E8E5AAEA96BACFFDA93C9DAF9B717717302BEB039E4A17BBC93CE228E9AA9D35D560B3A6F1C60A7FD610D8449C6C0828464FB8DBD3F328371449BCF34FD693927F63F58047FD190B30EF16B45157C7ABCA21347C12BC652B2A4C5024963400DB5131B67D371691C6C27081C433CA7C158CB99F6E4C89E744EA42018DB79D6FF78BB316B700370B813B81112456D75DBE40DB47
-20210510043553 2 6 100 2047 5 C9E8F5A2E2CD5EF3BA0F9EEC69453B2B69DC4E7B7A250B773348A24D152ED220DDE0084C99D5F24904BA1D98907FBEB17DC1BA0E347D7B0A370A57CE6AC47D0339B639F4BCD0CF1FF1B10EE95513CF3CF9A912CFBACFBB779B4D696778940E7A0D0B43CADC0908358EA85CF8B1E8E5AAEA96BACFFDA93C9DAF9B717717302BEB039E4A17BBC93CE228E9AA9D35D560B3A6F1C60A7FD610D8449C6C0828464FB8DBD3F328371449BCF34FD693927F63F58047FD190B30EF16B45157C7ABCA21347C12BC652B2A4C5024963400DB5131B67D371691C6C27081C433CA7C158CB99F6E4C89E744EA42018DB79D6FF78BB316B700370B813B81112456D75DBE70EA8F
-20210510043611 2 6 100 2047 2 C9E8F5A2E2CD5EF3BA0F9EEC69453B2B69DC4E7B7A250B773348A24D152ED220DDE0084C99D5F24904BA1D98907FBEB17DC1BA0E347D7B0A370A57CE6AC47D0339B639F4BCD0CF1FF1B10EE95513CF3CF9A912CFBACFBB779B4D696778940E7A0D0B43CADC0908358EA85CF8B1E8E5AAEA96BACFFDA93C9DAF9B717717302BEB039E4A17BBC93CE228E9AA9D35D560B3A6F1C60A7FD610D8449C6C0828464FB8DBD3F328371449BCF34FD693927F63F58047FD190B30EF16B45157C7ABCA21347C12BC652B2A4C5024963400DB5131B67D371691C6C27081C433CA7C158CB99F6E4C89E744EA42018DB79D6FF78BB316B700370B813B81112456D75DBE8DE163
-20210510043637 2 6 100 2047 5 C9E8F5A2E2CD5EF3BA0F9EEC69453B2B69DC4E7B7A250B773348A24D152ED220DDE0084C99D5F24904BA1D98907FBEB17DC1BA0E347D7B0A370A57CE6AC47D0339B639F4BCD0CF1FF1B10EE95513CF3CF9A912CFBACFBB779B4D696778940E7A0D0B43CADC0908358EA85CF8B1E8E5AAEA96BACFFDA93C9DAF9B717717302BEB039E4A17BBC93CE228E9AA9D35D560B3A6F1C60A7FD610D8449C6C0828464FB8DBD3F328371449BCF34FD693927F63F58047FD190B30EF16B45157C7ABCA21347C12BC652B2A4C5024963400DB5131B67D371691C6C27081C433CA7C158CB99F6E4C89E744EA42018DB79D6FF78BB316B700370B813B81112456D75DBEB894F7
-20210510043702 2 6 100 2047 2 C9E8F5A2E2CD5EF3BA0F9EEC69453B2B69DC4E7B7A250B773348A24D152ED220DDE0084C99D5F24904BA1D98907FBEB17DC1BA0E347D7B0A370A57CE6AC47D0339B639F4BCD0CF1FF1B10EE95513CF3CF9A912CFBACFBB779B4D696778940E7A0D0B43CADC0908358EA85CF8B1E8E5AAEA96BACFFDA93C9DAF9B717717302BEB039E4A17BBC93CE228E9AA9D35D560B3A6F1C60A7FD610D8449C6C0828464FB8DBD3F328371449BCF34FD693927F63F58047FD190B30EF16B45157C7ABCA21347C12BC652B2A4C5024963400DB5131B67D371691C6C27081C433CA7C158CB99F6E4C89E744EA42018DB79D6FF78BB316B700370B813B81112456D75DBEE0932B
-20210510043916 2 6 100 2047 2 C9E8F5A2E2CD5EF3BA0F9EEC69453B2B69DC4E7B7A250B773348A24D152ED220DDE0084C99D5F24904BA1D98907FBEB17DC1BA0E347D7B0A370A57CE6AC47D0339B639F4BCD0CF1FF1B10EE95513CF3CF9A912CFBACFBB779B4D696778940E7A0D0B43CADC0908358EA85CF8B1E8E5AAEA96BACFFDA93C9DAF9B717717302BEB039E4A17BBC93CE228E9AA9D35D560B3A6F1C60A7FD610D8449C6C0828464FB8DBD3F328371449BCF34FD693927F63F58047FD190B30EF16B45157C7ABCA21347C12BC652B2A4C5024963400DB5131B67D371691C6C27081C433CA7C158CB99F6E4C89E744EA42018DB79D6FF78BB316B700370B813B81112456D75DBFDE81CB
-20210510043947 2 6 100 2047 5 C9E8F5A2E2CD5EF3BA0F9EEC69453B2B69DC4E7B7A250B773348A24D152ED220DDE0084C99D5F24904BA1D98907FBEB17DC1BA0E347D7B0A370A57CE6AC47D0339B639F4BCD0CF1FF1B10EE95513CF3CF9A912CFBACFBB779B4D696778940E7A0D0B43CADC0908358EA85CF8B1E8E5AAEA96BACFFDA93C9DAF9B717717302BEB039E4A17BBC93CE228E9AA9D35D560B3A6F1C60A7FD610D8449C6C0828464FB8DBD3F328371449BCF34FD693927F63F58047FD190B30EF16B45157C7ABCA21347C12BC652B2A4C5024963400DB5131B67D371691C6C27081C433CA7C158CB99F6E4C89E744EA42018DB79D6FF78BB316B700370B813B81112456D75DC015B74F
-20210510044005 2 6 100 2047 2 C9E8F5A2E2CD5EF3BA0F9EEC69453B2B69DC4E7B7A250B773348A24D152ED220DDE0084C99D5F24904BA1D98907FBEB17DC1BA0E347D7B0A370A57CE6AC47D0339B639F4BCD0CF1FF1B10EE95513CF3CF9A912CFBACFBB779B4D696778940E7A0D0B43CADC0908358EA85CF8B1E8E5AAEA96BACFFDA93C9DAF9B717717302BEB039E4A17BBC93CE228E9AA9D35D560B3A6F1C60A7FD610D8449C6C0828464FB8DBD3F328371449BCF34FD693927F63F58047FD190B30EF16B45157C7ABCA21347C12BC652B2A4C5024963400DB5131B67D371691C6C27081C433CA7C158CB99F6E4C89E744EA42018DB79D6FF78BB316B700370B813B81112456D75DC02F7D33
-20210510044107 2 6 100 2047 2 C9E8F5A2E2CD5EF3BA0F9EEC69453B2B69DC4E7B7A250B773348A24D152ED220DDE0084C99D5F24904BA1D98907FBEB17DC1BA0E347D7B0A370A57CE6AC47D0339B639F4BCD0CF1FF1B10EE95513CF3CF9A912CFBACFBB779B4D696778940E7A0D0B43CADC0908358EA85CF8B1E8E5AAEA96BACFFDA93C9DAF9B717717302BEB039E4A17BBC93CE228E9AA9D35D560B3A6F1C60A7FD610D8449C6C0828464FB8DBD3F328371449BCF34FD693927F63F58047FD190B30EF16B45157C7ABCA21347C12BC652B2A4C5024963400DB5131B67D371691C6C27081C433CA7C158CB99F6E4C89E744EA42018DB79D6FF78BB316B700370B813B81112456D75DC0A0FCAB
-20210510044154 2 6 100 2047 2 C9E8F5A2E2CD5EF3BA0F9EEC69453B2B69DC4E7B7A250B773348A24D152ED220DDE0084C99D5F24904BA1D98907FBEB17DC1BA0E347D7B0A370A57CE6AC47D0339B639F4BCD0CF1FF1B10EE95513CF3CF9A912CFBACFBB779B4D696778940E7A0D0B43CADC0908358EA85CF8B1E8E5AAEA96BACFFDA93C9DAF9B717717302BEB039E4A17BBC93CE228E9AA9D35D560B3A6F1C60A7FD610D8449C6C0828464FB8DBD3F328371449BCF34FD693927F63F58047FD190B30EF16B45157C7ABCA21347C12BC652B2A4C5024963400DB5131B67D371691C6C27081C433CA7C158CB99F6E4C89E744EA42018DB79D6FF78BB316B700370B813B81112456D75DC0F49F4B
-20210510053053 2 6 100 3071 5 EAC054F0A6595901FCD8F7F8FCC4BA738ED1B3A5EBCBA6F7616CAF48A071E1407283441719C3FE1C10D43799F3BF87492ABDBF0F3B0662504AE552C6B670DB5F75553BAEE273BEFA160C918C0C1039AAB3BC058505CA05328B198C797296B70B2F5F73BAB292EDE06955F59541F73EF820DC7F4BFD4DE54C99F16A798266472540D8819F43ED29390271A2A57785AAD3B8BC142D7F3C5A179D6E4DE94C37DC0D278807119989836DA3A8DB918A2786D41753F774F5760095306B15AF307D86E6A9681950F2510C3FB3FC39820F216EA08689D085A89434CF3D98EB5ABFFCEDCBD0E6AAFE9C9BE072814730678B9082B5B62CA113D9243C83199C940D18D748D64B929A94F68268C8D5B976A32041580B2BFFD5D5FE21A338F65FB1FC494416BA804A920AEF90353F4924D30183908D2C56ECBDC381446CB0F8F4162B3F9C050FF4B226EBFC86D7DEFFB20445255A836762B18183E9F932B8775C21CBECB9C31B64A855FF4D1B5B77E6EDBC31776FD0AD5C23E53603074C118F6936C86B3A3D47
-20210510053442 2 6 100 3071 2 EAC054F0A6595901FCD8F7F8FCC4BA738ED1B3A5EBCBA6F7616CAF48A071E1407283441719C3FE1C10D43799F3BF87492ABDBF0F3B0662504AE552C6B670DB5F75553BAEE273BEFA160C918C0C1039AAB3BC058505CA05328B198C797296B70B2F5F73BAB292EDE06955F59541F73EF820DC7F4BFD4DE54C99F16A798266472540D8819F43ED29390271A2A57785AAD3B8BC142D7F3C5A179D6E4DE94C37DC0D278807119989836DA3A8DB918A2786D41753F774F5760095306B15AF307D86E6A9681950F2510C3FB3FC39820F216EA08689D085A89434CF3D98EB5ABFFCEDCBD0E6AAFE9C9BE072814730678B9082B5B62CA113D9243C83199C940D18D748D64B929A94F68268C8D5B976A32041580B2BFFD5D5FE21A338F65FB1FC494416BA804A920AEF90353F4924D30183908D2C56ECBDC381446CB0F8F4162B3F9C050FF4B226EBFC86D7DEFFB20445255A836762B18183E9F932B8775C21CBECB9C31B64A855FF4D1B5B77E6EDBC31776FD0AD5C23E53603074C118F6936C86BCD69AB
-20210510053741 2 6 100 3071 2 EAC054F0A6595901FCD8F7F8FCC4BA738ED1B3A5EBCBA6F7616CAF48A071E1407283441719C3FE1C10D43799F3BF87492ABDBF0F3B0662504AE552C6B670DB5F75553BAEE273BEFA160C918C0C1039AAB3BC058505CA05328B198C797296B70B2F5F73BAB292EDE06955F59541F73EF820DC7F4BFD4DE54C99F16A798266472540D8819F43ED29390271A2A57785AAD3B8BC142D7F3C5A179D6E4DE94C37DC0D278807119989836DA3A8DB918A2786D41753F774F5760095306B15AF307D86E6A9681950F2510C3FB3FC39820F216EA08689D085A89434CF3D98EB5ABFFCEDCBD0E6AAFE9C9BE072814730678B9082B5B62CA113D9243C83199C940D18D748D64B929A94F68268C8D5B976A32041580B2BFFD5D5FE21A338F65FB1FC494416BA804A920AEF90353F4924D30183908D2C56ECBDC381446CB0F8F4162B3F9C050FF4B226EBFC86D7DEFFB20445255A836762B18183E9F932B8775C21CBECB9C31B64A855FF4D1B5B77E6EDBC31776FD0AD5C23E53603074C118F6936C86C3A162B
-20210510054118 2 6 100 3071 5 EAC054F0A6595901FCD8F7F8FCC4BA738ED1B3A5EBCBA6F7616CAF48A071E1407283441719C3FE1C10D43799F3BF87492ABDBF0F3B0662504AE552C6B670DB5F75553BAEE273BEFA160C918C0C1039AAB3BC058505CA05328B198C797296B70B2F5F73BAB292EDE06955F59541F73EF820DC7F4BFD4DE54C99F16A798266472540D8819F43ED29390271A2A57785AAD3B8BC142D7F3C5A179D6E4DE94C37DC0D278807119989836DA3A8DB918A2786D41753F774F5760095306B15AF307D86E6A9681950F2510C3FB3FC39820F216EA08689D085A89434CF3D98EB5ABFFCEDCBD0E6AAFE9C9BE072814730678B9082B5B62CA113D9243C83199C940D18D748D64B929A94F68268C8D5B976A32041580B2BFFD5D5FE21A338F65FB1FC494416BA804A920AEF90353F4924D30183908D2C56ECBDC381446CB0F8F4162B3F9C050FF4B226EBFC86D7DEFFB20445255A836762B18183E9F932B8775C21CBECB9C31B64A855FF4D1B5B77E6EDBC31776FD0AD5C23E53603074C118F6936C86CC74307
-20210510054156 2 6 100 3071 2 EAC054F0A6595901FCD8F7F8FCC4BA738ED1B3A5EBCBA6F7616CAF48A071E1407283441719C3FE1C10D43799F3BF87492ABDBF0F3B0662504AE552C6B670DB5F75553BAEE273BEFA160C918C0C1039AAB3BC058505CA05328B198C797296B70B2F5F73BAB292EDE06955F59541F73EF820DC7F4BFD4DE54C99F16A798266472540D8819F43ED29390271A2A57785AAD3B8BC142D7F3C5A179D6E4DE94C37DC0D278807119989836DA3A8DB918A2786D41753F774F5760095306B15AF307D86E6A9681950F2510C3FB3FC39820F216EA08689D085A89434CF3D98EB5ABFFCEDCBD0E6AAFE9C9BE072814730678B9082B5B62CA113D9243C83199C940D18D748D64B929A94F68268C8D5B976A32041580B2BFFD5D5FE21A338F65FB1FC494416BA804A920AEF90353F4924D30183908D2C56ECBDC381446CB0F8F4162B3F9C050FF4B226EBFC86D7DEFFB20445255A836762B18183E9F932B8775C21CBECB9C31B64A855FF4D1B5B77E6EDBC31776FD0AD5C23E53603074C118F6936C86CD6DE3B
-20210510054349 2 6 100 3071 5 EAC054F0A6595901FCD8F7F8FCC4BA738ED1B3A5EBCBA6F7616CAF48A071E1407283441719C3FE1C10D43799F3BF87492ABDBF0F3B0662504AE552C6B670DB5F75553BAEE273BEFA160C918C0C1039AAB3BC058505CA05328B198C797296B70B2F5F73BAB292EDE06955F59541F73EF820DC7F4BFD4DE54C99F16A798266472540D8819F43ED29390271A2A57785AAD3B8BC142D7F3C5A179D6E4DE94C37DC0D278807119989836DA3A8DB918A2786D41753F774F5760095306B15AF307D86E6A9681950F2510C3FB3FC39820F216EA08689D085A89434CF3D98EB5ABFFCEDCBD0E6AAFE9C9BE072814730678B9082B5B62CA113D9243C83199C940D18D748D64B929A94F68268C8D5B976A32041580B2BFFD5D5FE21A338F65FB1FC494416BA804A920AEF90353F4924D30183908D2C56ECBDC381446CB0F8F4162B3F9C050FF4B226EBFC86D7DEFFB20445255A836762B18183E9F932B8775C21CBECB9C31B64A855FF4D1B5B77E6EDBC31776FD0AD5C23E53603074C118F6936C86D19E8FF
-20210510054413 2 6 100 3071 2 EAC054F0A6595901FCD8F7F8FCC4BA738ED1B3A5EBCBA6F7616CAF48A071E1407283441719C3FE1C10D43799F3BF87492ABDBF0F3B0662504AE552C6B670DB5F75553BAEE273BEFA160C918C0C1039AAB3BC058505CA05328B198C797296B70B2F5F73BAB292EDE06955F59541F73EF820DC7F4BFD4DE54C99F16A798266472540D8819F43ED29390271A2A57785AAD3B8BC142D7F3C5A179D6E4DE94C37DC0D278807119989836DA3A8DB918A2786D41753F774F5760095306B15AF307D86E6A9681950F2510C3FB3FC39820F216EA08689D085A89434CF3D98EB5ABFFCEDCBD0E6AAFE9C9BE072814730678B9082B5B62CA113D9243C83199C940D18D748D64B929A94F68268C8D5B976A32041580B2BFFD5D5FE21A338F65FB1FC494416BA804A920AEF90353F4924D30183908D2C56ECBDC381446CB0F8F4162B3F9C050FF4B226EBFC86D7DEFFB20445255A836762B18183E9F932B8775C21CBECB9C31B64A855FF4D1B5B77E6EDBC31776FD0AD5C23E53603074C118F6936C86D2241CB
-20210510054752 2 6 100 3071 2 EAC054F0A6595901FCD8F7F8FCC4BA738ED1B3A5EBCBA6F7616CAF48A071E1407283441719C3FE1C10D43799F3BF87492ABDBF0F3B0662504AE552C6B670DB5F75553BAEE273BEFA160C918C0C1039AAB3BC058505CA05328B198C797296B70B2F5F73BAB292EDE06955F59541F73EF820DC7F4BFD4DE54C99F16A798266472540D8819F43ED29390271A2A57785AAD3B8BC142D7F3C5A179D6E4DE94C37DC0D278807119989836DA3A8DB918A2786D41753F774F5760095306B15AF307D86E6A9681950F2510C3FB3FC39820F216EA08689D085A89434CF3D98EB5ABFFCEDCBD0E6AAFE9C9BE072814730678B9082B5B62CA113D9243C83199C940D18D748D64B929A94F68268C8D5B976A32041580B2BFFD5D5FE21A338F65FB1FC494416BA804A920AEF90353F4924D30183908D2C56ECBDC381446CB0F8F4162B3F9C050FF4B226EBFC86D7DEFFB20445255A836762B18183E9F932B8775C21CBECB9C31B64A855FF4D1B5B77E6EDBC31776FD0AD5C23E53603074C118F6936C86DB1B4E3
-20210510054845 2 6 100 3071 2 EAC054F0A6595901FCD8F7F8FCC4BA738ED1B3A5EBCBA6F7616CAF48A071E1407283441719C3FE1C10D43799F3BF87492ABDBF0F3B0662504AE552C6B670DB5F75553BAEE273BEFA160C918C0C1039AAB3BC058505CA05328B198C797296B70B2F5F73BAB292EDE06955F59541F73EF820DC7F4BFD4DE54C99F16A798266472540D8819F43ED29390271A2A57785AAD3B8BC142D7F3C5A179D6E4DE94C37DC0D278807119989836DA3A8DB918A2786D41753F774F5760095306B15AF307D86E6A9681950F2510C3FB3FC39820F216EA08689D085A89434CF3D98EB5ABFFCEDCBD0E6AAFE9C9BE072814730678B9082B5B62CA113D9243C83199C940D18D748D64B929A94F68268C8D5B976A32041580B2BFFD5D5FE21A338F65FB1FC494416BA804A920AEF90353F4924D30183908D2C56ECBDC381446CB0F8F4162B3F9C050FF4B226EBFC86D7DEFFB20445255A836762B18183E9F932B8775C21CBECB9C31B64A855FF4D1B5B77E6EDBC31776FD0AD5C23E53603074C118F6936C86DCDC3BB
-20210510054924 2 6 100 3071 5 EAC054F0A6595901FCD8F7F8FCC4BA738ED1B3A5EBCBA6F7616CAF48A071E1407283441719C3FE1C10D43799F3BF87492ABDBF0F3B0662504AE552C6B670DB5F75553BAEE273BEFA160C918C0C1039AAB3BC058505CA05328B198C797296B70B2F5F73BAB292EDE06955F59541F73EF820DC7F4BFD4DE54C99F16A798266472540D8819F43ED29390271A2A57785AAD3B8BC142D7F3C5A179D6E4DE94C37DC0D278807119989836DA3A8DB918A2786D41753F774F5760095306B15AF307D86E6A9681950F2510C3FB3FC39820F216EA08689D085A89434CF3D98EB5ABFFCEDCBD0E6AAFE9C9BE072814730678B9082B5B62CA113D9243C83199C940D18D748D64B929A94F68268C8D5B976A32041580B2BFFD5D5FE21A338F65FB1FC494416BA804A920AEF90353F4924D30183908D2C56ECBDC381446CB0F8F4162B3F9C050FF4B226EBFC86D7DEFFB20445255A836762B18183E9F932B8775C21CBECB9C31B64A855FF4D1B5B77E6EDBC31776FD0AD5C23E53603074C118F6936C86DDEE687
-20210510055001 2 6 100 3071 5 EAC054F0A6595901FCD8F7F8FCC4BA738ED1B3A5EBCBA6F7616CAF48A071E1407283441719C3FE1C10D43799F3BF87492ABDBF0F3B0662504AE552C6B670DB5F75553BAEE273BEFA160C918C0C1039AAB3BC058505CA05328B198C797296B70B2F5F73BAB292EDE06955F59541F73EF820DC7F4BFD4DE54C99F16A798266472540D8819F43ED29390271A2A57785AAD3B8BC142D7F3C5A179D6E4DE94C37DC0D278807119989836DA3A8DB918A2786D41753F774F5760095306B15AF307D86E6A9681950F2510C3FB3FC39820F216EA08689D085A89434CF3D98EB5ABFFCEDCBD0E6AAFE9C9BE072814730678B9082B5B62CA113D9243C83199C940D18D748D64B929A94F68268C8D5B976A32041580B2BFFD5D5FE21A338F65FB1FC494416BA804A920AEF90353F4924D30183908D2C56ECBDC381446CB0F8F4162B3F9C050FF4B226EBFC86D7DEFFB20445255A836762B18183E9F932B8775C21CBECB9C31B64A855FF4D1B5B77E6EDBC31776FD0AD5C23E53603074C118F6936C86DF020FF
-20210510055111 2 6 100 3071 5 EAC054F0A6595901FCD8F7F8FCC4BA738ED1B3A5EBCBA6F7616CAF48A071E1407283441719C3FE1C10D43799F3BF87492ABDBF0F3B0662504AE552C6B670DB5F75553BAEE273BEFA160C918C0C1039AAB3BC058505CA05328B198C797296B70B2F5F73BAB292EDE06955F59541F73EF820DC7F4BFD4DE54C99F16A798266472540D8819F43ED29390271A2A57785AAD3B8BC142D7F3C5A179D6E4DE94C37DC0D278807119989836DA3A8DB918A2786D41753F774F5760095306B15AF307D86E6A9681950F2510C3FB3FC39820F216EA08689D085A89434CF3D98EB5ABFFCEDCBD0E6AAFE9C9BE072814730678B9082B5B62CA113D9243C83199C940D18D748D64B929A94F68268C8D5B976A32041580B2BFFD5D5FE21A338F65FB1FC494416BA804A920AEF90353F4924D30183908D2C56ECBDC381446CB0F8F4162B3F9C050FF4B226EBFC86D7DEFFB20445255A836762B18183E9F932B8775C21CBECB9C31B64A855FF4D1B5B77E6EDBC31776FD0AD5C23E53603074C118F6936C86E180E17
-20210510055701 2 6 100 3071 5 EAC054F0A6595901FCD8F7F8FCC4BA738ED1B3A5EBCBA6F7616CAF48A071E1407283441719C3FE1C10D43799F3BF87492ABDBF0F3B0662504AE552C6B670DB5F75553BAEE273BEFA160C918C0C1039AAB3BC058505CA05328B198C797296B70B2F5F73BAB292EDE06955F59541F73EF820DC7F4BFD4DE54C99F16A798266472540D8819F43ED29390271A2A57785AAD3B8BC142D7F3C5A179D6E4DE94C37DC0D278807119989836DA3A8DB918A2786D41753F774F5760095306B15AF307D86E6A9681950F2510C3FB3FC39820F216EA08689D085A89434CF3D98EB5ABFFCEDCBD0E6AAFE9C9BE072814730678B9082B5B62CA113D9243C83199C940D18D748D64B929A94F68268C8D5B976A32041580B2BFFD5D5FE21A338F65FB1FC494416BA804A920AEF90353F4924D30183908D2C56ECBDC381446CB0F8F4162B3F9C050FF4B226EBFC86D7DEFFB20445255A836762B18183E9F932B8775C21CBECB9C31B64A855FF4D1B5B77E6EDBC31776FD0AD5C23E53603074C118F6936C86EF8B7BF
-20210510055743 2 6 100 3071 5 EAC054F0A6595901FCD8F7F8FCC4BA738ED1B3A5EBCBA6F7616CAF48A071E1407283441719C3FE1C10D43799F3BF87492ABDBF0F3B0662504AE552C6B670DB5F75553BAEE273BEFA160C918C0C1039AAB3BC058505CA05328B198C797296B70B2F5F73BAB292EDE06955F59541F73EF820DC7F4BFD4DE54C99F16A798266472540D8819F43ED29390271A2A57785AAD3B8BC142D7F3C5A179D6E4DE94C37DC0D278807119989836DA3A8DB918A2786D41753F774F5760095306B15AF307D86E6A9681950F2510C3FB3FC39820F216EA08689D085A89434CF3D98EB5ABFFCEDCBD0E6AAFE9C9BE072814730678B9082B5B62CA113D9243C83199C940D18D748D64B929A94F68268C8D5B976A32041580B2BFFD5D5FE21A338F65FB1FC494416BA804A920AEF90353F4924D30183908D2C56ECBDC381446CB0F8F4162B3F9C050FF4B226EBFC86D7DEFFB20445255A836762B18183E9F932B8775C21CBECB9C31B64A855FF4D1B5B77E6EDBC31776FD0AD5C23E53603074C118F6936C86F0C6C87
-20210510055803 2 6 100 3071 5 EAC054F0A6595901FCD8F7F8FCC4BA738ED1B3A5EBCBA6F7616CAF48A071E1407283441719C3FE1C10D43799F3BF87492ABDBF0F3B0662504AE552C6B670DB5F75553BAEE273BEFA160C918C0C1039AAB3BC058505CA05328B198C797296B70B2F5F73BAB292EDE06955F59541F73EF820DC7F4BFD4DE54C99F16A798266472540D8819F43ED29390271A2A57785AAD3B8BC142D7F3C5A179D6E4DE94C37DC0D278807119989836DA3A8DB918A2786D41753F774F5760095306B15AF307D86E6A9681950F2510C3FB3FC39820F216EA08689D085A89434CF3D98EB5ABFFCEDCBD0E6AAFE9C9BE072814730678B9082B5B62CA113D9243C83199C940D18D748D64B929A94F68268C8D5B976A32041580B2BFFD5D5FE21A338F65FB1FC494416BA804A920AEF90353F4924D30183908D2C56ECBDC381446CB0F8F4162B3F9C050FF4B226EBFC86D7DEFFB20445255A836762B18183E9F932B8775C21CBECB9C31B64A855FF4D1B5B77E6EDBC31776FD0AD5C23E53603074C118F6936C86F1109C7
-20210510060103 2 6 100 3071 2 EAC054F0A6595901FCD8F7F8FCC4BA738ED1B3A5EBCBA6F7616CAF48A071E1407283441719C3FE1C10D43799F3BF87492ABDBF0F3B0662504AE552C6B670DB5F75553BAEE273BEFA160C918C0C1039AAB3BC058505CA05328B198C797296B70B2F5F73BAB292EDE06955F59541F73EF820DC7F4BFD4DE54C99F16A798266472540D8819F43ED29390271A2A57785AAD3B8BC142D7F3C5A179D6E4DE94C37DC0D278807119989836DA3A8DB918A2786D41753F774F5760095306B15AF307D86E6A9681950F2510C3FB3FC39820F216EA08689D085A89434CF3D98EB5ABFFCEDCBD0E6AAFE9C9BE072814730678B9082B5B62CA113D9243C83199C940D18D748D64B929A94F68268C8D5B976A32041580B2BFFD5D5FE21A338F65FB1FC494416BA804A920AEF90353F4924D30183908D2C56ECBDC381446CB0F8F4162B3F9C050FF4B226EBFC86D7DEFFB20445255A836762B18183E9F932B8775C21CBECB9C31B64A855FF4D1B5B77E6EDBC31776FD0AD5C23E53603074C118F6936C86F7F624B
-20210510060223 2 6 100 3071 2 EAC054F0A6595901FCD8F7F8FCC4BA738ED1B3A5EBCBA6F7616CAF48A071E1407283441719C3FE1C10D43799F3BF87492ABDBF0F3B0662504AE552C6B670DB5F75553BAEE273BEFA160C918C0C1039AAB3BC058505CA05328B198C797296B70B2F5F73BAB292EDE06955F59541F73EF820DC7F4BFD4DE54C99F16A798266472540D8819F43ED29390271A2A57785AAD3B8BC142D7F3C5A179D6E4DE94C37DC0D278807119989836DA3A8DB918A2786D41753F774F5760095306B15AF307D86E6A9681950F2510C3FB3FC39820F216EA08689D085A89434CF3D98EB5ABFFCEDCBD0E6AAFE9C9BE072814730678B9082B5B62CA113D9243C83199C940D18D748D64B929A94F68268C8D5B976A32041580B2BFFD5D5FE21A338F65FB1FC494416BA804A920AEF90353F4924D30183908D2C56ECBDC381446CB0F8F4162B3F9C050FF4B226EBFC86D7DEFFB20445255A836762B18183E9F932B8775C21CBECB9C31B64A855FF4D1B5B77E6EDBC31776FD0AD5C23E53603074C118F6936C86FAC18FB
-20210510060508 2 6 100 3071 5 EAC054F0A6595901FCD8F7F8FCC4BA738ED1B3A5EBCBA6F7616CAF48A071E1407283441719C3FE1C10D43799F3BF87492ABDBF0F3B0662504AE552C6B670DB5F75553BAEE273BEFA160C918C0C1039AAB3BC058505CA05328B198C797296B70B2F5F73BAB292EDE06955F59541F73EF820DC7F4BFD4DE54C99F16A798266472540D8819F43ED29390271A2A57785AAD3B8BC142D7F3C5A179D6E4DE94C37DC0D278807119989836DA3A8DB918A2786D41753F774F5760095306B15AF307D86E6A9681950F2510C3FB3FC39820F216EA08689D085A89434CF3D98EB5ABFFCEDCBD0E6AAFE9C9BE072814730678B9082B5B62CA113D9243C83199C940D18D748D64B929A94F68268C8D5B976A32041580B2BFFD5D5FE21A338F65FB1FC494416BA804A920AEF90353F4924D30183908D2C56ECBDC381446CB0F8F4162B3F9C050FF4B226EBFC86D7DEFFB20445255A836762B18183E9F932B8775C21CBECB9C31B64A855FF4D1B5B77E6EDBC31776FD0AD5C23E53603074C118F6936C870107F57
-20210510060612 2 6 100 3071 2 EAC054F0A6595901FCD8F7F8FCC4BA738ED1B3A5EBCBA6F7616CAF48A071E1407283441719C3FE1C10D43799F3BF87492ABDBF0F3B0662504AE552C6B670DB5F75553BAEE273BEFA160C918C0C1039AAB3BC058505CA05328B198C797296B70B2F5F73BAB292EDE06955F59541F73EF820DC7F4BFD4DE54C99F16A798266472540D8819F43ED29390271A2A57785AAD3B8BC142D7F3C5A179D6E4DE94C37DC0D278807119989836DA3A8DB918A2786D41753F774F5760095306B15AF307D86E6A9681950F2510C3FB3FC39820F216EA08689D085A89434CF3D98EB5ABFFCEDCBD0E6AAFE9C9BE072814730678B9082B5B62CA113D9243C83199C940D18D748D64B929A94F68268C8D5B976A32041580B2BFFD5D5FE21A338F65FB1FC494416BA804A920AEF90353F4924D30183908D2C56ECBDC381446CB0F8F4162B3F9C050FF4B226EBFC86D7DEFFB20445255A836762B18183E9F932B8775C21CBECB9C31B64A855FF4D1B5B77E6EDBC31776FD0AD5C23E53603074C118F6936C8703506C3
-20210510060937 2 6 100 3071 2 EAC054F0A6595901FCD8F7F8FCC4BA738ED1B3A5EBCBA6F7616CAF48A071E1407283441719C3FE1C10D43799F3BF87492ABDBF0F3B0662504AE552C6B670DB5F75553BAEE273BEFA160C918C0C1039AAB3BC058505CA05328B198C797296B70B2F5F73BAB292EDE06955F59541F73EF820DC7F4BFD4DE54C99F16A798266472540D8819F43ED29390271A2A57785AAD3B8BC142D7F3C5A179D6E4DE94C37DC0D278807119989836DA3A8DB918A2786D41753F774F5760095306B15AF307D86E6A9681950F2510C3FB3FC39820F216EA08689D085A89434CF3D98EB5ABFFCEDCBD0E6AAFE9C9BE072814730678B9082B5B62CA113D9243C83199C940D18D748D64B929A94F68268C8D5B976A32041580B2BFFD5D5FE21A338F65FB1FC494416BA804A920AEF90353F4924D30183908D2C56ECBDC381446CB0F8F4162B3F9C050FF4B226EBFC86D7DEFFB20445255A836762B18183E9F932B8775C21CBECB9C31B64A855FF4D1B5B77E6EDBC31776FD0AD5C23E53603074C118F6936C870B83A93
-20210510061232 2 6 100 3071 2 EAC054F0A6595901FCD8F7F8FCC4BA738ED1B3A5EBCBA6F7616CAF48A071E1407283441719C3FE1C10D43799F3BF87492ABDBF0F3B0662504AE552C6B670DB5F75553BAEE273BEFA160C918C0C1039AAB3BC058505CA05328B198C797296B70B2F5F73BAB292EDE06955F59541F73EF820DC7F4BFD4DE54C99F16A798266472540D8819F43ED29390271A2A57785AAD3B8BC142D7F3C5A179D6E4DE94C37DC0D278807119989836DA3A8DB918A2786D41753F774F5760095306B15AF307D86E6A9681950F2510C3FB3FC39820F216EA08689D085A89434CF3D98EB5ABFFCEDCBD0E6AAFE9C9BE072814730678B9082B5B62CA113D9243C83199C940D18D748D64B929A94F68268C8D5B976A32041580B2BFFD5D5FE21A338F65FB1FC494416BA804A920AEF90353F4924D30183908D2C56ECBDC381446CB0F8F4162B3F9C050FF4B226EBFC86D7DEFFB20445255A836762B18183E9F932B8775C21CBECB9C31B64A855FF4D1B5B77E6EDBC31776FD0AD5C23E53603074C118F6936C87126000B
-20210510061957 2 6 100 3071 5 EAC054F0A6595901FCD8F7F8FCC4BA738ED1B3A5EBCBA6F7616CAF48A071E1407283441719C3FE1C10D43799F3BF87492ABDBF0F3B0662504AE552C6B670DB5F75553BAEE273BEFA160C918C0C1039AAB3BC058505CA05328B198C797296B70B2F5F73BAB292EDE06955F59541F73EF820DC7F4BFD4DE54C99F16A798266472540D8819F43ED29390271A2A57785AAD3B8BC142D7F3C5A179D6E4DE94C37DC0D278807119989836DA3A8DB918A2786D41753F774F5760095306B15AF307D86E6A9681950F2510C3FB3FC39820F216EA08689D085A89434CF3D98EB5ABFFCEDCBD0E6AAFE9C9BE072814730678B9082B5B62CA113D9243C83199C940D18D748D64B929A94F68268C8D5B976A32041580B2BFFD5D5FE21A338F65FB1FC494416BA804A920AEF90353F4924D30183908D2C56ECBDC381446CB0F8F4162B3F9C050FF4B226EBFC86D7DEFFB20445255A836762B18183E9F932B8775C21CBECB9C31B64A855FF4D1B5B77E6EDBC31776FD0AD5C23E53603074C118F6936C872490677
-20210510062551 2 6 100 3071 2 EAC054F0A6595901FCD8F7F8FCC4BA738ED1B3A5EBCBA6F7616CAF48A071E1407283441719C3FE1C10D43799F3BF87492ABDBF0F3B0662504AE552C6B670DB5F75553BAEE273BEFA160C918C0C1039AAB3BC058505CA05328B198C797296B70B2F5F73BAB292EDE06955F59541F73EF820DC7F4BFD4DE54C99F16A798266472540D8819F43ED29390271A2A57785AAD3B8BC142D7F3C5A179D6E4DE94C37DC0D278807119989836DA3A8DB918A2786D41753F774F5760095306B15AF307D86E6A9681950F2510C3FB3FC39820F216EA08689D085A89434CF3D98EB5ABFFCEDCBD0E6AAFE9C9BE072814730678B9082B5B62CA113D9243C83199C940D18D748D64B929A94F68268C8D5B976A32041580B2BFFD5D5FE21A338F65FB1FC494416BA804A920AEF90353F4924D30183908D2C56ECBDC381446CB0F8F4162B3F9C050FF4B226EBFC86D7DEFFB20445255A836762B18183E9F932B8775C21CBECB9C31B64A855FF4D1B5B77E6EDBC31776FD0AD5C23E53603074C118F6936C8732DEDB3
-20210510062658 2 6 100 3071 5 EAC054F0A6595901FCD8F7F8FCC4BA738ED1B3A5EBCBA6F7616CAF48A071E1407283441719C3FE1C10D43799F3BF87492ABDBF0F3B0662504AE552C6B670DB5F75553BAEE273BEFA160C918C0C1039AAB3BC058505CA05328B198C797296B70B2F5F73BAB292EDE06955F59541F73EF820DC7F4BFD4DE54C99F16A798266472540D8819F43ED29390271A2A57785AAD3B8BC142D7F3C5A179D6E4DE94C37DC0D278807119989836DA3A8DB918A2786D41753F774F5760095306B15AF307D86E6A9681950F2510C3FB3FC39820F216EA08689D085A89434CF3D98EB5ABFFCEDCBD0E6AAFE9C9BE072814730678B9082B5B62CA113D9243C83199C940D18D748D64B929A94F68268C8D5B976A32041580B2BFFD5D5FE21A338F65FB1FC494416BA804A920AEF90353F4924D30183908D2C56ECBDC381446CB0F8F4162B3F9C050FF4B226EBFC86D7DEFFB20445255A836762B18183E9F932B8775C21CBECB9C31B64A855FF4D1B5B77E6EDBC31776FD0AD5C23E53603074C118F6936C873531EB7
-20210510062742 2 6 100 3071 5 EAC054F0A6595901FCD8F7F8FCC4BA738ED1B3A5EBCBA6F7616CAF48A071E1407283441719C3FE1C10D43799F3BF87492ABDBF0F3B0662504AE552C6B670DB5F75553BAEE273BEFA160C918C0C1039AAB3BC058505CA05328B198C797296B70B2F5F73BAB292EDE06955F59541F73EF820DC7F4BFD4DE54C99F16A798266472540D8819F43ED29390271A2A57785AAD3B8BC142D7F3C5A179D6E4DE94C37DC0D278807119989836DA3A8DB918A2786D41753F774F5760095306B15AF307D86E6A9681950F2510C3FB3FC39820F216EA08689D085A89434CF3D98EB5ABFFCEDCBD0E6AAFE9C9BE072814730678B9082B5B62CA113D9243C83199C940D18D748D64B929A94F68268C8D5B976A32041580B2BFFD5D5FE21A338F65FB1FC494416BA804A920AEF90353F4924D30183908D2C56ECBDC381446CB0F8F4162B3F9C050FF4B226EBFC86D7DEFFB20445255A836762B18183E9F932B8775C21CBECB9C31B64A855FF4D1B5B77E6EDBC31776FD0AD5C23E53603074C118F6936C87366FEE7
-20210510063155 2 6 100 3071 2 EAC054F0A6595901FCD8F7F8FCC4BA738ED1B3A5EBCBA6F7616CAF48A071E1407283441719C3FE1C10D43799F3BF87492ABDBF0F3B0662504AE552C6B670DB5F75553BAEE273BEFA160C918C0C1039AAB3BC058505CA05328B198C797296B70B2F5F73BAB292EDE06955F59541F73EF820DC7F4BFD4DE54C99F16A798266472540D8819F43ED29390271A2A57785AAD3B8BC142D7F3C5A179D6E4DE94C37DC0D278807119989836DA3A8DB918A2786D41753F774F5760095306B15AF307D86E6A9681950F2510C3FB3FC39820F216EA08689D085A89434CF3D98EB5ABFFCEDCBD0E6AAFE9C9BE072814730678B9082B5B62CA113D9243C83199C940D18D748D64B929A94F68268C8D5B976A32041580B2BFFD5D5FE21A338F65FB1FC494416BA804A920AEF90353F4924D30183908D2C56ECBDC381446CB0F8F4162B3F9C050FF4B226EBFC86D7DEFFB20445255A836762B18183E9F932B8775C21CBECB9C31B64A855FF4D1B5B77E6EDBC31776FD0AD5C23E53603074C118F6936C874081463
-20210510063849 2 6 100 3071 2 EAC054F0A6595901FCD8F7F8FCC4BA738ED1B3A5EBCBA6F7616CAF48A071E1407283441719C3FE1C10D43799F3BF87492ABDBF0F3B0662504AE552C6B670DB5F75553BAEE273BEFA160C918C0C1039AAB3BC058505CA05328B198C797296B70B2F5F73BAB292EDE06955F59541F73EF820DC7F4BFD4DE54C99F16A798266472540D8819F43ED29390271A2A57785AAD3B8BC142D7F3C5A179D6E4DE94C37DC0D278807119989836DA3A8DB918A2786D41753F774F5760095306B15AF307D86E6A9681950F2510C3FB3FC39820F216EA08689D085A89434CF3D98EB5ABFFCEDCBD0E6AAFE9C9BE072814730678B9082B5B62CA113D9243C83199C940D18D748D64B929A94F68268C8D5B976A32041580B2BFFD5D5FE21A338F65FB1FC494416BA804A920AEF90353F4924D30183908D2C56ECBDC381446CB0F8F4162B3F9C050FF4B226EBFC86D7DEFFB20445255A836762B18183E9F932B8775C21CBECB9C31B64A855FF4D1B5B77E6EDBC31776FD0AD5C23E53603074C118F6936C875123D83
-20210510064051 2 6 100 3071 5 EAC054F0A6595901FCD8F7F8FCC4BA738ED1B3A5EBCBA6F7616CAF48A071E1407283441719C3FE1C10D43799F3BF87492ABDBF0F3B0662504AE552C6B670DB5F75553BAEE273BEFA160C918C0C1039AAB3BC058505CA05328B198C797296B70B2F5F73BAB292EDE06955F59541F73EF820DC7F4BFD4DE54C99F16A798266472540D8819F43ED29390271A2A57785AAD3B8BC142D7F3C5A179D6E4DE94C37DC0D278807119989836DA3A8DB918A2786D41753F774F5760095306B15AF307D86E6A9681950F2510C3FB3FC39820F216EA08689D085A89434CF3D98EB5ABFFCEDCBD0E6AAFE9C9BE072814730678B9082B5B62CA113D9243C83199C940D18D748D64B929A94F68268C8D5B976A32041580B2BFFD5D5FE21A338F65FB1FC494416BA804A920AEF90353F4924D30183908D2C56ECBDC381446CB0F8F4162B3F9C050FF4B226EBFC86D7DEFFB20445255A836762B18183E9F932B8775C21CBECB9C31B64A855FF4D1B5B77E6EDBC31776FD0AD5C23E53603074C118F6936C8755C16E7
-20210510064226 2 6 100 3071 5 EAC054F0A6595901FCD8F7F8FCC4BA738ED1B3A5EBCBA6F7616CAF48A071E1407283441719C3FE1C10D43799F3BF87492ABDBF0F3B0662504AE552C6B670DB5F75553BAEE273BEFA160C918C0C1039AAB3BC058505CA05328B198C797296B70B2F5F73BAB292EDE06955F59541F73EF820DC7F4BFD4DE54C99F16A798266472540D8819F43ED29390271A2A57785AAD3B8BC142D7F3C5A179D6E4DE94C37DC0D278807119989836DA3A8DB918A2786D41753F774F5760095306B15AF307D86E6A9681950F2510C3FB3FC39820F216EA08689D085A89434CF3D98EB5ABFFCEDCBD0E6AAFE9C9BE072814730678B9082B5B62CA113D9243C83199C940D18D748D64B929A94F68268C8D5B976A32041580B2BFFD5D5FE21A338F65FB1FC494416BA804A920AEF90353F4924D30183908D2C56ECBDC381446CB0F8F4162B3F9C050FF4B226EBFC86D7DEFFB20445255A836762B18183E9F932B8775C21CBECB9C31B64A855FF4D1B5B77E6EDBC31776FD0AD5C23E53603074C118F6936C87592B08F
-20210510064313 2 6 100 3071 2 EAC054F0A6595901FCD8F7F8FCC4BA738ED1B3A5EBCBA6F7616CAF48A071E1407283441719C3FE1C10D43799F3BF87492ABDBF0F3B0662504AE552C6B670DB5F75553BAEE273BEFA160C918C0C1039AAB3BC058505CA05328B198C797296B70B2F5F73BAB292EDE06955F59541F73EF820DC7F4BFD4DE54C99F16A798266472540D8819F43ED29390271A2A57785AAD3B8BC142D7F3C5A179D6E4DE94C37DC0D278807119989836DA3A8DB918A2786D41753F774F5760095306B15AF307D86E6A9681950F2510C3FB3FC39820F216EA08689D085A89434CF3D98EB5ABFFCEDCBD0E6AAFE9C9BE072814730678B9082B5B62CA113D9243C83199C940D18D748D64B929A94F68268C8D5B976A32041580B2BFFD5D5FE21A338F65FB1FC494416BA804A920AEF90353F4924D30183908D2C56ECBDC381446CB0F8F4162B3F9C050FF4B226EBFC86D7DEFFB20445255A836762B18183E9F932B8775C21CBECB9C31B64A855FF4D1B5B77E6EDBC31776FD0AD5C23E53603074C118F6936C875AB115B
-20210510064513 2 6 100 3071 2 EAC054F0A6595901FCD8F7F8FCC4BA738ED1B3A5EBCBA6F7616CAF48A071E1407283441719C3FE1C10D43799F3BF87492ABDBF0F3B0662504AE552C6B670DB5F75553BAEE273BEFA160C918C0C1039AAB3BC058505CA05328B198C797296B70B2F5F73BAB292EDE06955F59541F73EF820DC7F4BFD4DE54C99F16A798266472540D8819F43ED29390271A2A57785AAD3B8BC142D7F3C5A179D6E4DE94C37DC0D278807119989836DA3A8DB918A2786D41753F774F5760095306B15AF307D86E6A9681950F2510C3FB3FC39820F216EA08689D085A89434CF3D98EB5ABFFCEDCBD0E6AAFE9C9BE072814730678B9082B5B62CA113D9243C83199C940D18D748D64B929A94F68268C8D5B976A32041580B2BFFD5D5FE21A338F65FB1FC494416BA804A920AEF90353F4924D30183908D2C56ECBDC381446CB0F8F4162B3F9C050FF4B226EBFC86D7DEFFB20445255A836762B18183E9F932B8775C21CBECB9C31B64A855FF4D1B5B77E6EDBC31776FD0AD5C23E53603074C118F6936C875F0FD83
-20210510064532 2 6 100 3071 2 EAC054F0A6595901FCD8F7F8FCC4BA738ED1B3A5EBCBA6F7616CAF48A071E1407283441719C3FE1C10D43799F3BF87492ABDBF0F3B0662504AE552C6B670DB5F75553BAEE273BEFA160C918C0C1039AAB3BC058505CA05328B198C797296B70B2F5F73BAB292EDE06955F59541F73EF820DC7F4BFD4DE54C99F16A798266472540D8819F43ED29390271A2A57785AAD3B8BC142D7F3C5A179D6E4DE94C37DC0D278807119989836DA3A8DB918A2786D41753F774F5760095306B15AF307D86E6A9681950F2510C3FB3FC39820F216EA08689D085A89434CF3D98EB5ABFFCEDCBD0E6AAFE9C9BE072814730678B9082B5B62CA113D9243C83199C940D18D748D64B929A94F68268C8D5B976A32041580B2BFFD5D5FE21A338F65FB1FC494416BA804A920AEF90353F4924D30183908D2C56ECBDC381446CB0F8F4162B3F9C050FF4B226EBFC86D7DEFFB20445255A836762B18183E9F932B8775C21CBECB9C31B64A855FF4D1B5B77E6EDBC31776FD0AD5C23E53603074C118F6936C875F527EB
-20210510065000 2 6 100 3071 2 EAC054F0A6595901FCD8F7F8FCC4BA738ED1B3A5EBCBA6F7616CAF48A071E1407283441719C3FE1C10D43799F3BF87492ABDBF0F3B0662504AE552C6B670DB5F75553BAEE273BEFA160C918C0C1039AAB3BC058505CA05328B198C797296B70B2F5F73BAB292EDE06955F59541F73EF820DC7F4BFD4DE54C99F16A798266472540D8819F43ED29390271A2A57785AAD3B8BC142D7F3C5A179D6E4DE94C37DC0D278807119989836DA3A8DB918A2786D41753F774F5760095306B15AF307D86E6A9681950F2510C3FB3FC39820F216EA08689D085A89434CF3D98EB5ABFFCEDCBD0E6AAFE9C9BE072814730678B9082B5B62CA113D9243C83199C940D18D748D64B929A94F68268C8D5B976A32041580B2BFFD5D5FE21A338F65FB1FC494416BA804A920AEF90353F4924D30183908D2C56ECBDC381446CB0F8F4162B3F9C050FF4B226EBFC86D7DEFFB20445255A836762B18183E9F932B8775C21CBECB9C31B64A855FF4D1B5B77E6EDBC31776FD0AD5C23E53603074C118F6936C876A1697B
-20210510065226 2 6 100 3071 2 EAC054F0A6595901FCD8F7F8FCC4BA738ED1B3A5EBCBA6F7616CAF48A071E1407283441719C3FE1C10D43799F3BF87492ABDBF0F3B0662504AE552C6B670DB5F75553BAEE273BEFA160C918C0C1039AAB3BC058505CA05328B198C797296B70B2F5F73BAB292EDE06955F59541F73EF820DC7F4BFD4DE54C99F16A798266472540D8819F43ED29390271A2A57785AAD3B8BC142D7F3C5A179D6E4DE94C37DC0D278807119989836DA3A8DB918A2786D41753F774F5760095306B15AF307D86E6A9681950F2510C3FB3FC39820F216EA08689D085A89434CF3D98EB5ABFFCEDCBD0E6AAFE9C9BE072814730678B9082B5B62CA113D9243C83199C940D18D748D64B929A94F68268C8D5B976A32041580B2BFFD5D5FE21A338F65FB1FC494416BA804A920AEF90353F4924D30183908D2C56ECBDC381446CB0F8F4162B3F9C050FF4B226EBFC86D7DEFFB20445255A836762B18183E9F932B8775C21CBECB9C31B64A855FF4D1B5B77E6EDBC31776FD0AD5C23E53603074C118F6936C876F8D863
-20210510065300 2 6 100 3071 2 EAC054F0A6595901FCD8F7F8FCC4BA738ED1B3A5EBCBA6F7616CAF48A071E1407283441719C3FE1C10D43799F3BF87492ABDBF0F3B0662504AE552C6B670DB5F75553BAEE273BEFA160C918C0C1039AAB3BC058505CA05328B198C797296B70B2F5F73BAB292EDE06955F59541F73EF820DC7F4BFD4DE54C99F16A798266472540D8819F43ED29390271A2A57785AAD3B8BC142D7F3C5A179D6E4DE94C37DC0D278807119989836DA3A8DB918A2786D41753F774F5760095306B15AF307D86E6A9681950F2510C3FB3FC39820F216EA08689D085A89434CF3D98EB5ABFFCEDCBD0E6AAFE9C9BE072814730678B9082B5B62CA113D9243C83199C940D18D748D64B929A94F68268C8D5B976A32041580B2BFFD5D5FE21A338F65FB1FC494416BA804A920AEF90353F4924D30183908D2C56ECBDC381446CB0F8F4162B3F9C050FF4B226EBFC86D7DEFFB20445255A836762B18183E9F932B8775C21CBECB9C31B64A855FF4D1B5B77E6EDBC31776FD0AD5C23E53603074C118F6936C87707C4B3
-20210510065704 2 6 100 3071 5 EAC054F0A6595901FCD8F7F8FCC4BA738ED1B3A5EBCBA6F7616CAF48A071E1407283441719C3FE1C10D43799F3BF87492ABDBF0F3B0662504AE552C6B670DB5F75553BAEE273BEFA160C918C0C1039AAB3BC058505CA05328B198C797296B70B2F5F73BAB292EDE06955F59541F73EF820DC7F4BFD4DE54C99F16A798266472540D8819F43ED29390271A2A57785AAD3B8BC142D7F3C5A179D6E4DE94C37DC0D278807119989836DA3A8DB918A2786D41753F774F5760095306B15AF307D86E6A9681950F2510C3FB3FC39820F216EA08689D085A89434CF3D98EB5ABFFCEDCBD0E6AAFE9C9BE072814730678B9082B5B62CA113D9243C83199C940D18D748D64B929A94F68268C8D5B976A32041580B2BFFD5D5FE21A338F65FB1FC494416BA804A920AEF90353F4924D30183908D2C56ECBDC381446CB0F8F4162B3F9C050FF4B226EBFC86D7DEFFB20445255A836762B18183E9F932B8775C21CBECB9C31B64A855FF4D1B5B77E6EDBC31776FD0AD5C23E53603074C118F6936C877A257DF
-20210510070047 2 6 100 3071 2 EAC054F0A6595901FCD8F7F8FCC4BA738ED1B3A5EBCBA6F7616CAF48A071E1407283441719C3FE1C10D43799F3BF87492ABDBF0F3B0662504AE552C6B670DB5F75553BAEE273BEFA160C918C0C1039AAB3BC058505CA05328B198C797296B70B2F5F73BAB292EDE06955F59541F73EF820DC7F4BFD4DE54C99F16A798266472540D8819F43ED29390271A2A57785AAD3B8BC142D7F3C5A179D6E4DE94C37DC0D278807119989836DA3A8DB918A2786D41753F774F5760095306B15AF307D86E6A9681950F2510C3FB3FC39820F216EA08689D085A89434CF3D98EB5ABFFCEDCBD0E6AAFE9C9BE072814730678B9082B5B62CA113D9243C83199C940D18D748D64B929A94F68268C8D5B976A32041580B2BFFD5D5FE21A338F65FB1FC494416BA804A920AEF90353F4924D30183908D2C56ECBDC381446CB0F8F4162B3F9C050FF4B226EBFC86D7DEFFB20445255A836762B18183E9F932B8775C21CBECB9C31B64A855FF4D1B5B77E6EDBC31776FD0AD5C23E53603074C118F6936C87830DAD3
-20210510070120 2 6 100 3071 5 EAC054F0A6595901FCD8F7F8FCC4BA738ED1B3A5EBCBA6F7616CAF48A071E1407283441719C3FE1C10D43799F3BF87492ABDBF0F3B0662504AE552C6B670DB5F75553BAEE273BEFA160C918C0C1039AAB3BC058505CA05328B198C797296B70B2F5F73BAB292EDE06955F59541F73EF820DC7F4BFD4DE54C99F16A798266472540D8819F43ED29390271A2A57785AAD3B8BC142D7F3C5A179D6E4DE94C37DC0D278807119989836DA3A8DB918A2786D41753F774F5760095306B15AF307D86E6A9681950F2510C3FB3FC39820F216EA08689D085A89434CF3D98EB5ABFFCEDCBD0E6AAFE9C9BE072814730678B9082B5B62CA113D9243C83199C940D18D748D64B929A94F68268C8D5B976A32041580B2BFFD5D5FE21A338F65FB1FC494416BA804A920AEF90353F4924D30183908D2C56ECBDC381446CB0F8F4162B3F9C050FF4B226EBFC86D7DEFFB20445255A836762B18183E9F932B8775C21CBECB9C31B64A855FF4D1B5B77E6EDBC31776FD0AD5C23E53603074C118F6936C8783E739F
-20210510070516 2 6 100 3071 2 EAC054F0A6595901FCD8F7F8FCC4BA738ED1B3A5EBCBA6F7616CAF48A071E1407283441719C3FE1C10D43799F3BF87492ABDBF0F3B0662504AE552C6B670DB5F75553BAEE273BEFA160C918C0C1039AAB3BC058505CA05328B198C797296B70B2F5F73BAB292EDE06955F59541F73EF820DC7F4BFD4DE54C99F16A798266472540D8819F43ED29390271A2A57785AAD3B8BC142D7F3C5A179D6E4DE94C37DC0D278807119989836DA3A8DB918A2786D41753F774F5760095306B15AF307D86E6A9681950F2510C3FB3FC39820F216EA08689D085A89434CF3D98EB5ABFFCEDCBD0E6AAFE9C9BE072814730678B9082B5B62CA113D9243C83199C940D18D748D64B929A94F68268C8D5B976A32041580B2BFFD5D5FE21A338F65FB1FC494416BA804A920AEF90353F4924D30183908D2C56ECBDC381446CB0F8F4162B3F9C050FF4B226EBFC86D7DEFFB20445255A836762B18183E9F932B8775C21CBECB9C31B64A855FF4D1B5B77E6EDBC31776FD0AD5C23E53603074C118F6936C878D7A903
-20210510070822 2 6 100 3071 5 EAC054F0A6595901FCD8F7F8FCC4BA738ED1B3A5EBCBA6F7616CAF48A071E1407283441719C3FE1C10D43799F3BF87492ABDBF0F3B0662504AE552C6B670DB5F75553BAEE273BEFA160C918C0C1039AAB3BC058505CA05328B198C797296B70B2F5F73BAB292EDE06955F59541F73EF820DC7F4BFD4DE54C99F16A798266472540D8819F43ED29390271A2A57785AAD3B8BC142D7F3C5A179D6E4DE94C37DC0D278807119989836DA3A8DB918A2786D41753F774F5760095306B15AF307D86E6A9681950F2510C3FB3FC39820F216EA08689D085A89434CF3D98EB5ABFFCEDCBD0E6AAFE9C9BE072814730678B9082B5B62CA113D9243C83199C940D18D748D64B929A94F68268C8D5B976A32041580B2BFFD5D5FE21A338F65FB1FC494416BA804A920AEF90353F4924D30183908D2C56ECBDC381446CB0F8F4162B3F9C050FF4B226EBFC86D7DEFFB20445255A836762B18183E9F932B8775C21CBECB9C31B64A855FF4D1B5B77E6EDBC31776FD0AD5C23E53603074C118F6936C8794BBDA7
-20210510070848 2 6 100 3071 2 EAC054F0A6595901FCD8F7F8FCC4BA738ED1B3A5EBCBA6F7616CAF48A071E1407283441719C3FE1C10D43799F3BF87492ABDBF0F3B0662504AE552C6B670DB5F75553BAEE273BEFA160C918C0C1039AAB3BC058505CA05328B198C797296B70B2F5F73BAB292EDE06955F59541F73EF820DC7F4BFD4DE54C99F16A798266472540D8819F43ED29390271A2A57785AAD3B8BC142D7F3C5A179D6E4DE94C37DC0D278807119989836DA3A8DB918A2786D41753F774F5760095306B15AF307D86E6A9681950F2510C3FB3FC39820F216EA08689D085A89434CF3D98EB5ABFFCEDCBD0E6AAFE9C9BE072814730678B9082B5B62CA113D9243C83199C940D18D748D64B929A94F68268C8D5B976A32041580B2BFFD5D5FE21A338F65FB1FC494416BA804A920AEF90353F4924D30183908D2C56ECBDC381446CB0F8F4162B3F9C050FF4B226EBFC86D7DEFFB20445255A836762B18183E9F932B8775C21CBECB9C31B64A855FF4D1B5B77E6EDBC31776FD0AD5C23E53603074C118F6936C8795478CB
-20210510071106 2 6 100 3071 5 EAC054F0A6595901FCD8F7F8FCC4BA738ED1B3A5EBCBA6F7616CAF48A071E1407283441719C3FE1C10D43799F3BF87492ABDBF0F3B0662504AE552C6B670DB5F75553BAEE273BEFA160C918C0C1039AAB3BC058505CA05328B198C797296B70B2F5F73BAB292EDE06955F59541F73EF820DC7F4BFD4DE54C99F16A798266472540D8819F43ED29390271A2A57785AAD3B8BC142D7F3C5A179D6E4DE94C37DC0D278807119989836DA3A8DB918A2786D41753F774F5760095306B15AF307D86E6A9681950F2510C3FB3FC39820F216EA08689D085A89434CF3D98EB5ABFFCEDCBD0E6AAFE9C9BE072814730678B9082B5B62CA113D9243C83199C940D18D748D64B929A94F68268C8D5B976A32041580B2BFFD5D5FE21A338F65FB1FC494416BA804A920AEF90353F4924D30183908D2C56ECBDC381446CB0F8F4162B3F9C050FF4B226EBFC86D7DEFFB20445255A836762B18183E9F932B8775C21CBECB9C31B64A855FF4D1B5B77E6EDBC31776FD0AD5C23E53603074C118F6936C879A76417
-20210510071125 2 6 100 3071 5 EAC054F0A6595901FCD8F7F8FCC4BA738ED1B3A5EBCBA6F7616CAF48A071E1407283441719C3FE1C10D43799F3BF87492ABDBF0F3B0662504AE552C6B670DB5F75553BAEE273BEFA160C918C0C1039AAB3BC058505CA05328B198C797296B70B2F5F73BAB292EDE06955F59541F73EF820DC7F4BFD4DE54C99F16A798266472540D8819F43ED29390271A2A57785AAD3B8BC142D7F3C5A179D6E4DE94C37DC0D278807119989836DA3A8DB918A2786D41753F774F5760095306B15AF307D86E6A9681950F2510C3FB3FC39820F216EA08689D085A89434CF3D98EB5ABFFCEDCBD0E6AAFE9C9BE072814730678B9082B5B62CA113D9243C83199C940D18D748D64B929A94F68268C8D5B976A32041580B2BFFD5D5FE21A338F65FB1FC494416BA804A920AEF90353F4924D30183908D2C56ECBDC381446CB0F8F4162B3F9C050FF4B226EBFC86D7DEFFB20445255A836762B18183E9F932B8775C21CBECB9C31B64A855FF4D1B5B77E6EDBC31776FD0AD5C23E53603074C118F6936C879ABD2EF
-20210510071236 2 6 100 3071 2 EAC054F0A6595901FCD8F7F8FCC4BA738ED1B3A5EBCBA6F7616CAF48A071E1407283441719C3FE1C10D43799F3BF87492ABDBF0F3B0662504AE552C6B670DB5F75553BAEE273BEFA160C918C0C1039AAB3BC058505CA05328B198C797296B70B2F5F73BAB292EDE06955F59541F73EF820DC7F4BFD4DE54C99F16A798266472540D8819F43ED29390271A2A57785AAD3B8BC142D7F3C5A179D6E4DE94C37DC0D278807119989836DA3A8DB918A2786D41753F774F5760095306B15AF307D86E6A9681950F2510C3FB3FC39820F216EA08689D085A89434CF3D98EB5ABFFCEDCBD0E6AAFE9C9BE072814730678B9082B5B62CA113D9243C83199C940D18D748D64B929A94F68268C8D5B976A32041580B2BFFD5D5FE21A338F65FB1FC494416BA804A920AEF90353F4924D30183908D2C56ECBDC381446CB0F8F4162B3F9C050FF4B226EBFC86D7DEFFB20445255A836762B18183E9F932B8775C21CBECB9C31B64A855FF4D1B5B77E6EDBC31776FD0AD5C23E53603074C118F6936C879D1F7B3
-20210510071324 2 6 100 3071 2 EAC054F0A6595901FCD8F7F8FCC4BA738ED1B3A5EBCBA6F7616CAF48A071E1407283441719C3FE1C10D43799F3BF87492ABDBF0F3B0662504AE552C6B670DB5F75553BAEE273BEFA160C918C0C1039AAB3BC058505CA05328B198C797296B70B2F5F73BAB292EDE06955F59541F73EF820DC7F4BFD4DE54C99F16A798266472540D8819F43ED29390271A2A57785AAD3B8BC142D7F3C5A179D6E4DE94C37DC0D278807119989836DA3A8DB918A2786D41753F774F5760095306B15AF307D86E6A9681950F2510C3FB3FC39820F216EA08689D085A89434CF3D98EB5ABFFCEDCBD0E6AAFE9C9BE072814730678B9082B5B62CA113D9243C83199C940D18D748D64B929A94F68268C8D5B976A32041580B2BFFD5D5FE21A338F65FB1FC494416BA804A920AEF90353F4924D30183908D2C56ECBDC381446CB0F8F4162B3F9C050FF4B226EBFC86D7DEFFB20445255A836762B18183E9F932B8775C21CBECB9C31B64A855FF4D1B5B77E6EDBC31776FD0AD5C23E53603074C118F6936C879EA4373
-20210510071838 2 6 100 3071 2 EAC054F0A6595901FCD8F7F8FCC4BA738ED1B3A5EBCBA6F7616CAF48A071E1407283441719C3FE1C10D43799F3BF87492ABDBF0F3B0662504AE552C6B670DB5F75553BAEE273BEFA160C918C0C1039AAB3BC058505CA05328B198C797296B70B2F5F73BAB292EDE06955F59541F73EF820DC7F4BFD4DE54C99F16A798266472540D8819F43ED29390271A2A57785AAD3B8BC142D7F3C5A179D6E4DE94C37DC0D278807119989836DA3A8DB918A2786D41753F774F5760095306B15AF307D86E6A9681950F2510C3FB3FC39820F216EA08689D085A89434CF3D98EB5ABFFCEDCBD0E6AAFE9C9BE072814730678B9082B5B62CA113D9243C83199C940D18D748D64B929A94F68268C8D5B976A32041580B2BFFD5D5FE21A338F65FB1FC494416BA804A920AEF90353F4924D30183908D2C56ECBDC381446CB0F8F4162B3F9C050FF4B226EBFC86D7DEFFB20445255A836762B18183E9F932B8775C21CBECB9C31B64A855FF4D1B5B77E6EDBC31776FD0AD5C23E53603074C118F6936C87AB188F3
-20210510072228 2 6 100 3071 5 EAC054F0A6595901FCD8F7F8FCC4BA738ED1B3A5EBCBA6F7616CAF48A071E1407283441719C3FE1C10D43799F3BF87492ABDBF0F3B0662504AE552C6B670DB5F75553BAEE273BEFA160C918C0C1039AAB3BC058505CA05328B198C797296B70B2F5F73BAB292EDE06955F59541F73EF820DC7F4BFD4DE54C99F16A798266472540D8819F43ED29390271A2A57785AAD3B8BC142D7F3C5A179D6E4DE94C37DC0D278807119989836DA3A8DB918A2786D41753F774F5760095306B15AF307D86E6A9681950F2510C3FB3FC39820F216EA08689D085A89434CF3D98EB5ABFFCEDCBD0E6AAFE9C9BE072814730678B9082B5B62CA113D9243C83199C940D18D748D64B929A94F68268C8D5B976A32041580B2BFFD5D5FE21A338F65FB1FC494416BA804A920AEF90353F4924D30183908D2C56ECBDC381446CB0F8F4162B3F9C050FF4B226EBFC86D7DEFFB20445255A836762B18183E9F932B8775C21CBECB9C31B64A855FF4D1B5B77E6EDBC31776FD0AD5C23E53603074C118F6936C87B417867
-20210510072939 2 6 100 3071 5 EAC054F0A6595901FCD8F7F8FCC4BA738ED1B3A5EBCBA6F7616CAF48A071E1407283441719C3FE1C10D43799F3BF87492ABDBF0F3B0662504AE552C6B670DB5F75553BAEE273BEFA160C918C0C1039AAB3BC058505CA05328B198C797296B70B2F5F73BAB292EDE06955F59541F73EF820DC7F4BFD4DE54C99F16A798266472540D8819F43ED29390271A2A57785AAD3B8BC142D7F3C5A179D6E4DE94C37DC0D278807119989836DA3A8DB918A2786D41753F774F5760095306B15AF307D86E6A9681950F2510C3FB3FC39820F216EA08689D085A89434CF3D98EB5ABFFCEDCBD0E6AAFE9C9BE072814730678B9082B5B62CA113D9243C83199C940D18D748D64B929A94F68268C8D5B976A32041580B2BFFD5D5FE21A338F65FB1FC494416BA804A920AEF90353F4924D30183908D2C56ECBDC381446CB0F8F4162B3F9C050FF4B226EBFC86D7DEFFB20445255A836762B18183E9F932B8775C21CBECB9C31B64A855FF4D1B5B77E6EDBC31776FD0AD5C23E53603074C118F6936C87C51C617
-20210510073226 2 6 100 3071 2 EAC054F0A6595901FCD8F7F8FCC4BA738ED1B3A5EBCBA6F7616CAF48A071E1407283441719C3FE1C10D43799F3BF87492ABDBF0F3B0662504AE552C6B670DB5F75553BAEE273BEFA160C918C0C1039AAB3BC058505CA05328B198C797296B70B2F5F73BAB292EDE06955F59541F73EF820DC7F4BFD4DE54C99F16A798266472540D8819F43ED29390271A2A57785AAD3B8BC142D7F3C5A179D6E4DE94C37DC0D278807119989836DA3A8DB918A2786D41753F774F5760095306B15AF307D86E6A9681950F2510C3FB3FC39820F216EA08689D085A89434CF3D98EB5ABFFCEDCBD0E6AAFE9C9BE072814730678B9082B5B62CA113D9243C83199C940D18D748D64B929A94F68268C8D5B976A32041580B2BFFD5D5FE21A338F65FB1FC494416BA804A920AEF90353F4924D30183908D2C56ECBDC381446CB0F8F4162B3F9C050FF4B226EBFC86D7DEFFB20445255A836762B18183E9F932B8775C21CBECB9C31B64A855FF4D1B5B77E6EDBC31776FD0AD5C23E53603074C118F6936C87CB8ECB3
-20210510073413 2 6 100 3071 5 E2F748529B9B801FBAF3AE42C75013A5C4C959A756D496B01A6E1145DB55AA31F408A8DEA8B8573506C76D8AF81C9A3F4D5D4B838D34C30C54D3886448581ABD74D6D95F8B0D4DA21A8E3C6D127657A93354E028D65AC9CFFBCFBD0DEC0EA4F7CBB1018C9618612FB2A5837631AFC614AD2D5FC45EC872EC8816CCB96841A4DC14307159F83F694C90472DA3BB20E9EAC91D1F21770CDC6A037855520D80102005651A54BF12D9BAB8ADB4149ED37B5BD851825B596887DC4E47E55FC0D7B3AE7FFA43F95CCE340942FBEC7E593A16AEAC11CA1136902A2917BC096E8B16CA28D0AC2A58B46DA69B9908CFDB5DC16B391B4DD5C1A8346DB2CDB22447E44FF1567D85B90CD8016029C33D9DE2C992AC73A8155693DDE84FCBB760D88FEA847AEB13EF8058E11E81A7ED0666794272E362F60EF252BD5E3890D85EB6297F99BFA82A7FA94F33EC9804D02E50C56C7856C7B923987825C79A22BF9188AC61E936AC48A40B73EBE61C1C8724315AEA4D1E5AB2889C2251F9A771493955AC5861ADE7
-20210510074044 2 6 100 3071 2 E2F748529B9B801FBAF3AE42C75013A5C4C959A756D496B01A6E1145DB55AA31F408A8DEA8B8573506C76D8AF81C9A3F4D5D4B838D34C30C54D3886448581ABD74D6D95F8B0D4DA21A8E3C6D127657A93354E028D65AC9CFFBCFBD0DEC0EA4F7CBB1018C9618612FB2A5837631AFC614AD2D5FC45EC872EC8816CCB96841A4DC14307159F83F694C90472DA3BB20E9EAC91D1F21770CDC6A037855520D80102005651A54BF12D9BAB8ADB4149ED37B5BD851825B596887DC4E47E55FC0D7B3AE7FFA43F95CCE340942FBEC7E593A16AEAC11CA1136902A2917BC096E8B16CA28D0AC2A58B46DA69B9908CFDB5DC16B391B4DD5C1A8346DB2CDB22447E44FF1567D85B90CD8016029C33D9DE2C992AC73A8155693DDE84FCBB760D88FEA847AEB13EF8058E11E81A7ED0666794272E362F60EF252BD5E3890D85EB6297F99BFA82A7FA94F33EC9804D02E50C56C7856C7B923987825C79A22BF9188AC61E936AC48A40B73EBE61C1C8724315AEA4D1E5AB2889C2251F9A771493955AC5964B90B
-20210510074255 2 6 100 3071 2 E2F748529B9B801FBAF3AE42C75013A5C4C959A756D496B01A6E1145DB55AA31F408A8DEA8B8573506C76D8AF81C9A3F4D5D4B838D34C30C54D3886448581ABD74D6D95F8B0D4DA21A8E3C6D127657A93354E028D65AC9CFFBCFBD0DEC0EA4F7CBB1018C9618612FB2A5837631AFC614AD2D5FC45EC872EC8816CCB96841A4DC14307159F83F694C90472DA3BB20E9EAC91D1F21770CDC6A037855520D80102005651A54BF12D9BAB8ADB4149ED37B5BD851825B596887DC4E47E55FC0D7B3AE7FFA43F95CCE340942FBEC7E593A16AEAC11CA1136902A2917BC096E8B16CA28D0AC2A58B46DA69B9908CFDB5DC16B391B4DD5C1A8346DB2CDB22447E44FF1567D85B90CD8016029C33D9DE2C992AC73A8155693DDE84FCBB760D88FEA847AEB13EF8058E11E81A7ED0666794272E362F60EF252BD5E3890D85EB6297F99BFA82A7FA94F33EC9804D02E50C56C7856C7B923987825C79A22BF9188AC61E936AC48A40B73EBE61C1C8724315AEA4D1E5AB2889C2251F9A771493955AC59B421B3
-20210510074440 2 6 100 3071 5 E2F748529B9B801FBAF3AE42C75013A5C4C959A756D496B01A6E1145DB55AA31F408A8DEA8B8573506C76D8AF81C9A3F4D5D4B838D34C30C54D3886448581ABD74D6D95F8B0D4DA21A8E3C6D127657A93354E028D65AC9CFFBCFBD0DEC0EA4F7CBB1018C9618612FB2A5837631AFC614AD2D5FC45EC872EC8816CCB96841A4DC14307159F83F694C90472DA3BB20E9EAC91D1F21770CDC6A037855520D80102005651A54BF12D9BAB8ADB4149ED37B5BD851825B596887DC4E47E55FC0D7B3AE7FFA43F95CCE340942FBEC7E593A16AEAC11CA1136902A2917BC096E8B16CA28D0AC2A58B46DA69B9908CFDB5DC16B391B4DD5C1A8346DB2CDB22447E44FF1567D85B90CD8016029C33D9DE2C992AC73A8155693DDE84FCBB760D88FEA847AEB13EF8058E11E81A7ED0666794272E362F60EF252BD5E3890D85EB6297F99BFA82A7FA94F33EC9804D02E50C56C7856C7B923987825C79A22BF9188AC61E936AC48A40B73EBE61C1C8724315AEA4D1E5AB2889C2251F9A771493955AC59F2A617
-20210510074524 2 6 100 3071 2 E2F748529B9B801FBAF3AE42C75013A5C4C959A756D496B01A6E1145DB55AA31F408A8DEA8B8573506C76D8AF81C9A3F4D5D4B838D34C30C54D3886448581ABD74D6D95F8B0D4DA21A8E3C6D127657A93354E028D65AC9CFFBCFBD0DEC0EA4F7CBB1018C9618612FB2A5837631AFC614AD2D5FC45EC872EC8816CCB96841A4DC14307159F83F694C90472DA3BB20E9EAC91D1F21770CDC6A037855520D80102005651A54BF12D9BAB8ADB4149ED37B5BD851825B596887DC4E47E55FC0D7B3AE7FFA43F95CCE340942FBEC7E593A16AEAC11CA1136902A2917BC096E8B16CA28D0AC2A58B46DA69B9908CFDB5DC16B391B4DD5C1A8346DB2CDB22447E44FF1567D85B90CD8016029C33D9DE2C992AC73A8155693DDE84FCBB760D88FEA847AEB13EF8058E11E81A7ED0666794272E362F60EF252BD5E3890D85EB6297F99BFA82A7FA94F33EC9804D02E50C56C7856C7B923987825C79A22BF9188AC61E936AC48A40B73EBE61C1C8724315AEA4D1E5AB2889C2251F9A771493955AC5A07E733
-20210510074635 2 6 100 3071 2 E2F748529B9B801FBAF3AE42C75013A5C4C959A756D496B01A6E1145DB55AA31F408A8DEA8B8573506C76D8AF81C9A3F4D5D4B838D34C30C54D3886448581ABD74D6D95F8B0D4DA21A8E3C6D127657A93354E028D65AC9CFFBCFBD0DEC0EA4F7CBB1018C9618612FB2A5837631AFC614AD2D5FC45EC872EC8816CCB96841A4DC14307159F83F694C90472DA3BB20E9EAC91D1F21770CDC6A037855520D80102005651A54BF12D9BAB8ADB4149ED37B5BD851825B596887DC4E47E55FC0D7B3AE7FFA43F95CCE340942FBEC7E593A16AEAC11CA1136902A2917BC096E8B16CA28D0AC2A58B46DA69B9908CFDB5DC16B391B4DD5C1A8346DB2CDB22447E44FF1567D85B90CD8016029C33D9DE2C992AC73A8155693DDE84FCBB760D88FEA847AEB13EF8058E11E81A7ED0666794272E362F60EF252BD5E3890D85EB6297F99BFA82A7FA94F33EC9804D02E50C56C7856C7B923987825C79A22BF9188AC61E936AC48A40B73EBE61C1C8724315AEA4D1E5AB2889C2251F9A771493955AC5A2EFED3
-20210510074720 2 6 100 3071 2 E2F748529B9B801FBAF3AE42C75013A5C4C959A756D496B01A6E1145DB55AA31F408A8DEA8B8573506C76D8AF81C9A3F4D5D4B838D34C30C54D3886448581ABD74D6D95F8B0D4DA21A8E3C6D127657A93354E028D65AC9CFFBCFBD0DEC0EA4F7CBB1018C9618612FB2A5837631AFC614AD2D5FC45EC872EC8816CCB96841A4DC14307159F83F694C90472DA3BB20E9EAC91D1F21770CDC6A037855520D80102005651A54BF12D9BAB8ADB4149ED37B5BD851825B596887DC4E47E55FC0D7B3AE7FFA43F95CCE340942FBEC7E593A16AEAC11CA1136902A2917BC096E8B16CA28D0AC2A58B46DA69B9908CFDB5DC16B391B4DD5C1A8346DB2CDB22447E44FF1567D85B90CD8016029C33D9DE2C992AC73A8155693DDE84FCBB760D88FEA847AEB13EF8058E11E81A7ED0666794272E362F60EF252BD5E3890D85EB6297F99BFA82A7FA94F33EC9804D02E50C56C7856C7B923987825C79A22BF9188AC61E936AC48A40B73EBE61C1C8724315AEA4D1E5AB2889C2251F9A771493955AC5A47453B
-20210510074829 2 6 100 3071 2 E2F748529B9B801FBAF3AE42C75013A5C4C959A756D496B01A6E1145DB55AA31F408A8DEA8B8573506C76D8AF81C9A3F4D5D4B838D34C30C54D3886448581ABD74D6D95F8B0D4DA21A8E3C6D127657A93354E028D65AC9CFFBCFBD0DEC0EA4F7CBB1018C9618612FB2A5837631AFC614AD2D5FC45EC872EC8816CCB96841A4DC14307159F83F694C90472DA3BB20E9EAC91D1F21770CDC6A037855520D80102005651A54BF12D9BAB8ADB4149ED37B5BD851825B596887DC4E47E55FC0D7B3AE7FFA43F95CCE340942FBEC7E593A16AEAC11CA1136902A2917BC096E8B16CA28D0AC2A58B46DA69B9908CFDB5DC16B391B4DD5C1A8346DB2CDB22447E44FF1567D85B90CD8016029C33D9DE2C992AC73A8155693DDE84FCBB760D88FEA847AEB13EF8058E11E81A7ED0666794272E362F60EF252BD5E3890D85EB6297F99BFA82A7FA94F33EC9804D02E50C56C7856C7B923987825C79A22BF9188AC61E936AC48A40B73EBE61C1C8724315AEA4D1E5AB2889C2251F9A771493955AC5A6E33CB
-20210510075104 2 6 100 3071 2 E2F748529B9B801FBAF3AE42C75013A5C4C959A756D496B01A6E1145DB55AA31F408A8DEA8B8573506C76D8AF81C9A3F4D5D4B838D34C30C54D3886448581ABD74D6D95F8B0D4DA21A8E3C6D127657A93354E028D65AC9CFFBCFBD0DEC0EA4F7CBB1018C9618612FB2A5837631AFC614AD2D5FC45EC872EC8816CCB96841A4DC14307159F83F694C90472DA3BB20E9EAC91D1F21770CDC6A037855520D80102005651A54BF12D9BAB8ADB4149ED37B5BD851825B596887DC4E47E55FC0D7B3AE7FFA43F95CCE340942FBEC7E593A16AEAC11CA1136902A2917BC096E8B16CA28D0AC2A58B46DA69B9908CFDB5DC16B391B4DD5C1A8346DB2CDB22447E44FF1567D85B90CD8016029C33D9DE2C992AC73A8155693DDE84FCBB760D88FEA847AEB13EF8058E11E81A7ED0666794272E362F60EF252BD5E3890D85EB6297F99BFA82A7FA94F33EC9804D02E50C56C7856C7B923987825C79A22BF9188AC61E936AC48A40B73EBE61C1C8724315AEA4D1E5AB2889C2251F9A771493955AC5ACF8A13
-20210510075335 2 6 100 3071 2 E2F748529B9B801FBAF3AE42C75013A5C4C959A756D496B01A6E1145DB55AA31F408A8DEA8B8573506C76D8AF81C9A3F4D5D4B838D34C30C54D3886448581ABD74D6D95F8B0D4DA21A8E3C6D127657A93354E028D65AC9CFFBCFBD0DEC0EA4F7CBB1018C9618612FB2A5837631AFC614AD2D5FC45EC872EC8816CCB96841A4DC14307159F83F694C90472DA3BB20E9EAC91D1F21770CDC6A037855520D80102005651A54BF12D9BAB8ADB4149ED37B5BD851825B596887DC4E47E55FC0D7B3AE7FFA43F95CCE340942FBEC7E593A16AEAC11CA1136902A2917BC096E8B16CA28D0AC2A58B46DA69B9908CFDB5DC16B391B4DD5C1A8346DB2CDB22447E44FF1567D85B90CD8016029C33D9DE2C992AC73A8155693DDE84FCBB760D88FEA847AEB13EF8058E11E81A7ED0666794272E362F60EF252BD5E3890D85EB6297F99BFA82A7FA94F33EC9804D02E50C56C7856C7B923987825C79A22BF9188AC61E936AC48A40B73EBE61C1C8724315AEA4D1E5AB2889C2251F9A771493955AC5B2E9B03
-20210510075857 2 6 100 3071 2 E2F748529B9B801FBAF3AE42C75013A5C4C959A756D496B01A6E1145DB55AA31F408A8DEA8B8573506C76D8AF81C9A3F4D5D4B838D34C30C54D3886448581ABD74D6D95F8B0D4DA21A8E3C6D127657A93354E028D65AC9CFFBCFBD0DEC0EA4F7CBB1018C9618612FB2A5837631AFC614AD2D5FC45EC872EC8816CCB96841A4DC14307159F83F694C90472DA3BB20E9EAC91D1F21770CDC6A037855520D80102005651A54BF12D9BAB8ADB4149ED37B5BD851825B596887DC4E47E55FC0D7B3AE7FFA43F95CCE340942FBEC7E593A16AEAC11CA1136902A2917BC096E8B16CA28D0AC2A58B46DA69B9908CFDB5DC16B391B4DD5C1A8346DB2CDB22447E44FF1567D85B90CD8016029C33D9DE2C992AC73A8155693DDE84FCBB760D88FEA847AEB13EF8058E11E81A7ED0666794272E362F60EF252BD5E3890D85EB6297F99BFA82A7FA94F33EC9804D02E50C56C7856C7B923987825C79A22BF9188AC61E936AC48A40B73EBE61C1C8724315AEA4D1E5AB2889C2251F9A771493955AC5C027EC3
-20210510080304 2 6 100 3071 2 E2F748529B9B801FBAF3AE42C75013A5C4C959A756D496B01A6E1145DB55AA31F408A8DEA8B8573506C76D8AF81C9A3F4D5D4B838D34C30C54D3886448581ABD74D6D95F8B0D4DA21A8E3C6D127657A93354E028D65AC9CFFBCFBD0DEC0EA4F7CBB1018C9618612FB2A5837631AFC614AD2D5FC45EC872EC8816CCB96841A4DC14307159F83F694C90472DA3BB20E9EAC91D1F21770CDC6A037855520D80102005651A54BF12D9BAB8ADB4149ED37B5BD851825B596887DC4E47E55FC0D7B3AE7FFA43F95CCE340942FBEC7E593A16AEAC11CA1136902A2917BC096E8B16CA28D0AC2A58B46DA69B9908CFDB5DC16B391B4DD5C1A8346DB2CDB22447E44FF1567D85B90CD8016029C33D9DE2C992AC73A8155693DDE84FCBB760D88FEA847AEB13EF8058E11E81A7ED0666794272E362F60EF252BD5E3890D85EB6297F99BFA82A7FA94F33EC9804D02E50C56C7856C7B923987825C79A22BF9188AC61E936AC48A40B73EBE61C1C8724315AEA4D1E5AB2889C2251F9A771493955AC5CA07843
-20210510080325 2 6 100 3071 5 E2F748529B9B801FBAF3AE42C75013A5C4C959A756D496B01A6E1145DB55AA31F408A8DEA8B8573506C76D8AF81C9A3F4D5D4B838D34C30C54D3886448581ABD74D6D95F8B0D4DA21A8E3C6D127657A93354E028D65AC9CFFBCFBD0DEC0EA4F7CBB1018C9618612FB2A5837631AFC614AD2D5FC45EC872EC8816CCB96841A4DC14307159F83F694C90472DA3BB20E9EAC91D1F21770CDC6A037855520D80102005651A54BF12D9BAB8ADB4149ED37B5BD851825B596887DC4E47E55FC0D7B3AE7FFA43F95CCE340942FBEC7E593A16AEAC11CA1136902A2917BC096E8B16CA28D0AC2A58B46DA69B9908CFDB5DC16B391B4DD5C1A8346DB2CDB22447E44FF1567D85B90CD8016029C33D9DE2C992AC73A8155693DDE84FCBB760D88FEA847AEB13EF8058E11E81A7ED0666794272E362F60EF252BD5E3890D85EB6297F99BFA82A7FA94F33EC9804D02E50C56C7856C7B923987825C79A22BF9188AC61E936AC48A40B73EBE61C1C8724315AEA4D1E5AB2889C2251F9A771493955AC5CA5F02F
-20210510080534 2 6 100 3071 5 E2F748529B9B801FBAF3AE42C75013A5C4C959A756D496B01A6E1145DB55AA31F408A8DEA8B8573506C76D8AF81C9A3F4D5D4B838D34C30C54D3886448581ABD74D6D95F8B0D4DA21A8E3C6D127657A93354E028D65AC9CFFBCFBD0DEC0EA4F7CBB1018C9618612FB2A5837631AFC614AD2D5FC45EC872EC8816CCB96841A4DC14307159F83F694C90472DA3BB20E9EAC91D1F21770CDC6A037855520D80102005651A54BF12D9BAB8ADB4149ED37B5BD851825B596887DC4E47E55FC0D7B3AE7FFA43F95CCE340942FBEC7E593A16AEAC11CA1136902A2917BC096E8B16CA28D0AC2A58B46DA69B9908CFDB5DC16B391B4DD5C1A8346DB2CDB22447E44FF1567D85B90CD8016029C33D9DE2C992AC73A8155693DDE84FCBB760D88FEA847AEB13EF8058E11E81A7ED0666794272E362F60EF252BD5E3890D85EB6297F99BFA82A7FA94F33EC9804D02E50C56C7856C7B923987825C79A22BF9188AC61E936AC48A40B73EBE61C1C8724315AEA4D1E5AB2889C2251F9A771493955AC5CF54017
-20210510080630 2 6 100 3071 5 E2F748529B9B801FBAF3AE42C75013A5C4C959A756D496B01A6E1145DB55AA31F408A8DEA8B8573506C76D8AF81C9A3F4D5D4B838D34C30C54D3886448581ABD74D6D95F8B0D4DA21A8E3C6D127657A93354E028D65AC9CFFBCFBD0DEC0EA4F7CBB1018C9618612FB2A5837631AFC614AD2D5FC45EC872EC8816CCB96841A4DC14307159F83F694C90472DA3BB20E9EAC91D1F21770CDC6A037855520D80102005651A54BF12D9BAB8ADB4149ED37B5BD851825B596887DC4E47E55FC0D7B3AE7FFA43F95CCE340942FBEC7E593A16AEAC11CA1136902A2917BC096E8B16CA28D0AC2A58B46DA69B9908CFDB5DC16B391B4DD5C1A8346DB2CDB22447E44FF1567D85B90CD8016029C33D9DE2C992AC73A8155693DDE84FCBB760D88FEA847AEB13EF8058E11E81A7ED0666794272E362F60EF252BD5E3890D85EB6297F99BFA82A7FA94F33EC9804D02E50C56C7856C7B923987825C79A22BF9188AC61E936AC48A40B73EBE61C1C8724315AEA4D1E5AB2889C2251F9A771493955AC5D12D9E7
-20210510080911 2 6 100 3071 5 E2F748529B9B801FBAF3AE42C75013A5C4C959A756D496B01A6E1145DB55AA31F408A8DEA8B8573506C76D8AF81C9A3F4D5D4B838D34C30C54D3886448581ABD74D6D95F8B0D4DA21A8E3C6D127657A93354E028D65AC9CFFBCFBD0DEC0EA4F7CBB1018C9618612FB2A5837631AFC614AD2D5FC45EC872EC8816CCB96841A4DC14307159F83F694C90472DA3BB20E9EAC91D1F21770CDC6A037855520D80102005651A54BF12D9BAB8ADB4149ED37B5BD851825B596887DC4E47E55FC0D7B3AE7FFA43F95CCE340942FBEC7E593A16AEAC11CA1136902A2917BC096E8B16CA28D0AC2A58B46DA69B9908CFDB5DC16B391B4DD5C1A8346DB2CDB22447E44FF1567D85B90CD8016029C33D9DE2C992AC73A8155693DDE84FCBB760D88FEA847AEB13EF8058E11E81A7ED0666794272E362F60EF252BD5E3890D85EB6297F99BFA82A7FA94F33EC9804D02E50C56C7856C7B923987825C79A22BF9188AC61E936AC48A40B73EBE61C1C8724315AEA4D1E5AB2889C2251F9A771493955AC5D77D397
-20210510081204 2 6 100 3071 5 E2F748529B9B801FBAF3AE42C75013A5C4C959A756D496B01A6E1145DB55AA31F408A8DEA8B8573506C76D8AF81C9A3F4D5D4B838D34C30C54D3886448581ABD74D6D95F8B0D4DA21A8E3C6D127657A93354E028D65AC9CFFBCFBD0DEC0EA4F7CBB1018C9618612FB2A5837631AFC614AD2D5FC45EC872EC8816CCB96841A4DC14307159F83F694C90472DA3BB20E9EAC91D1F21770CDC6A037855520D80102005651A54BF12D9BAB8ADB4149ED37B5BD851825B596887DC4E47E55FC0D7B3AE7FFA43F95CCE340942FBEC7E593A16AEAC11CA1136902A2917BC096E8B16CA28D0AC2A58B46DA69B9908CFDB5DC16B391B4DD5C1A8346DB2CDB22447E44FF1567D85B90CD8016029C33D9DE2C992AC73A8155693DDE84FCBB760D88FEA847AEB13EF8058E11E81A7ED0666794272E362F60EF252BD5E3890D85EB6297F99BFA82A7FA94F33EC9804D02E50C56C7856C7B923987825C79A22BF9188AC61E936AC48A40B73EBE61C1C8724315AEA4D1E5AB2889C2251F9A771493955AC5DE0D19F
-20210510081331 2 6 100 3071 2 E2F748529B9B801FBAF3AE42C75013A5C4C959A756D496B01A6E1145DB55AA31F408A8DEA8B8573506C76D8AF81C9A3F4D5D4B838D34C30C54D3886448581ABD74D6D95F8B0D4DA21A8E3C6D127657A93354E028D65AC9CFFBCFBD0DEC0EA4F7CBB1018C9618612FB2A5837631AFC614AD2D5FC45EC872EC8816CCB96841A4DC14307159F83F694C90472DA3BB20E9EAC91D1F21770CDC6A037855520D80102005651A54BF12D9BAB8ADB4149ED37B5BD851825B596887DC4E47E55FC0D7B3AE7FFA43F95CCE340942FBEC7E593A16AEAC11CA1136902A2917BC096E8B16CA28D0AC2A58B46DA69B9908CFDB5DC16B391B4DD5C1A8346DB2CDB22447E44FF1567D85B90CD8016029C33D9DE2C992AC73A8155693DDE84FCBB760D88FEA847AEB13EF8058E11E81A7ED0666794272E362F60EF252BD5E3890D85EB6297F99BFA82A7FA94F33EC9804D02E50C56C7856C7B923987825C79A22BF9188AC61E936AC48A40B73EBE61C1C8724315AEA4D1E5AB2889C2251F9A771493955AC5E111063
-20210510081720 2 6 100 3071 5 E2F748529B9B801FBAF3AE42C75013A5C4C959A756D496B01A6E1145DB55AA31F408A8DEA8B8573506C76D8AF81C9A3F4D5D4B838D34C30C54D3886448581ABD74D6D95F8B0D4DA21A8E3C6D127657A93354E028D65AC9CFFBCFBD0DEC0EA4F7CBB1018C9618612FB2A5837631AFC614AD2D5FC45EC872EC8816CCB96841A4DC14307159F83F694C90472DA3BB20E9EAC91D1F21770CDC6A037855520D80102005651A54BF12D9BAB8ADB4149ED37B5BD851825B596887DC4E47E55FC0D7B3AE7FFA43F95CCE340942FBEC7E593A16AEAC11CA1136902A2917BC096E8B16CA28D0AC2A58B46DA69B9908CFDB5DC16B391B4DD5C1A8346DB2CDB22447E44FF1567D85B90CD8016029C33D9DE2C992AC73A8155693DDE84FCBB760D88FEA847AEB13EF8058E11E81A7ED0666794272E362F60EF252BD5E3890D85EB6297F99BFA82A7FA94F33EC9804D02E50C56C7856C7B923987825C79A22BF9188AC61E936AC48A40B73EBE61C1C8724315AEA4D1E5AB2889C2251F9A771493955AC5EA68ABF
-20210510081858 2 6 100 3071 2 E2F748529B9B801FBAF3AE42C75013A5C4C959A756D496B01A6E1145DB55AA31F408A8DEA8B8573506C76D8AF81C9A3F4D5D4B838D34C30C54D3886448581ABD74D6D95F8B0D4DA21A8E3C6D127657A93354E028D65AC9CFFBCFBD0DEC0EA4F7CBB1018C9618612FB2A5837631AFC614AD2D5FC45EC872EC8816CCB96841A4DC14307159F83F694C90472DA3BB20E9EAC91D1F21770CDC6A037855520D80102005651A54BF12D9BAB8ADB4149ED37B5BD851825B596887DC4E47E55FC0D7B3AE7FFA43F95CCE340942FBEC7E593A16AEAC11CA1136902A2917BC096E8B16CA28D0AC2A58B46DA69B9908CFDB5DC16B391B4DD5C1A8346DB2CDB22447E44FF1567D85B90CD8016029C33D9DE2C992AC73A8155693DDE84FCBB760D88FEA847AEB13EF8058E11E81A7ED0666794272E362F60EF252BD5E3890D85EB6297F99BFA82A7FA94F33EC9804D02E50C56C7856C7B923987825C79A22BF9188AC61E936AC48A40B73EBE61C1C8724315AEA4D1E5AB2889C2251F9A771493955AC5EE2D9A3
-20210510082830 2 6 100 3071 2 E2F748529B9B801FBAF3AE42C75013A5C4C959A756D496B01A6E1145DB55AA31F408A8DEA8B8573506C76D8AF81C9A3F4D5D4B838D34C30C54D3886448581ABD74D6D95F8B0D4DA21A8E3C6D127657A93354E028D65AC9CFFBCFBD0DEC0EA4F7CBB1018C9618612FB2A5837631AFC614AD2D5FC45EC872EC8816CCB96841A4DC14307159F83F694C90472DA3BB20E9EAC91D1F21770CDC6A037855520D80102005651A54BF12D9BAB8ADB4149ED37B5BD851825B596887DC4E47E55FC0D7B3AE7FFA43F95CCE340942FBEC7E593A16AEAC11CA1136902A2917BC096E8B16CA28D0AC2A58B46DA69B9908CFDB5DC16B391B4DD5C1A8346DB2CDB22447E44FF1567D85B90CD8016029C33D9DE2C992AC73A8155693DDE84FCBB760D88FEA847AEB13EF8058E11E81A7ED0666794272E362F60EF252BD5E3890D85EB6297F99BFA82A7FA94F33EC9804D02E50C56C7856C7B923987825C79A22BF9188AC61E936AC48A40B73EBE61C1C8724315AEA4D1E5AB2889C2251F9A771493955AC60582ADB
-20210510083201 2 6 100 3071 2 E2F748529B9B801FBAF3AE42C75013A5C4C959A756D496B01A6E1145DB55AA31F408A8DEA8B8573506C76D8AF81C9A3F4D5D4B838D34C30C54D3886448581ABD74D6D95F8B0D4DA21A8E3C6D127657A93354E028D65AC9CFFBCFBD0DEC0EA4F7CBB1018C9618612FB2A5837631AFC614AD2D5FC45EC872EC8816CCB96841A4DC14307159F83F694C90472DA3BB20E9EAC91D1F21770CDC6A037855520D80102005651A54BF12D9BAB8ADB4149ED37B5BD851825B596887DC4E47E55FC0D7B3AE7FFA43F95CCE340942FBEC7E593A16AEAC11CA1136902A2917BC096E8B16CA28D0AC2A58B46DA69B9908CFDB5DC16B391B4DD5C1A8346DB2CDB22447E44FF1567D85B90CD8016029C33D9DE2C992AC73A8155693DDE84FCBB760D88FEA847AEB13EF8058E11E81A7ED0666794272E362F60EF252BD5E3890D85EB6297F99BFA82A7FA94F33EC9804D02E50C56C7856C7B923987825C79A22BF9188AC61E936AC48A40B73EBE61C1C8724315AEA4D1E5AB2889C2251F9A771493955AC60E0CE7B
-20210510083743 2 6 100 3071 2 E2F748529B9B801FBAF3AE42C75013A5C4C959A756D496B01A6E1145DB55AA31F408A8DEA8B8573506C76D8AF81C9A3F4D5D4B838D34C30C54D3886448581ABD74D6D95F8B0D4DA21A8E3C6D127657A93354E028D65AC9CFFBCFBD0DEC0EA4F7CBB1018C9618612FB2A5837631AFC614AD2D5FC45EC872EC8816CCB96841A4DC14307159F83F694C90472DA3BB20E9EAC91D1F21770CDC6A037855520D80102005651A54BF12D9BAB8ADB4149ED37B5BD851825B596887DC4E47E55FC0D7B3AE7FFA43F95CCE340942FBEC7E593A16AEAC11CA1136902A2917BC096E8B16CA28D0AC2A58B46DA69B9908CFDB5DC16B391B4DD5C1A8346DB2CDB22447E44FF1567D85B90CD8016029C33D9DE2C992AC73A8155693DDE84FCBB760D88FEA847AEB13EF8058E11E81A7ED0666794272E362F60EF252BD5E3890D85EB6297F99BFA82A7FA94F33EC9804D02E50C56C7856C7B923987825C79A22BF9188AC61E936AC48A40B73EBE61C1C8724315AEA4D1E5AB2889C2251F9A771493955AC61BA35A3
-20210510083915 2 6 100 3071 2 E2F748529B9B801FBAF3AE42C75013A5C4C959A756D496B01A6E1145DB55AA31F408A8DEA8B8573506C76D8AF81C9A3F4D5D4B838D34C30C54D3886448581ABD74D6D95F8B0D4DA21A8E3C6D127657A93354E028D65AC9CFFBCFBD0DEC0EA4F7CBB1018C9618612FB2A5837631AFC614AD2D5FC45EC872EC8816CCB96841A4DC14307159F83F694C90472DA3BB20E9EAC91D1F21770CDC6A037855520D80102005651A54BF12D9BAB8ADB4149ED37B5BD851825B596887DC4E47E55FC0D7B3AE7FFA43F95CCE340942FBEC7E593A16AEAC11CA1136902A2917BC096E8B16CA28D0AC2A58B46DA69B9908CFDB5DC16B391B4DD5C1A8346DB2CDB22447E44FF1567D85B90CD8016029C33D9DE2C992AC73A8155693DDE84FCBB760D88FEA847AEB13EF8058E11E81A7ED0666794272E362F60EF252BD5E3890D85EB6297F99BFA82A7FA94F33EC9804D02E50C56C7856C7B923987825C79A22BF9188AC61E936AC48A40B73EBE61C1C8724315AEA4D1E5AB2889C2251F9A771493955AC61EDA4A3
-20210510083946 2 6 100 3071 2 E2F748529B9B801FBAF3AE42C75013A5C4C959A756D496B01A6E1145DB55AA31F408A8DEA8B8573506C76D8AF81C9A3F4D5D4B838D34C30C54D3886448581ABD74D6D95F8B0D4DA21A8E3C6D127657A93354E028D65AC9CFFBCFBD0DEC0EA4F7CBB1018C9618612FB2A5837631AFC614AD2D5FC45EC872EC8816CCB96841A4DC14307159F83F694C90472DA3BB20E9EAC91D1F21770CDC6A037855520D80102005651A54BF12D9BAB8ADB4149ED37B5BD851825B596887DC4E47E55FC0D7B3AE7FFA43F95CCE340942FBEC7E593A16AEAC11CA1136902A2917BC096E8B16CA28D0AC2A58B46DA69B9908CFDB5DC16B391B4DD5C1A8346DB2CDB22447E44FF1567D85B90CD8016029C33D9DE2C992AC73A8155693DDE84FCBB760D88FEA847AEB13EF8058E11E81A7ED0666794272E362F60EF252BD5E3890D85EB6297F99BFA82A7FA94F33EC9804D02E50C56C7856C7B923987825C79A22BF9188AC61E936AC48A40B73EBE61C1C8724315AEA4D1E5AB2889C2251F9A771493955AC61FA1EB3
-20210510084019 2 6 100 3071 2 E2F748529B9B801FBAF3AE42C75013A5C4C959A756D496B01A6E1145DB55AA31F408A8DEA8B8573506C76D8AF81C9A3F4D5D4B838D34C30C54D3886448581ABD74D6D95F8B0D4DA21A8E3C6D127657A93354E028D65AC9CFFBCFBD0DEC0EA4F7CBB1018C9618612FB2A5837631AFC614AD2D5FC45EC872EC8816CCB96841A4DC14307159F83F694C90472DA3BB20E9EAC91D1F21770CDC6A037855520D80102005651A54BF12D9BAB8ADB4149ED37B5BD851825B596887DC4E47E55FC0D7B3AE7FFA43F95CCE340942FBEC7E593A16AEAC11CA1136902A2917BC096E8B16CA28D0AC2A58B46DA69B9908CFDB5DC16B391B4DD5C1A8346DB2CDB22447E44FF1567D85B90CD8016029C33D9DE2C992AC73A8155693DDE84FCBB760D88FEA847AEB13EF8058E11E81A7ED0666794272E362F60EF252BD5E3890D85EB6297F99BFA82A7FA94F33EC9804D02E50C56C7856C7B923987825C79A22BF9188AC61E936AC48A40B73EBE61C1C8724315AEA4D1E5AB2889C2251F9A771493955AC6208EA33
-20210510084631 2 6 100 3071 5 E2F748529B9B801FBAF3AE42C75013A5C4C959A756D496B01A6E1145DB55AA31F408A8DEA8B8573506C76D8AF81C9A3F4D5D4B838D34C30C54D3886448581ABD74D6D95F8B0D4DA21A8E3C6D127657A93354E028D65AC9CFFBCFBD0DEC0EA4F7CBB1018C9618612FB2A5837631AFC614AD2D5FC45EC872EC8816CCB96841A4DC14307159F83F694C90472DA3BB20E9EAC91D1F21770CDC6A037855520D80102005651A54BF12D9BAB8ADB4149ED37B5BD851825B596887DC4E47E55FC0D7B3AE7FFA43F95CCE340942FBEC7E593A16AEAC11CA1136902A2917BC096E8B16CA28D0AC2A58B46DA69B9908CFDB5DC16B391B4DD5C1A8346DB2CDB22447E44FF1567D85B90CD8016029C33D9DE2C992AC73A8155693DDE84FCBB760D88FEA847AEB13EF8058E11E81A7ED0666794272E362F60EF252BD5E3890D85EB6297F99BFA82A7FA94F33EC9804D02E50C56C7856C7B923987825C79A22BF9188AC61E936AC48A40B73EBE61C1C8724315AEA4D1E5AB2889C2251F9A771493955AC62F8C84F
-20210510084729 2 6 100 3071 2 E2F748529B9B801FBAF3AE42C75013A5C4C959A756D496B01A6E1145DB55AA31F408A8DEA8B8573506C76D8AF81C9A3F4D5D4B838D34C30C54D3886448581ABD74D6D95F8B0D4DA21A8E3C6D127657A93354E028D65AC9CFFBCFBD0DEC0EA4F7CBB1018C9618612FB2A5837631AFC614AD2D5FC45EC872EC8816CCB96841A4DC14307159F83F694C90472DA3BB20E9EAC91D1F21770CDC6A037855520D80102005651A54BF12D9BAB8ADB4149ED37B5BD851825B596887DC4E47E55FC0D7B3AE7FFA43F95CCE340942FBEC7E593A16AEAC11CA1136902A2917BC096E8B16CA28D0AC2A58B46DA69B9908CFDB5DC16B391B4DD5C1A8346DB2CDB22447E44FF1567D85B90CD8016029C33D9DE2C992AC73A8155693DDE84FCBB760D88FEA847AEB13EF8058E11E81A7ED0666794272E362F60EF252BD5E3890D85EB6297F99BFA82A7FA94F33EC9804D02E50C56C7856C7B923987825C79A22BF9188AC61E936AC48A40B73EBE61C1C8724315AEA4D1E5AB2889C2251F9A771493955AC6317E0DB
-20210510085604 2 6 100 3071 5 E2F748529B9B801FBAF3AE42C75013A5C4C959A756D496B01A6E1145DB55AA31F408A8DEA8B8573506C76D8AF81C9A3F4D5D4B838D34C30C54D3886448581ABD74D6D95F8B0D4DA21A8E3C6D127657A93354E028D65AC9CFFBCFBD0DEC0EA4F7CBB1018C9618612FB2A5837631AFC614AD2D5FC45EC872EC8816CCB96841A4DC14307159F83F694C90472DA3BB20E9EAC91D1F21770CDC6A037855520D80102005651A54BF12D9BAB8ADB4149ED37B5BD851825B596887DC4E47E55FC0D7B3AE7FFA43F95CCE340942FBEC7E593A16AEAC11CA1136902A2917BC096E8B16CA28D0AC2A58B46DA69B9908CFDB5DC16B391B4DD5C1A8346DB2CDB22447E44FF1567D85B90CD8016029C33D9DE2C992AC73A8155693DDE84FCBB760D88FEA847AEB13EF8058E11E81A7ED0666794272E362F60EF252BD5E3890D85EB6297F99BFA82A7FA94F33EC9804D02E50C56C7856C7B923987825C79A22BF9188AC61E936AC48A40B73EBE61C1C8724315AEA4D1E5AB2889C2251F9A771493955AC6466EE77
-20210510085645 2 6 100 3071 2 E2F748529B9B801FBAF3AE42C75013A5C4C959A756D496B01A6E1145DB55AA31F408A8DEA8B8573506C76D8AF81C9A3F4D5D4B838D34C30C54D3886448581ABD74D6D95F8B0D4DA21A8E3C6D127657A93354E028D65AC9CFFBCFBD0DEC0EA4F7CBB1018C9618612FB2A5837631AFC614AD2D5FC45EC872EC8816CCB96841A4DC14307159F83F694C90472DA3BB20E9EAC91D1F21770CDC6A037855520D80102005651A54BF12D9BAB8ADB4149ED37B5BD851825B596887DC4E47E55FC0D7B3AE7FFA43F95CCE340942FBEC7E593A16AEAC11CA1136902A2917BC096E8B16CA28D0AC2A58B46DA69B9908CFDB5DC16B391B4DD5C1A8346DB2CDB22447E44FF1567D85B90CD8016029C33D9DE2C992AC73A8155693DDE84FCBB760D88FEA847AEB13EF8058E11E81A7ED0666794272E362F60EF252BD5E3890D85EB6297F99BFA82A7FA94F33EC9804D02E50C56C7856C7B923987825C79A22BF9188AC61E936AC48A40B73EBE61C1C8724315AEA4D1E5AB2889C2251F9A771493955AC64795C1B
-20210510085906 2 6 100 3071 2 E2F748529B9B801FBAF3AE42C75013A5C4C959A756D496B01A6E1145DB55AA31F408A8DEA8B8573506C76D8AF81C9A3F4D5D4B838D34C30C54D3886448581ABD74D6D95F8B0D4DA21A8E3C6D127657A93354E028D65AC9CFFBCFBD0DEC0EA4F7CBB1018C9618612FB2A5837631AFC614AD2D5FC45EC872EC8816CCB96841A4DC14307159F83F694C90472DA3BB20E9EAC91D1F21770CDC6A037855520D80102005651A54BF12D9BAB8ADB4149ED37B5BD851825B596887DC4E47E55FC0D7B3AE7FFA43F95CCE340942FBEC7E593A16AEAC11CA1136902A2917BC096E8B16CA28D0AC2A58B46DA69B9908CFDB5DC16B391B4DD5C1A8346DB2CDB22447E44FF1567D85B90CD8016029C33D9DE2C992AC73A8155693DDE84FCBB760D88FEA847AEB13EF8058E11E81A7ED0666794272E362F60EF252BD5E3890D85EB6297F99BFA82A7FA94F33EC9804D02E50C56C7856C7B923987825C79A22BF9188AC61E936AC48A40B73EBE61C1C8724315AEA4D1E5AB2889C2251F9A771493955AC64D0DEFB
-20210510090053 2 6 100 3071 2 E2F748529B9B801FBAF3AE42C75013A5C4C959A756D496B01A6E1145DB55AA31F408A8DEA8B8573506C76D8AF81C9A3F4D5D4B838D34C30C54D3886448581ABD74D6D95F8B0D4DA21A8E3C6D127657A93354E028D65AC9CFFBCFBD0DEC0EA4F7CBB1018C9618612FB2A5837631AFC614AD2D5FC45EC872EC8816CCB96841A4DC14307159F83F694C90472DA3BB20E9EAC91D1F21770CDC6A037855520D80102005651A54BF12D9BAB8ADB4149ED37B5BD851825B596887DC4E47E55FC0D7B3AE7FFA43F95CCE340942FBEC7E593A16AEAC11CA1136902A2917BC096E8B16CA28D0AC2A58B46DA69B9908CFDB5DC16B391B4DD5C1A8346DB2CDB22447E44FF1567D85B90CD8016029C33D9DE2C992AC73A8155693DDE84FCBB760D88FEA847AEB13EF8058E11E81A7ED0666794272E362F60EF252BD5E3890D85EB6297F99BFA82A7FA94F33EC9804D02E50C56C7856C7B923987825C79A22BF9188AC61E936AC48A40B73EBE61C1C8724315AEA4D1E5AB2889C2251F9A771493955AC650DE7D3
-20210510090401 2 6 100 3071 2 E2F748529B9B801FBAF3AE42C75013A5C4C959A756D496B01A6E1145DB55AA31F408A8DEA8B8573506C76D8AF81C9A3F4D5D4B838D34C30C54D3886448581ABD74D6D95F8B0D4DA21A8E3C6D127657A93354E028D65AC9CFFBCFBD0DEC0EA4F7CBB1018C9618612FB2A5837631AFC614AD2D5FC45EC872EC8816CCB96841A4DC14307159F83F694C90472DA3BB20E9EAC91D1F21770CDC6A037855520D80102005651A54BF12D9BAB8ADB4149ED37B5BD851825B596887DC4E47E55FC0D7B3AE7FFA43F95CCE340942FBEC7E593A16AEAC11CA1136902A2917BC096E8B16CA28D0AC2A58B46DA69B9908CFDB5DC16B391B4DD5C1A8346DB2CDB22447E44FF1567D85B90CD8016029C33D9DE2C992AC73A8155693DDE84FCBB760D88FEA847AEB13EF8058E11E81A7ED0666794272E362F60EF252BD5E3890D85EB6297F99BFA82A7FA94F33EC9804D02E50C56C7856C7B923987825C79A22BF9188AC61E936AC48A40B73EBE61C1C8724315AEA4D1E5AB2889C2251F9A771493955AC6582AF03
-20210510090527 2 6 100 3071 5 E2F748529B9B801FBAF3AE42C75013A5C4C959A756D496B01A6E1145DB55AA31F408A8DEA8B8573506C76D8AF81C9A3F4D5D4B838D34C30C54D3886448581ABD74D6D95F8B0D4DA21A8E3C6D127657A93354E028D65AC9CFFBCFBD0DEC0EA4F7CBB1018C9618612FB2A5837631AFC614AD2D5FC45EC872EC8816CCB96841A4DC14307159F83F694C90472DA3BB20E9EAC91D1F21770CDC6A037855520D80102005651A54BF12D9BAB8ADB4149ED37B5BD851825B596887DC4E47E55FC0D7B3AE7FFA43F95CCE340942FBEC7E593A16AEAC11CA1136902A2917BC096E8B16CA28D0AC2A58B46DA69B9908CFDB5DC16B391B4DD5C1A8346DB2CDB22447E44FF1567D85B90CD8016029C33D9DE2C992AC73A8155693DDE84FCBB760D88FEA847AEB13EF8058E11E81A7ED0666794272E362F60EF252BD5E3890D85EB6297F99BFA82A7FA94F33EC9804D02E50C56C7856C7B923987825C79A22BF9188AC61E936AC48A40B73EBE61C1C8724315AEA4D1E5AB2889C2251F9A771493955AC65B4635F
-20210510090743 2 6 100 3071 2 E2F748529B9B801FBAF3AE42C75013A5C4C959A756D496B01A6E1145DB55AA31F408A8DEA8B8573506C76D8AF81C9A3F4D5D4B838D34C30C54D3886448581ABD74D6D95F8B0D4DA21A8E3C6D127657A93354E028D65AC9CFFBCFBD0DEC0EA4F7CBB1018C9618612FB2A5837631AFC614AD2D5FC45EC872EC8816CCB96841A4DC14307159F83F694C90472DA3BB20E9EAC91D1F21770CDC6A037855520D80102005651A54BF12D9BAB8ADB4149ED37B5BD851825B596887DC4E47E55FC0D7B3AE7FFA43F95CCE340942FBEC7E593A16AEAC11CA1136902A2917BC096E8B16CA28D0AC2A58B46DA69B9908CFDB5DC16B391B4DD5C1A8346DB2CDB22447E44FF1567D85B90CD8016029C33D9DE2C992AC73A8155693DDE84FCBB760D88FEA847AEB13EF8058E11E81A7ED0666794272E362F60EF252BD5E3890D85EB6297F99BFA82A7FA94F33EC9804D02E50C56C7856C7B923987825C79A22BF9188AC61E936AC48A40B73EBE61C1C8724315AEA4D1E5AB2889C2251F9A771493955AC6608EE2B
-20210510090837 2 6 100 3071 2 E2F748529B9B801FBAF3AE42C75013A5C4C959A756D496B01A6E1145DB55AA31F408A8DEA8B8573506C76D8AF81C9A3F4D5D4B838D34C30C54D3886448581ABD74D6D95F8B0D4DA21A8E3C6D127657A93354E028D65AC9CFFBCFBD0DEC0EA4F7CBB1018C9618612FB2A5837631AFC614AD2D5FC45EC872EC8816CCB96841A4DC14307159F83F694C90472DA3BB20E9EAC91D1F21770CDC6A037855520D80102005651A54BF12D9BAB8ADB4149ED37B5BD851825B596887DC4E47E55FC0D7B3AE7FFA43F95CCE340942FBEC7E593A16AEAC11CA1136902A2917BC096E8B16CA28D0AC2A58B46DA69B9908CFDB5DC16B391B4DD5C1A8346DB2CDB22447E44FF1567D85B90CD8016029C33D9DE2C992AC73A8155693DDE84FCBB760D88FEA847AEB13EF8058E11E81A7ED0666794272E362F60EF252BD5E3890D85EB6297F99BFA82A7FA94F33EC9804D02E50C56C7856C7B923987825C79A22BF9188AC61E936AC48A40B73EBE61C1C8724315AEA4D1E5AB2889C2251F9A771493955AC66237853
-20210510090953 2 6 100 3071 5 E2F748529B9B801FBAF3AE42C75013A5C4C959A756D496B01A6E1145DB55AA31F408A8DEA8B8573506C76D8AF81C9A3F4D5D4B838D34C30C54D3886448581ABD74D6D95F8B0D4DA21A8E3C6D127657A93354E028D65AC9CFFBCFBD0DEC0EA4F7CBB1018C9618612FB2A5837631AFC614AD2D5FC45EC872EC8816CCB96841A4DC14307159F83F694C90472DA3BB20E9EAC91D1F21770CDC6A037855520D80102005651A54BF12D9BAB8ADB4149ED37B5BD851825B596887DC4E47E55FC0D7B3AE7FFA43F95CCE340942FBEC7E593A16AEAC11CA1136902A2917BC096E8B16CA28D0AC2A58B46DA69B9908CFDB5DC16B391B4DD5C1A8346DB2CDB22447E44FF1567D85B90CD8016029C33D9DE2C992AC73A8155693DDE84FCBB760D88FEA847AEB13EF8058E11E81A7ED0666794272E362F60EF252BD5E3890D85EB6297F99BFA82A7FA94F33EC9804D02E50C56C7856C7B923987825C79A22BF9188AC61E936AC48A40B73EBE61C1C8724315AEA4D1E5AB2889C2251F9A771493955AC66503AC7
-20210510091517 2 6 100 3071 2 E2F748529B9B801FBAF3AE42C75013A5C4C959A756D496B01A6E1145DB55AA31F408A8DEA8B8573506C76D8AF81C9A3F4D5D4B838D34C30C54D3886448581ABD74D6D95F8B0D4DA21A8E3C6D127657A93354E028D65AC9CFFBCFBD0DEC0EA4F7CBB1018C9618612FB2A5837631AFC614AD2D5FC45EC872EC8816CCB96841A4DC14307159F83F694C90472DA3BB20E9EAC91D1F21770CDC6A037855520D80102005651A54BF12D9BAB8ADB4149ED37B5BD851825B596887DC4E47E55FC0D7B3AE7FFA43F95CCE340942FBEC7E593A16AEAC11CA1136902A2917BC096E8B16CA28D0AC2A58B46DA69B9908CFDB5DC16B391B4DD5C1A8346DB2CDB22447E44FF1567D85B90CD8016029C33D9DE2C992AC73A8155693DDE84FCBB760D88FEA847AEB13EF8058E11E81A7ED0666794272E362F60EF252BD5E3890D85EB6297F99BFA82A7FA94F33EC9804D02E50C56C7856C7B923987825C79A22BF9188AC61E936AC48A40B73EBE61C1C8724315AEA4D1E5AB2889C2251F9A771493955AC671C2453
-20210510091543 2 6 100 3071 5 E2F748529B9B801FBAF3AE42C75013A5C4C959A756D496B01A6E1145DB55AA31F408A8DEA8B8573506C76D8AF81C9A3F4D5D4B838D34C30C54D3886448581ABD74D6D95F8B0D4DA21A8E3C6D127657A93354E028D65AC9CFFBCFBD0DEC0EA4F7CBB1018C9618612FB2A5837631AFC614AD2D5FC45EC872EC8816CCB96841A4DC14307159F83F694C90472DA3BB20E9EAC91D1F21770CDC6A037855520D80102005651A54BF12D9BAB8ADB4149ED37B5BD851825B596887DC4E47E55FC0D7B3AE7FFA43F95CCE340942FBEC7E593A16AEAC11CA1136902A2917BC096E8B16CA28D0AC2A58B46DA69B9908CFDB5DC16B391B4DD5C1A8346DB2CDB22447E44FF1567D85B90CD8016029C33D9DE2C992AC73A8155693DDE84FCBB760D88FEA847AEB13EF8058E11E81A7ED0666794272E362F60EF252BD5E3890D85EB6297F99BFA82A7FA94F33EC9804D02E50C56C7856C7B923987825C79A22BF9188AC61E936AC48A40B73EBE61C1C8724315AEA4D1E5AB2889C2251F9A771493955AC6724D557
-20210510091752 2 6 100 3071 5 E2F748529B9B801FBAF3AE42C75013A5C4C959A756D496B01A6E1145DB55AA31F408A8DEA8B8573506C76D8AF81C9A3F4D5D4B838D34C30C54D3886448581ABD74D6D95F8B0D4DA21A8E3C6D127657A93354E028D65AC9CFFBCFBD0DEC0EA4F7CBB1018C9618612FB2A5837631AFC614AD2D5FC45EC872EC8816CCB96841A4DC14307159F83F694C90472DA3BB20E9EAC91D1F21770CDC6A037855520D80102005651A54BF12D9BAB8ADB4149ED37B5BD851825B596887DC4E47E55FC0D7B3AE7FFA43F95CCE340942FBEC7E593A16AEAC11CA1136902A2917BC096E8B16CA28D0AC2A58B46DA69B9908CFDB5DC16B391B4DD5C1A8346DB2CDB22447E44FF1567D85B90CD8016029C33D9DE2C992AC73A8155693DDE84FCBB760D88FEA847AEB13EF8058E11E81A7ED0666794272E362F60EF252BD5E3890D85EB6297F99BFA82A7FA94F33EC9804D02E50C56C7856C7B923987825C79A22BF9188AC61E936AC48A40B73EBE61C1C8724315AEA4D1E5AB2889C2251F9A771493955AC67729FB7
-20210510091814 2 6 100 3071 5 E2F748529B9B801FBAF3AE42C75013A5C4C959A756D496B01A6E1145DB55AA31F408A8DEA8B8573506C76D8AF81C9A3F4D5D4B838D34C30C54D3886448581ABD74D6D95F8B0D4DA21A8E3C6D127657A93354E028D65AC9CFFBCFBD0DEC0EA4F7CBB1018C9618612FB2A5837631AFC614AD2D5FC45EC872EC8816CCB96841A4DC14307159F83F694C90472DA3BB20E9EAC91D1F21770CDC6A037855520D80102005651A54BF12D9BAB8ADB4149ED37B5BD851825B596887DC4E47E55FC0D7B3AE7FFA43F95CCE340942FBEC7E593A16AEAC11CA1136902A2917BC096E8B16CA28D0AC2A58B46DA69B9908CFDB5DC16B391B4DD5C1A8346DB2CDB22447E44FF1567D85B90CD8016029C33D9DE2C992AC73A8155693DDE84FCBB760D88FEA847AEB13EF8058E11E81A7ED0666794272E362F60EF252BD5E3890D85EB6297F99BFA82A7FA94F33EC9804D02E50C56C7856C7B923987825C79A22BF9188AC61E936AC48A40B73EBE61C1C8724315AEA4D1E5AB2889C2251F9A771493955AC67785967
-20210510092259 2 6 100 3071 5 E2F748529B9B801FBAF3AE42C75013A5C4C959A756D496B01A6E1145DB55AA31F408A8DEA8B8573506C76D8AF81C9A3F4D5D4B838D34C30C54D3886448581ABD74D6D95F8B0D4DA21A8E3C6D127657A93354E028D65AC9CFFBCFBD0DEC0EA4F7CBB1018C9618612FB2A5837631AFC614AD2D5FC45EC872EC8816CCB96841A4DC14307159F83F694C90472DA3BB20E9EAC91D1F21770CDC6A037855520D80102005651A54BF12D9BAB8ADB4149ED37B5BD851825B596887DC4E47E55FC0D7B3AE7FFA43F95CCE340942FBEC7E593A16AEAC11CA1136902A2917BC096E8B16CA28D0AC2A58B46DA69B9908CFDB5DC16B391B4DD5C1A8346DB2CDB22447E44FF1567D85B90CD8016029C33D9DE2C992AC73A8155693DDE84FCBB760D88FEA847AEB13EF8058E11E81A7ED0666794272E362F60EF252BD5E3890D85EB6297F99BFA82A7FA94F33EC9804D02E50C56C7856C7B923987825C79A22BF9188AC61E936AC48A40B73EBE61C1C8724315AEA4D1E5AB2889C2251F9A771493955AC683152FF
-20210510092315 2 6 100 3071 5 E2F748529B9B801FBAF3AE42C75013A5C4C959A756D496B01A6E1145DB55AA31F408A8DEA8B8573506C76D8AF81C9A3F4D5D4B838D34C30C54D3886448581ABD74D6D95F8B0D4DA21A8E3C6D127657A93354E028D65AC9CFFBCFBD0DEC0EA4F7CBB1018C9618612FB2A5837631AFC614AD2D5FC45EC872EC8816CCB96841A4DC14307159F83F694C90472DA3BB20E9EAC91D1F21770CDC6A037855520D80102005651A54BF12D9BAB8ADB4149ED37B5BD851825B596887DC4E47E55FC0D7B3AE7FFA43F95CCE340942FBEC7E593A16AEAC11CA1136902A2917BC096E8B16CA28D0AC2A58B46DA69B9908CFDB5DC16B391B4DD5C1A8346DB2CDB22447E44FF1567D85B90CD8016029C33D9DE2C992AC73A8155693DDE84FCBB760D88FEA847AEB13EF8058E11E81A7ED0666794272E362F60EF252BD5E3890D85EB6297F99BFA82A7FA94F33EC9804D02E50C56C7856C7B923987825C79A22BF9188AC61E936AC48A40B73EBE61C1C8724315AEA4D1E5AB2889C2251F9A771493955AC68333ECF
-20210510092433 2 6 100 3071 5 E2F748529B9B801FBAF3AE42C75013A5C4C959A756D496B01A6E1145DB55AA31F408A8DEA8B8573506C76D8AF81C9A3F4D5D4B838D34C30C54D3886448581ABD74D6D95F8B0D4DA21A8E3C6D127657A93354E028D65AC9CFFBCFBD0DEC0EA4F7CBB1018C9618612FB2A5837631AFC614AD2D5FC45EC872EC8816CCB96841A4DC14307159F83F694C90472DA3BB20E9EAC91D1F21770CDC6A037855520D80102005651A54BF12D9BAB8ADB4149ED37B5BD851825B596887DC4E47E55FC0D7B3AE7FFA43F95CCE340942FBEC7E593A16AEAC11CA1136902A2917BC096E8B16CA28D0AC2A58B46DA69B9908CFDB5DC16B391B4DD5C1A8346DB2CDB22447E44FF1567D85B90CD8016029C33D9DE2C992AC73A8155693DDE84FCBB760D88FEA847AEB13EF8058E11E81A7ED0666794272E362F60EF252BD5E3890D85EB6297F99BFA82A7FA94F33EC9804D02E50C56C7856C7B923987825C79A22BF9188AC61E936AC48A40B73EBE61C1C8724315AEA4D1E5AB2889C2251F9A771493955AC685EC3F7
-20210510092808 2 6 100 3071 5 E2F748529B9B801FBAF3AE42C75013A5C4C959A756D496B01A6E1145DB55AA31F408A8DEA8B8573506C76D8AF81C9A3F4D5D4B838D34C30C54D3886448581ABD74D6D95F8B0D4DA21A8E3C6D127657A93354E028D65AC9CFFBCFBD0DEC0EA4F7CBB1018C9618612FB2A5837631AFC614AD2D5FC45EC872EC8816CCB96841A4DC14307159F83F694C90472DA3BB20E9EAC91D1F21770CDC6A037855520D80102005651A54BF12D9BAB8ADB4149ED37B5BD851825B596887DC4E47E55FC0D7B3AE7FFA43F95CCE340942FBEC7E593A16AEAC11CA1136902A2917BC096E8B16CA28D0AC2A58B46DA69B9908CFDB5DC16B391B4DD5C1A8346DB2CDB22447E44FF1567D85B90CD8016029C33D9DE2C992AC73A8155693DDE84FCBB760D88FEA847AEB13EF8058E11E81A7ED0666794272E362F60EF252BD5E3890D85EB6297F99BFA82A7FA94F33EC9804D02E50C56C7856C7B923987825C79A22BF9188AC61E936AC48A40B73EBE61C1C8724315AEA4D1E5AB2889C2251F9A771493955AC68E5574F
-20210510093246 2 6 100 3071 5 E2F748529B9B801FBAF3AE42C75013A5C4C959A756D496B01A6E1145DB55AA31F408A8DEA8B8573506C76D8AF81C9A3F4D5D4B838D34C30C54D3886448581ABD74D6D95F8B0D4DA21A8E3C6D127657A93354E028D65AC9CFFBCFBD0DEC0EA4F7CBB1018C9618612FB2A5837631AFC614AD2D5FC45EC872EC8816CCB96841A4DC14307159F83F694C90472DA3BB20E9EAC91D1F21770CDC6A037855520D80102005651A54BF12D9BAB8ADB4149ED37B5BD851825B596887DC4E47E55FC0D7B3AE7FFA43F95CCE340942FBEC7E593A16AEAC11CA1136902A2917BC096E8B16CA28D0AC2A58B46DA69B9908CFDB5DC16B391B4DD5C1A8346DB2CDB22447E44FF1567D85B90CD8016029C33D9DE2C992AC73A8155693DDE84FCBB760D88FEA847AEB13EF8058E11E81A7ED0666794272E362F60EF252BD5E3890D85EB6297F99BFA82A7FA94F33EC9804D02E50C56C7856C7B923987825C79A22BF9188AC61E936AC48A40B73EBE61C1C8724315AEA4D1E5AB2889C2251F9A771493955AC6995B96F
-20210510104920 2 6 100 4095 2 E3508586273EAF882533D9104A0F6FF5818343120ECFA2DF8002402FEA175CD1C418C3CBCE3B8C3B8897FA169C9C9521399321A353ED16DE7EDFD5F28F3F8C1B5F52F368C463B3A1AB5CF5816666973A70FA756A6A2F70313D2830D490541C09F40E7ABDCA7EE76A625F19B87D4336196CBEBEB5491E4365D7DFDF56384A3DFE662628171820829B5628694A4B4915954CF89391F3C06D9A4DF618CD54406A1198F4DF74EA2DDF55244076A5BD9295DD516B9346A98EC225F16968CA804B94F2CF67B0A4CC23A679766476CD8033CA3532230AB83092D78AB138653BAC3FE96C2E6A91387E2D7263B72CC0FEB5443233BD5C137351A4EEC65954845938DE8137C0E3F70D9932E18E4C771BD0ED3D11CDAF4EA9745D3C2C8C32E2F4C7302425A96720F939C9A32BA9475EC974D57326605F5B0402FD6431096AC965246DDEA5AD8B2B0C24A86FDA4CC9397DCE101DF441AEC0FB887CB17F61A25D2C5945BA2DC45766E939CE1210C5D0E9A8BD229EA308E995B6A99164BAC0F3985010C4AC7C36F0BBB3118A17FB1963E865AF49FD77FB4E1BA3D9551C3FAEA77CCD7A7D588294DE9EA3B8DB6A8CC98DA8C567CDAB709A287F5D53453267841E6113B3A06DF01038B6A83FA6AA4A645BB43D276B71C6EA65A98A4E9C839D38CFEDCE176C5480E8BD8AEEAB20FC1C89B889672D980C5C121545CFD4BECECE53E9CEE27EC48D7683
-20210510110208 2 6 100 4095 5 E3508586273EAF882533D9104A0F6FF5818343120ECFA2DF8002402FEA175CD1C418C3CBCE3B8C3B8897FA169C9C9521399321A353ED16DE7EDFD5F28F3F8C1B5F52F368C463B3A1AB5CF5816666973A70FA756A6A2F70313D2830D490541C09F40E7ABDCA7EE76A625F19B87D4336196CBEBEB5491E4365D7DFDF56384A3DFE662628171820829B5628694A4B4915954CF89391F3C06D9A4DF618CD54406A1198F4DF74EA2DDF55244076A5BD9295DD516B9346A98EC225F16968CA804B94F2CF67B0A4CC23A679766476CD8033CA3532230AB83092D78AB138653BAC3FE96C2E6A91387E2D7263B72CC0FEB5443233BD5C137351A4EEC65954845938DE8137C0E3F70D9932E18E4C771BD0ED3D11CDAF4EA9745D3C2C8C32E2F4C7302425A96720F939C9A32BA9475EC974D57326605F5B0402FD6431096AC965246DDEA5AD8B2B0C24A86FDA4CC9397DCE101DF441AEC0FB887CB17F61A25D2C5945BA2DC45766E939CE1210C5D0E9A8BD229EA308E995B6A99164BAC0F3985010C4AC7C36F0BBB3118A17FB1963E865AF49FD77FB4E1BA3D9551C3FAEA77CCD7A7D588294DE9EA3B8DB6A8CC98DA8C567CDAB709A287F5D53453267841E6113B3A06DF01038B6A83FA6AA4A645BB43D276B71C6EA65A98A4E9C839D38CFEDCE176C5480E8BD8AEEAB20FC1C89B889672D980C5C121545CFD4BECECE53E9CEE27EC56E987F
-20210510111200 2 6 100 4095 2 E3508586273EAF882533D9104A0F6FF5818343120ECFA2DF8002402FEA175CD1C418C3CBCE3B8C3B8897FA169C9C9521399321A353ED16DE7EDFD5F28F3F8C1B5F52F368C463B3A1AB5CF5816666973A70FA756A6A2F70313D2830D490541C09F40E7ABDCA7EE76A625F19B87D4336196CBEBEB5491E4365D7DFDF56384A3DFE662628171820829B5628694A4B4915954CF89391F3C06D9A4DF618CD54406A1198F4DF74EA2DDF55244076A5BD9295DD516B9346A98EC225F16968CA804B94F2CF67B0A4CC23A679766476CD8033CA3532230AB83092D78AB138653BAC3FE96C2E6A91387E2D7263B72CC0FEB5443233BD5C137351A4EEC65954845938DE8137C0E3F70D9932E18E4C771BD0ED3D11CDAF4EA9745D3C2C8C32E2F4C7302425A96720F939C9A32BA9475EC974D57326605F5B0402FD6431096AC965246DDEA5AD8B2B0C24A86FDA4CC9397DCE101DF441AEC0FB887CB17F61A25D2C5945BA2DC45766E939CE1210C5D0E9A8BD229EA308E995B6A99164BAC0F3985010C4AC7C36F0BBB3118A17FB1963E865AF49FD77FB4E1BA3D9551C3FAEA77CCD7A7D588294DE9EA3B8DB6A8CC98DA8C567CDAB709A287F5D53453267841E6113B3A06DF01038B6A83FA6AA4A645BB43D276B71C6EA65A98A4E9C839D38CFEDCE176C5480E8BD8AEEAB20FC1C89B889672D980C5C121545CFD4BECECE53E9CEE27EC618B3B3
-20210510112429 2 6 100 4095 2 E3508586273EAF882533D9104A0F6FF5818343120ECFA2DF8002402FEA175CD1C418C3CBCE3B8C3B8897FA169C9C9521399321A353ED16DE7EDFD5F28F3F8C1B5F52F368C463B3A1AB5CF5816666973A70FA756A6A2F70313D2830D490541C09F40E7ABDCA7EE76A625F19B87D4336196CBEBEB5491E4365D7DFDF56384A3DFE662628171820829B5628694A4B4915954CF89391F3C06D9A4DF618CD54406A1198F4DF74EA2DDF55244076A5BD9295DD516B9346A98EC225F16968CA804B94F2CF67B0A4CC23A679766476CD8033CA3532230AB83092D78AB138653BAC3FE96C2E6A91387E2D7263B72CC0FEB5443233BD5C137351A4EEC65954845938DE8137C0E3F70D9932E18E4C771BD0ED3D11CDAF4EA9745D3C2C8C32E2F4C7302425A96720F939C9A32BA9475EC974D57326605F5B0402FD6431096AC965246DDEA5AD8B2B0C24A86FDA4CC9397DCE101DF441AEC0FB887CB17F61A25D2C5945BA2DC45766E939CE1210C5D0E9A8BD229EA308E995B6A99164BAC0F3985010C4AC7C36F0BBB3118A17FB1963E865AF49FD77FB4E1BA3D9551C3FAEA77CCD7A7D588294DE9EA3B8DB6A8CC98DA8C567CDAB709A287F5D53453267841E6113B3A06DF01038B6A83FA6AA4A645BB43D276B71C6EA65A98A4E9C839D38CFEDCE176C5480E8BD8AEEAB20FC1C89B889672D980C5C121545CFD4BECECE53E9CEE27EC6F9E69B
-20210510112617 2 6 100 4095 2 E3508586273EAF882533D9104A0F6FF5818343120ECFA2DF8002402FEA175CD1C418C3CBCE3B8C3B8897FA169C9C9521399321A353ED16DE7EDFD5F28F3F8C1B5F52F368C463B3A1AB5CF5816666973A70FA756A6A2F70313D2830D490541C09F40E7ABDCA7EE76A625F19B87D4336196CBEBEB5491E4365D7DFDF56384A3DFE662628171820829B5628694A4B4915954CF89391F3C06D9A4DF618CD54406A1198F4DF74EA2DDF55244076A5BD9295DD516B9346A98EC225F16968CA804B94F2CF67B0A4CC23A679766476CD8033CA3532230AB83092D78AB138653BAC3FE96C2E6A91387E2D7263B72CC0FEB5443233BD5C137351A4EEC65954845938DE8137C0E3F70D9932E18E4C771BD0ED3D11CDAF4EA9745D3C2C8C32E2F4C7302425A96720F939C9A32BA9475EC974D57326605F5B0402FD6431096AC965246DDEA5AD8B2B0C24A86FDA4CC9397DCE101DF441AEC0FB887CB17F61A25D2C5945BA2DC45766E939CE1210C5D0E9A8BD229EA308E995B6A99164BAC0F3985010C4AC7C36F0BBB3118A17FB1963E865AF49FD77FB4E1BA3D9551C3FAEA77CCD7A7D588294DE9EA3B8DB6A8CC98DA8C567CDAB709A287F5D53453267841E6113B3A06DF01038B6A83FA6AA4A645BB43D276B71C6EA65A98A4E9C839D38CFEDCE176C5480E8BD8AEEAB20FC1C89B889672D980C5C121545CFD4BECECE53E9CEE27EC7137A93
-20210510120850 2 6 100 4095 5 E3508586273EAF882533D9104A0F6FF5818343120ECFA2DF8002402FEA175CD1C418C3CBCE3B8C3B8897FA169C9C9521399321A353ED16DE7EDFD5F28F3F8C1B5F52F368C463B3A1AB5CF5816666973A70FA756A6A2F70313D2830D490541C09F40E7ABDCA7EE76A625F19B87D4336196CBEBEB5491E4365D7DFDF56384A3DFE662628171820829B5628694A4B4915954CF89391F3C06D9A4DF618CD54406A1198F4DF74EA2DDF55244076A5BD9295DD516B9346A98EC225F16968CA804B94F2CF67B0A4CC23A679766476CD8033CA3532230AB83092D78AB138653BAC3FE96C2E6A91387E2D7263B72CC0FEB5443233BD5C137351A4EEC65954845938DE8137C0E3F70D9932E18E4C771BD0ED3D11CDAF4EA9745D3C2C8C32E2F4C7302425A96720F939C9A32BA9475EC974D57326605F5B0402FD6431096AC965246DDEA5AD8B2B0C24A86FDA4CC9397DCE101DF441AEC0FB887CB17F61A25D2C5945BA2DC45766E939CE1210C5D0E9A8BD229EA308E995B6A99164BAC0F3985010C4AC7C36F0BBB3118A17FB1963E865AF49FD77FB4E1BA3D9551C3FAEA77CCD7A7D588294DE9EA3B8DB6A8CC98DA8C567CDAB709A287F5D53453267841E6113B3A06DF01038B6A83FA6AA4A645BB43D276B71C6EA65A98A4E9C839D38CFEDCE176C5480E8BD8AEEAB20FC1C89B889672D980C5C121545CFD4BECECE53E9CEE27ECA1DD60F
-20210510121344 2 6 100 4095 5 E3508586273EAF882533D9104A0F6FF5818343120ECFA2DF8002402FEA175CD1C418C3CBCE3B8C3B8897FA169C9C9521399321A353ED16DE7EDFD5F28F3F8C1B5F52F368C463B3A1AB5CF5816666973A70FA756A6A2F70313D2830D490541C09F40E7ABDCA7EE76A625F19B87D4336196CBEBEB5491E4365D7DFDF56384A3DFE662628171820829B5628694A4B4915954CF89391F3C06D9A4DF618CD54406A1198F4DF74EA2DDF55244076A5BD9295DD516B9346A98EC225F16968CA804B94F2CF67B0A4CC23A679766476CD8033CA3532230AB83092D78AB138653BAC3FE96C2E6A91387E2D7263B72CC0FEB5443233BD5C137351A4EEC65954845938DE8137C0E3F70D9932E18E4C771BD0ED3D11CDAF4EA9745D3C2C8C32E2F4C7302425A96720F939C9A32BA9475EC974D57326605F5B0402FD6431096AC965246DDEA5AD8B2B0C24A86FDA4CC9397DCE101DF441AEC0FB887CB17F61A25D2C5945BA2DC45766E939CE1210C5D0E9A8BD229EA308E995B6A99164BAC0F3985010C4AC7C36F0BBB3118A17FB1963E865AF49FD77FB4E1BA3D9551C3FAEA77CCD7A7D588294DE9EA3B8DB6A8CC98DA8C567CDAB709A287F5D53453267841E6113B3A06DF01038B6A83FA6AA4A645BB43D276B71C6EA65A98A4E9C839D38CFEDCE176C5480E8BD8AEEAB20FC1C89B889672D980C5C121545CFD4BECECE53E9CEE27ECA6D1937
-20210510123540 2 6 100 4095 2 E3508586273EAF882533D9104A0F6FF5818343120ECFA2DF8002402FEA175CD1C418C3CBCE3B8C3B8897FA169C9C9521399321A353ED16DE7EDFD5F28F3F8C1B5F52F368C463B3A1AB5CF5816666973A70FA756A6A2F70313D2830D490541C09F40E7ABDCA7EE76A625F19B87D4336196CBEBEB5491E4365D7DFDF56384A3DFE662628171820829B5628694A4B4915954CF89391F3C06D9A4DF618CD54406A1198F4DF74EA2DDF55244076A5BD9295DD516B9346A98EC225F16968CA804B94F2CF67B0A4CC23A679766476CD8033CA3532230AB83092D78AB138653BAC3FE96C2E6A91387E2D7263B72CC0FEB5443233BD5C137351A4EEC65954845938DE8137C0E3F70D9932E18E4C771BD0ED3D11CDAF4EA9745D3C2C8C32E2F4C7302425A96720F939C9A32BA9475EC974D57326605F5B0402FD6431096AC965246DDEA5AD8B2B0C24A86FDA4CC9397DCE101DF441AEC0FB887CB17F61A25D2C5945BA2DC45766E939CE1210C5D0E9A8BD229EA308E995B6A99164BAC0F3985010C4AC7C36F0BBB3118A17FB1963E865AF49FD77FB4E1BA3D9551C3FAEA77CCD7A7D588294DE9EA3B8DB6A8CC98DA8C567CDAB709A287F5D53453267841E6113B3A06DF01038B6A83FA6AA4A645BB43D276B71C6EA65A98A4E9C839D38CFEDCE176C5480E8BD8AEEAB20FC1C89B889672D980C5C121545CFD4BECECE53E9CEE27ECBF2F10B
-20210510124120 2 6 100 4095 2 E3508586273EAF882533D9104A0F6FF5818343120ECFA2DF8002402FEA175CD1C418C3CBCE3B8C3B8897FA169C9C9521399321A353ED16DE7EDFD5F28F3F8C1B5F52F368C463B3A1AB5CF5816666973A70FA756A6A2F70313D2830D490541C09F40E7ABDCA7EE76A625F19B87D4336196CBEBEB5491E4365D7DFDF56384A3DFE662628171820829B5628694A4B4915954CF89391F3C06D9A4DF618CD54406A1198F4DF74EA2DDF55244076A5BD9295DD516B9346A98EC225F16968CA804B94F2CF67B0A4CC23A679766476CD8033CA3532230AB83092D78AB138653BAC3FE96C2E6A91387E2D7263B72CC0FEB5443233BD5C137351A4EEC65954845938DE8137C0E3F70D9932E18E4C771BD0ED3D11CDAF4EA9745D3C2C8C32E2F4C7302425A96720F939C9A32BA9475EC974D57326605F5B0402FD6431096AC965246DDEA5AD8B2B0C24A86FDA4CC9397DCE101DF441AEC0FB887CB17F61A25D2C5945BA2DC45766E939CE1210C5D0E9A8BD229EA308E995B6A99164BAC0F3985010C4AC7C36F0BBB3118A17FB1963E865AF49FD77FB4E1BA3D9551C3FAEA77CCD7A7D588294DE9EA3B8DB6A8CC98DA8C567CDAB709A287F5D53453267841E6113B3A06DF01038B6A83FA6AA4A645BB43D276B71C6EA65A98A4E9C839D38CFEDCE176C5480E8BD8AEEAB20FC1C89B889672D980C5C121545CFD4BECECE53E9CEE27ECC51479B
-20210510125020 2 6 100 4095 2 E3508586273EAF882533D9104A0F6FF5818343120ECFA2DF8002402FEA175CD1C418C3CBCE3B8C3B8897FA169C9C9521399321A353ED16DE7EDFD5F28F3F8C1B5F52F368C463B3A1AB5CF5816666973A70FA756A6A2F70313D2830D490541C09F40E7ABDCA7EE76A625F19B87D4336196CBEBEB5491E4365D7DFDF56384A3DFE662628171820829B5628694A4B4915954CF89391F3C06D9A4DF618CD54406A1198F4DF74EA2DDF55244076A5BD9295DD516B9346A98EC225F16968CA804B94F2CF67B0A4CC23A679766476CD8033CA3532230AB83092D78AB138653BAC3FE96C2E6A91387E2D7263B72CC0FEB5443233BD5C137351A4EEC65954845938DE8137C0E3F70D9932E18E4C771BD0ED3D11CDAF4EA9745D3C2C8C32E2F4C7302425A96720F939C9A32BA9475EC974D57326605F5B0402FD6431096AC965246DDEA5AD8B2B0C24A86FDA4CC9397DCE101DF441AEC0FB887CB17F61A25D2C5945BA2DC45766E939CE1210C5D0E9A8BD229EA308E995B6A99164BAC0F3985010C4AC7C36F0BBB3118A17FB1963E865AF49FD77FB4E1BA3D9551C3FAEA77CCD7A7D588294DE9EA3B8DB6A8CC98DA8C567CDAB709A287F5D53453267841E6113B3A06DF01038B6A83FA6AA4A645BB43D276B71C6EA65A98A4E9C839D38CFEDCE176C5480E8BD8AEEAB20FC1C89B889672D980C5C121545CFD4BECECE53E9CEE27ECCED89CB
-20210510125127 2 6 100 4095 2 E3508586273EAF882533D9104A0F6FF5818343120ECFA2DF8002402FEA175CD1C418C3CBCE3B8C3B8897FA169C9C9521399321A353ED16DE7EDFD5F28F3F8C1B5F52F368C463B3A1AB5CF5816666973A70FA756A6A2F70313D2830D490541C09F40E7ABDCA7EE76A625F19B87D4336196CBEBEB5491E4365D7DFDF56384A3DFE662628171820829B5628694A4B4915954CF89391F3C06D9A4DF618CD54406A1198F4DF74EA2DDF55244076A5BD9295DD516B9346A98EC225F16968CA804B94F2CF67B0A4CC23A679766476CD8033CA3532230AB83092D78AB138653BAC3FE96C2E6A91387E2D7263B72CC0FEB5443233BD5C137351A4EEC65954845938DE8137C0E3F70D9932E18E4C771BD0ED3D11CDAF4EA9745D3C2C8C32E2F4C7302425A96720F939C9A32BA9475EC974D57326605F5B0402FD6431096AC965246DDEA5AD8B2B0C24A86FDA4CC9397DCE101DF441AEC0FB887CB17F61A25D2C5945BA2DC45766E939CE1210C5D0E9A8BD229EA308E995B6A99164BAC0F3985010C4AC7C36F0BBB3118A17FB1963E865AF49FD77FB4E1BA3D9551C3FAEA77CCD7A7D588294DE9EA3B8DB6A8CC98DA8C567CDAB709A287F5D53453267841E6113B3A06DF01038B6A83FA6AA4A645BB43D276B71C6EA65A98A4E9C839D38CFEDCE176C5480E8BD8AEEAB20FC1C89B889672D980C5C121545CFD4BECECE53E9CEE27ECCF8FDBB
-20210510130049 2 6 100 4095 2 E3508586273EAF882533D9104A0F6FF5818343120ECFA2DF8002402FEA175CD1C418C3CBCE3B8C3B8897FA169C9C9521399321A353ED16DE7EDFD5F28F3F8C1B5F52F368C463B3A1AB5CF5816666973A70FA756A6A2F70313D2830D490541C09F40E7ABDCA7EE76A625F19B87D4336196CBEBEB5491E4365D7DFDF56384A3DFE662628171820829B5628694A4B4915954CF89391F3C06D9A4DF618CD54406A1198F4DF74EA2DDF55244076A5BD9295DD516B9346A98EC225F16968CA804B94F2CF67B0A4CC23A679766476CD8033CA3532230AB83092D78AB138653BAC3FE96C2E6A91387E2D7263B72CC0FEB5443233BD5C137351A4EEC65954845938DE8137C0E3F70D9932E18E4C771BD0ED3D11CDAF4EA9745D3C2C8C32E2F4C7302425A96720F939C9A32BA9475EC974D57326605F5B0402FD6431096AC965246DDEA5AD8B2B0C24A86FDA4CC9397DCE101DF441AEC0FB887CB17F61A25D2C5945BA2DC45766E939CE1210C5D0E9A8BD229EA308E995B6A99164BAC0F3985010C4AC7C36F0BBB3118A17FB1963E865AF49FD77FB4E1BA3D9551C3FAEA77CCD7A7D588294DE9EA3B8DB6A8CC98DA8C567CDAB709A287F5D53453267841E6113B3A06DF01038B6A83FA6AA4A645BB43D276B71C6EA65A98A4E9C839D38CFEDCE176C5480E8BD8AEEAB20FC1C89B889672D980C5C121545CFD4BECECE53E9CEE27ECD9C8A1B
-20210510131341 2 6 100 4095 5 E3508586273EAF882533D9104A0F6FF5818343120ECFA2DF8002402FEA175CD1C418C3CBCE3B8C3B8897FA169C9C9521399321A353ED16DE7EDFD5F28F3F8C1B5F52F368C463B3A1AB5CF5816666973A70FA756A6A2F70313D2830D490541C09F40E7ABDCA7EE76A625F19B87D4336196CBEBEB5491E4365D7DFDF56384A3DFE662628171820829B5628694A4B4915954CF89391F3C06D9A4DF618CD54406A1198F4DF74EA2DDF55244076A5BD9295DD516B9346A98EC225F16968CA804B94F2CF67B0A4CC23A679766476CD8033CA3532230AB83092D78AB138653BAC3FE96C2E6A91387E2D7263B72CC0FEB5443233BD5C137351A4EEC65954845938DE8137C0E3F70D9932E18E4C771BD0ED3D11CDAF4EA9745D3C2C8C32E2F4C7302425A96720F939C9A32BA9475EC974D57326605F5B0402FD6431096AC965246DDEA5AD8B2B0C24A86FDA4CC9397DCE101DF441AEC0FB887CB17F61A25D2C5945BA2DC45766E939CE1210C5D0E9A8BD229EA308E995B6A99164BAC0F3985010C4AC7C36F0BBB3118A17FB1963E865AF49FD77FB4E1BA3D9551C3FAEA77CCD7A7D588294DE9EA3B8DB6A8CC98DA8C567CDAB709A287F5D53453267841E6113B3A06DF01038B6A83FA6AA4A645BB43D276B71C6EA65A98A4E9C839D38CFEDCE176C5480E8BD8AEEAB20FC1C89B889672D980C5C121545CFD4BECECE53E9CEE27ECE7F859F
-20210510140804 2 6 100 4095 5 E3508586273EAF882533D9104A0F6FF5818343120ECFA2DF8002402FEA175CD1C418C3CBCE3B8C3B8897FA169C9C9521399321A353ED16DE7EDFD5F28F3F8C1B5F52F368C463B3A1AB5CF5816666973A70FA756A6A2F70313D2830D490541C09F40E7ABDCA7EE76A625F19B87D4336196CBEBEB5491E4365D7DFDF56384A3DFE662628171820829B5628694A4B4915954CF89391F3C06D9A4DF618CD54406A1198F4DF74EA2DDF55244076A5BD9295DD516B9346A98EC225F16968CA804B94F2CF67B0A4CC23A679766476CD8033CA3532230AB83092D78AB138653BAC3FE96C2E6A91387E2D7263B72CC0FEB5443233BD5C137351A4EEC65954845938DE8137C0E3F70D9932E18E4C771BD0ED3D11CDAF4EA9745D3C2C8C32E2F4C7302425A96720F939C9A32BA9475EC974D57326605F5B0402FD6431096AC965246DDEA5AD8B2B0C24A86FDA4CC9397DCE101DF441AEC0FB887CB17F61A25D2C5945BA2DC45766E939CE1210C5D0E9A8BD229EA308E995B6A99164BAC0F3985010C4AC7C36F0BBB3118A17FB1963E865AF49FD77FB4E1BA3D9551C3FAEA77CCD7A7D588294DE9EA3B8DB6A8CC98DA8C567CDAB709A287F5D53453267841E6113B3A06DF01038B6A83FA6AA4A645BB43D276B71C6EA65A98A4E9C839D38CFEDCE176C5480E8BD8AEEAB20FC1C89B889672D980C5C121545CFD4BECECE53E9CEE27ED25225A7
-20210510140916 2 6 100 4095 5 E3508586273EAF882533D9104A0F6FF5818343120ECFA2DF8002402FEA175CD1C418C3CBCE3B8C3B8897FA169C9C9521399321A353ED16DE7EDFD5F28F3F8C1B5F52F368C463B3A1AB5CF5816666973A70FA756A6A2F70313D2830D490541C09F40E7ABDCA7EE76A625F19B87D4336196CBEBEB5491E4365D7DFDF56384A3DFE662628171820829B5628694A4B4915954CF89391F3C06D9A4DF618CD54406A1198F4DF74EA2DDF55244076A5BD9295DD516B9346A98EC225F16968CA804B94F2CF67B0A4CC23A679766476CD8033CA3532230AB83092D78AB138653BAC3FE96C2E6A91387E2D7263B72CC0FEB5443233BD5C137351A4EEC65954845938DE8137C0E3F70D9932E18E4C771BD0ED3D11CDAF4EA9745D3C2C8C32E2F4C7302425A96720F939C9A32BA9475EC974D57326605F5B0402FD6431096AC965246DDEA5AD8B2B0C24A86FDA4CC9397DCE101DF441AEC0FB887CB17F61A25D2C5945BA2DC45766E939CE1210C5D0E9A8BD229EA308E995B6A99164BAC0F3985010C4AC7C36F0BBB3118A17FB1963E865AF49FD77FB4E1BA3D9551C3FAEA77CCD7A7D588294DE9EA3B8DB6A8CC98DA8C567CDAB709A287F5D53453267841E6113B3A06DF01038B6A83FA6AA4A645BB43D276B71C6EA65A98A4E9C839D38CFEDCE176C5480E8BD8AEEAB20FC1C89B889672D980C5C121545CFD4BECECE53E9CEE27ED25E3747
-20210510141423 2 6 100 4095 2 E3508586273EAF882533D9104A0F6FF5818343120ECFA2DF8002402FEA175CD1C418C3CBCE3B8C3B8897FA169C9C9521399321A353ED16DE7EDFD5F28F3F8C1B5F52F368C463B3A1AB5CF5816666973A70FA756A6A2F70313D2830D490541C09F40E7ABDCA7EE76A625F19B87D4336196CBEBEB5491E4365D7DFDF56384A3DFE662628171820829B5628694A4B4915954CF89391F3C06D9A4DF618CD54406A1198F4DF74EA2DDF55244076A5BD9295DD516B9346A98EC225F16968CA804B94F2CF67B0A4CC23A679766476CD8033CA3532230AB83092D78AB138653BAC3FE96C2E6A91387E2D7263B72CC0FEB5443233BD5C137351A4EEC65954845938DE8137C0E3F70D9932E18E4C771BD0ED3D11CDAF4EA9745D3C2C8C32E2F4C7302425A96720F939C9A32BA9475EC974D57326605F5B0402FD6431096AC965246DDEA5AD8B2B0C24A86FDA4CC9397DCE101DF441AEC0FB887CB17F61A25D2C5945BA2DC45766E939CE1210C5D0E9A8BD229EA308E995B6A99164BAC0F3985010C4AC7C36F0BBB3118A17FB1963E865AF49FD77FB4E1BA3D9551C3FAEA77CCD7A7D588294DE9EA3B8DB6A8CC98DA8C567CDAB709A287F5D53453267841E6113B3A06DF01038B6A83FA6AA4A645BB43D276B71C6EA65A98A4E9C839D38CFEDCE176C5480E8BD8AEEAB20FC1C89B889672D980C5C121545CFD4BECECE53E9CEE27ED2B414E3
-20210510144848 2 6 100 4095 2 E3508586273EAF882533D9104A0F6FF5818343120ECFA2DF8002402FEA175CD1C418C3CBCE3B8C3B8897FA169C9C9521399321A353ED16DE7EDFD5F28F3F8C1B5F52F368C463B3A1AB5CF5816666973A70FA756A6A2F70313D2830D490541C09F40E7ABDCA7EE76A625F19B87D4336196CBEBEB5491E4365D7DFDF56384A3DFE662628171820829B5628694A4B4915954CF89391F3C06D9A4DF618CD54406A1198F4DF74EA2DDF55244076A5BD9295DD516B9346A98EC225F16968CA804B94F2CF67B0A4CC23A679766476CD8033CA3532230AB83092D78AB138653BAC3FE96C2E6A91387E2D7263B72CC0FEB5443233BD5C137351A4EEC65954845938DE8137C0E3F70D9932E18E4C771BD0ED3D11CDAF4EA9745D3C2C8C32E2F4C7302425A96720F939C9A32BA9475EC974D57326605F5B0402FD6431096AC965246DDEA5AD8B2B0C24A86FDA4CC9397DCE101DF441AEC0FB887CB17F61A25D2C5945BA2DC45766E939CE1210C5D0E9A8BD229EA308E995B6A99164BAC0F3985010C4AC7C36F0BBB3118A17FB1963E865AF49FD77FB4E1BA3D9551C3FAEA77CCD7A7D588294DE9EA3B8DB6A8CC98DA8C567CDAB709A287F5D53453267841E6113B3A06DF01038B6A83FA6AA4A645BB43D276B71C6EA65A98A4E9C839D38CFEDCE176C5480E8BD8AEEAB20FC1C89B889672D980C5C121545CFD4BECECE53E9CEE27ED519CD53
-20210510150859 2 6 100 4095 2 E3508586273EAF882533D9104A0F6FF5818343120ECFA2DF8002402FEA175CD1C418C3CBCE3B8C3B8897FA169C9C9521399321A353ED16DE7EDFD5F28F3F8C1B5F52F368C463B3A1AB5CF5816666973A70FA756A6A2F70313D2830D490541C09F40E7ABDCA7EE76A625F19B87D4336196CBEBEB5491E4365D7DFDF56384A3DFE662628171820829B5628694A4B4915954CF89391F3C06D9A4DF618CD54406A1198F4DF74EA2DDF55244076A5BD9295DD516B9346A98EC225F16968CA804B94F2CF67B0A4CC23A679766476CD8033CA3532230AB83092D78AB138653BAC3FE96C2E6A91387E2D7263B72CC0FEB5443233BD5C137351A4EEC65954845938DE8137C0E3F70D9932E18E4C771BD0ED3D11CDAF4EA9745D3C2C8C32E2F4C7302425A96720F939C9A32BA9475EC974D57326605F5B0402FD6431096AC965246DDEA5AD8B2B0C24A86FDA4CC9397DCE101DF441AEC0FB887CB17F61A25D2C5945BA2DC45766E939CE1210C5D0E9A8BD229EA308E995B6A99164BAC0F3985010C4AC7C36F0BBB3118A17FB1963E865AF49FD77FB4E1BA3D9551C3FAEA77CCD7A7D588294DE9EA3B8DB6A8CC98DA8C567CDAB709A287F5D53453267841E6113B3A06DF01038B6A83FA6AA4A645BB43D276B71C6EA65A98A4E9C839D38CFEDCE176C5480E8BD8AEEAB20FC1C89B889672D980C5C121545CFD4BECECE53E9CEE27ED68073DB
-20210510151356 2 6 100 4095 2 E3508586273EAF882533D9104A0F6FF5818343120ECFA2DF8002402FEA175CD1C418C3CBCE3B8C3B8897FA169C9C9521399321A353ED16DE7EDFD5F28F3F8C1B5F52F368C463B3A1AB5CF5816666973A70FA756A6A2F70313D2830D490541C09F40E7ABDCA7EE76A625F19B87D4336196CBEBEB5491E4365D7DFDF56384A3DFE662628171820829B5628694A4B4915954CF89391F3C06D9A4DF618CD54406A1198F4DF74EA2DDF55244076A5BD9295DD516B9346A98EC225F16968CA804B94F2CF67B0A4CC23A679766476CD8033CA3532230AB83092D78AB138653BAC3FE96C2E6A91387E2D7263B72CC0FEB5443233BD5C137351A4EEC65954845938DE8137C0E3F70D9932E18E4C771BD0ED3D11CDAF4EA9745D3C2C8C32E2F4C7302425A96720F939C9A32BA9475EC974D57326605F5B0402FD6431096AC965246DDEA5AD8B2B0C24A86FDA4CC9397DCE101DF441AEC0FB887CB17F61A25D2C5945BA2DC45766E939CE1210C5D0E9A8BD229EA308E995B6A99164BAC0F3985010C4AC7C36F0BBB3118A17FB1963E865AF49FD77FB4E1BA3D9551C3FAEA77CCD7A7D588294DE9EA3B8DB6A8CC98DA8C567CDAB709A287F5D53453267841E6113B3A06DF01038B6A83FA6AA4A645BB43D276B71C6EA65A98A4E9C839D38CFEDCE176C5480E8BD8AEEAB20FC1C89B889672D980C5C121545CFD4BECECE53E9CEE27ED6D0558B
-20210510151823 2 6 100 4095 2 E3508586273EAF882533D9104A0F6FF5818343120ECFA2DF8002402FEA175CD1C418C3CBCE3B8C3B8897FA169C9C9521399321A353ED16DE7EDFD5F28F3F8C1B5F52F368C463B3A1AB5CF5816666973A70FA756A6A2F70313D2830D490541C09F40E7ABDCA7EE76A625F19B87D4336196CBEBEB5491E4365D7DFDF56384A3DFE662628171820829B5628694A4B4915954CF89391F3C06D9A4DF618CD54406A1198F4DF74EA2DDF55244076A5BD9295DD516B9346A98EC225F16968CA804B94F2CF67B0A4CC23A679766476CD8033CA3532230AB83092D78AB138653BAC3FE96C2E6A91387E2D7263B72CC0FEB5443233BD5C137351A4EEC65954845938DE8137C0E3F70D9932E18E4C771BD0ED3D11CDAF4EA9745D3C2C8C32E2F4C7302425A96720F939C9A32BA9475EC974D57326605F5B0402FD6431096AC965246DDEA5AD8B2B0C24A86FDA4CC9397DCE101DF441AEC0FB887CB17F61A25D2C5945BA2DC45766E939CE1210C5D0E9A8BD229EA308E995B6A99164BAC0F3985010C4AC7C36F0BBB3118A17FB1963E865AF49FD77FB4E1BA3D9551C3FAEA77CCD7A7D588294DE9EA3B8DB6A8CC98DA8C567CDAB709A287F5D53453267841E6113B3A06DF01038B6A83FA6AA4A645BB43D276B71C6EA65A98A4E9C839D38CFEDCE176C5480E8BD8AEEAB20FC1C89B889672D980C5C121545CFD4BECECE53E9CEE27ED71A5973
-20210510153129 2 6 100 4095 2 E3508586273EAF882533D9104A0F6FF5818343120ECFA2DF8002402FEA175CD1C418C3CBCE3B8C3B8897FA169C9C9521399321A353ED16DE7EDFD5F28F3F8C1B5F52F368C463B3A1AB5CF5816666973A70FA756A6A2F70313D2830D490541C09F40E7ABDCA7EE76A625F19B87D4336196CBEBEB5491E4365D7DFDF56384A3DFE662628171820829B5628694A4B4915954CF89391F3C06D9A4DF618CD54406A1198F4DF74EA2DDF55244076A5BD9295DD516B9346A98EC225F16968CA804B94F2CF67B0A4CC23A679766476CD8033CA3532230AB83092D78AB138653BAC3FE96C2E6A91387E2D7263B72CC0FEB5443233BD5C137351A4EEC65954845938DE8137C0E3F70D9932E18E4C771BD0ED3D11CDAF4EA9745D3C2C8C32E2F4C7302425A96720F939C9A32BA9475EC974D57326605F5B0402FD6431096AC965246DDEA5AD8B2B0C24A86FDA4CC9397DCE101DF441AEC0FB887CB17F61A25D2C5945BA2DC45766E939CE1210C5D0E9A8BD229EA308E995B6A99164BAC0F3985010C4AC7C36F0BBB3118A17FB1963E865AF49FD77FB4E1BA3D9551C3FAEA77CCD7A7D588294DE9EA3B8DB6A8CC98DA8C567CDAB709A287F5D53453267841E6113B3A06DF01038B6A83FA6AA4A645BB43D276B71C6EA65A98A4E9C839D38CFEDCE176C5480E8BD8AEEAB20FC1C89B889672D980C5C121545CFD4BECECE53E9CEE27ED7F992C3
-20210510155953 2 6 100 4095 2 E3508586273EAF882533D9104A0F6FF5818343120ECFA2DF8002402FEA175CD1C418C3CBCE3B8C3B8897FA169C9C9521399321A353ED16DE7EDFD5F28F3F8C1B5F52F368C463B3A1AB5CF5816666973A70FA756A6A2F70313D2830D490541C09F40E7ABDCA7EE76A625F19B87D4336196CBEBEB5491E4365D7DFDF56384A3DFE662628171820829B5628694A4B4915954CF89391F3C06D9A4DF618CD54406A1198F4DF74EA2DDF55244076A5BD9295DD516B9346A98EC225F16968CA804B94F2CF67B0A4CC23A679766476CD8033CA3532230AB83092D78AB138653BAC3FE96C2E6A91387E2D7263B72CC0FEB5443233BD5C137351A4EEC65954845938DE8137C0E3F70D9932E18E4C771BD0ED3D11CDAF4EA9745D3C2C8C32E2F4C7302425A96720F939C9A32BA9475EC974D57326605F5B0402FD6431096AC965246DDEA5AD8B2B0C24A86FDA4CC9397DCE101DF441AEC0FB887CB17F61A25D2C5945BA2DC45766E939CE1210C5D0E9A8BD229EA308E995B6A99164BAC0F3985010C4AC7C36F0BBB3118A17FB1963E865AF49FD77FB4E1BA3D9551C3FAEA77CCD7A7D588294DE9EA3B8DB6A8CC98DA8C567CDAB709A287F5D53453267841E6113B3A06DF01038B6A83FA6AA4A645BB43D276B71C6EA65A98A4E9C839D38CFEDCE176C5480E8BD8AEEAB20FC1C89B889672D980C5C121545CFD4BECECE53E9CEE27ED9EDF273
-20210510160542 2 6 100 4095 2 E3508586273EAF882533D9104A0F6FF5818343120ECFA2DF8002402FEA175CD1C418C3CBCE3B8C3B8897FA169C9C9521399321A353ED16DE7EDFD5F28F3F8C1B5F52F368C463B3A1AB5CF5816666973A70FA756A6A2F70313D2830D490541C09F40E7ABDCA7EE76A625F19B87D4336196CBEBEB5491E4365D7DFDF56384A3DFE662628171820829B5628694A4B4915954CF89391F3C06D9A4DF618CD54406A1198F4DF74EA2DDF55244076A5BD9295DD516B9346A98EC225F16968CA804B94F2CF67B0A4CC23A679766476CD8033CA3532230AB83092D78AB138653BAC3FE96C2E6A91387E2D7263B72CC0FEB5443233BD5C137351A4EEC65954845938DE8137C0E3F70D9932E18E4C771BD0ED3D11CDAF4EA9745D3C2C8C32E2F4C7302425A96720F939C9A32BA9475EC974D57326605F5B0402FD6431096AC965246DDEA5AD8B2B0C24A86FDA4CC9397DCE101DF441AEC0FB887CB17F61A25D2C5945BA2DC45766E939CE1210C5D0E9A8BD229EA308E995B6A99164BAC0F3985010C4AC7C36F0BBB3118A17FB1963E865AF49FD77FB4E1BA3D9551C3FAEA77CCD7A7D588294DE9EA3B8DB6A8CC98DA8C567CDAB709A287F5D53453267841E6113B3A06DF01038B6A83FA6AA4A645BB43D276B71C6EA65A98A4E9C839D38CFEDCE176C5480E8BD8AEEAB20FC1C89B889672D980C5C121545CFD4BECECE53E9CEE27EDA4F6463
-20210510161006 2 6 100 4095 5 E3508586273EAF882533D9104A0F6FF5818343120ECFA2DF8002402FEA175CD1C418C3CBCE3B8C3B8897FA169C9C9521399321A353ED16DE7EDFD5F28F3F8C1B5F52F368C463B3A1AB5CF5816666973A70FA756A6A2F70313D2830D490541C09F40E7ABDCA7EE76A625F19B87D4336196CBEBEB5491E4365D7DFDF56384A3DFE662628171820829B5628694A4B4915954CF89391F3C06D9A4DF618CD54406A1198F4DF74EA2DDF55244076A5BD9295DD516B9346A98EC225F16968CA804B94F2CF67B0A4CC23A679766476CD8033CA3532230AB83092D78AB138653BAC3FE96C2E6A91387E2D7263B72CC0FEB5443233BD5C137351A4EEC65954845938DE8137C0E3F70D9932E18E4C771BD0ED3D11CDAF4EA9745D3C2C8C32E2F4C7302425A96720F939C9A32BA9475EC974D57326605F5B0402FD6431096AC965246DDEA5AD8B2B0C24A86FDA4CC9397DCE101DF441AEC0FB887CB17F61A25D2C5945BA2DC45766E939CE1210C5D0E9A8BD229EA308E995B6A99164BAC0F3985010C4AC7C36F0BBB3118A17FB1963E865AF49FD77FB4E1BA3D9551C3FAEA77CCD7A7D588294DE9EA3B8DB6A8CC98DA8C567CDAB709A287F5D53453267841E6113B3A06DF01038B6A83FA6AA4A645BB43D276B71C6EA65A98A4E9C839D38CFEDCE176C5480E8BD8AEEAB20FC1C89B889672D980C5C121545CFD4BECECE53E9CEE27EDA97EB6F
-20210510161446 2 6 100 4095 2 E3508586273EAF882533D9104A0F6FF5818343120ECFA2DF8002402FEA175CD1C418C3CBCE3B8C3B8897FA169C9C9521399321A353ED16DE7EDFD5F28F3F8C1B5F52F368C463B3A1AB5CF5816666973A70FA756A6A2F70313D2830D490541C09F40E7ABDCA7EE76A625F19B87D4336196CBEBEB5491E4365D7DFDF56384A3DFE662628171820829B5628694A4B4915954CF89391F3C06D9A4DF618CD54406A1198F4DF74EA2DDF55244076A5BD9295DD516B9346A98EC225F16968CA804B94F2CF67B0A4CC23A679766476CD8033CA3532230AB83092D78AB138653BAC3FE96C2E6A91387E2D7263B72CC0FEB5443233BD5C137351A4EEC65954845938DE8137C0E3F70D9932E18E4C771BD0ED3D11CDAF4EA9745D3C2C8C32E2F4C7302425A96720F939C9A32BA9475EC974D57326605F5B0402FD6431096AC965246DDEA5AD8B2B0C24A86FDA4CC9397DCE101DF441AEC0FB887CB17F61A25D2C5945BA2DC45766E939CE1210C5D0E9A8BD229EA308E995B6A99164BAC0F3985010C4AC7C36F0BBB3118A17FB1963E865AF49FD77FB4E1BA3D9551C3FAEA77CCD7A7D588294DE9EA3B8DB6A8CC98DA8C567CDAB709A287F5D53453267841E6113B3A06DF01038B6A83FA6AA4A645BB43D276B71C6EA65A98A4E9C839D38CFEDCE176C5480E8BD8AEEAB20FC1C89B889672D980C5C121545CFD4BECECE53E9CEE27EDAE44433
-20210510164007 2 6 100 4095 2 E3508586273EAF882533D9104A0F6FF5818343120ECFA2DF8002402FEA175CD1C418C3CBCE3B8C3B8897FA169C9C9521399321A353ED16DE7EDFD5F28F3F8C1B5F52F368C463B3A1AB5CF5816666973A70FA756A6A2F70313D2830D490541C09F40E7ABDCA7EE76A625F19B87D4336196CBEBEB5491E4365D7DFDF56384A3DFE662628171820829B5628694A4B4915954CF89391F3C06D9A4DF618CD54406A1198F4DF74EA2DDF55244076A5BD9295DD516B9346A98EC225F16968CA804B94F2CF67B0A4CC23A679766476CD8033CA3532230AB83092D78AB138653BAC3FE96C2E6A91387E2D7263B72CC0FEB5443233BD5C137351A4EEC65954845938DE8137C0E3F70D9932E18E4C771BD0ED3D11CDAF4EA9745D3C2C8C32E2F4C7302425A96720F939C9A32BA9475EC974D57326605F5B0402FD6431096AC965246DDEA5AD8B2B0C24A86FDA4CC9397DCE101DF441AEC0FB887CB17F61A25D2C5945BA2DC45766E939CE1210C5D0E9A8BD229EA308E995B6A99164BAC0F3985010C4AC7C36F0BBB3118A17FB1963E865AF49FD77FB4E1BA3D9551C3FAEA77CCD7A7D588294DE9EA3B8DB6A8CC98DA8C567CDAB709A287F5D53453267841E6113B3A06DF01038B6A83FA6AA4A645BB43D276B71C6EA65A98A4E9C839D38CFEDCE176C5480E8BD8AEEAB20FC1C89B889672D980C5C121545CFD4BECECE53E9CEE27EDCA3DB53
-20210510164752 2 6 100 4095 2 E3508586273EAF882533D9104A0F6FF5818343120ECFA2DF8002402FEA175CD1C418C3CBCE3B8C3B8897FA169C9C9521399321A353ED16DE7EDFD5F28F3F8C1B5F52F368C463B3A1AB5CF5816666973A70FA756A6A2F70313D2830D490541C09F40E7ABDCA7EE76A625F19B87D4336196CBEBEB5491E4365D7DFDF56384A3DFE662628171820829B5628694A4B4915954CF89391F3C06D9A4DF618CD54406A1198F4DF74EA2DDF55244076A5BD9295DD516B9346A98EC225F16968CA804B94F2CF67B0A4CC23A679766476CD8033CA3532230AB83092D78AB138653BAC3FE96C2E6A91387E2D7263B72CC0FEB5443233BD5C137351A4EEC65954845938DE8137C0E3F70D9932E18E4C771BD0ED3D11CDAF4EA9745D3C2C8C32E2F4C7302425A96720F939C9A32BA9475EC974D57326605F5B0402FD6431096AC965246DDEA5AD8B2B0C24A86FDA4CC9397DCE101DF441AEC0FB887CB17F61A25D2C5945BA2DC45766E939CE1210C5D0E9A8BD229EA308E995B6A99164BAC0F3985010C4AC7C36F0BBB3118A17FB1963E865AF49FD77FB4E1BA3D9551C3FAEA77CCD7A7D588294DE9EA3B8DB6A8CC98DA8C567CDAB709A287F5D53453267841E6113B3A06DF01038B6A83FA6AA4A645BB43D276B71C6EA65A98A4E9C839D38CFEDCE176C5480E8BD8AEEAB20FC1C89B889672D980C5C121545CFD4BECECE53E9CEE27EDD296153
-20210510170111 2 6 100 4095 5 E3508586273EAF882533D9104A0F6FF5818343120ECFA2DF8002402FEA175CD1C418C3CBCE3B8C3B8897FA169C9C9521399321A353ED16DE7EDFD5F28F3F8C1B5F52F368C463B3A1AB5CF5816666973A70FA756A6A2F70313D2830D490541C09F40E7ABDCA7EE76A625F19B87D4336196CBEBEB5491E4365D7DFDF56384A3DFE662628171820829B5628694A4B4915954CF89391F3C06D9A4DF618CD54406A1198F4DF74EA2DDF55244076A5BD9295DD516B9346A98EC225F16968CA804B94F2CF67B0A4CC23A679766476CD8033CA3532230AB83092D78AB138653BAC3FE96C2E6A91387E2D7263B72CC0FEB5443233BD5C137351A4EEC65954845938DE8137C0E3F70D9932E18E4C771BD0ED3D11CDAF4EA9745D3C2C8C32E2F4C7302425A96720F939C9A32BA9475EC974D57326605F5B0402FD6431096AC965246DDEA5AD8B2B0C24A86FDA4CC9397DCE101DF441AEC0FB887CB17F61A25D2C5945BA2DC45766E939CE1210C5D0E9A8BD229EA308E995B6A99164BAC0F3985010C4AC7C36F0BBB3118A17FB1963E865AF49FD77FB4E1BA3D9551C3FAEA77CCD7A7D588294DE9EA3B8DB6A8CC98DA8C567CDAB709A287F5D53453267841E6113B3A06DF01038B6A83FA6AA4A645BB43D276B71C6EA65A98A4E9C839D38CFEDCE176C5480E8BD8AEEAB20FC1C89B889672D980C5C121545CFD4BECECE53E9CEE27EDE0FAFB7
-20210510171053 2 6 100 4095 5 E3508586273EAF882533D9104A0F6FF5818343120ECFA2DF8002402FEA175CD1C418C3CBCE3B8C3B8897FA169C9C9521399321A353ED16DE7EDFD5F28F3F8C1B5F52F368C463B3A1AB5CF5816666973A70FA756A6A2F70313D2830D490541C09F40E7ABDCA7EE76A625F19B87D4336196CBEBEB5491E4365D7DFDF56384A3DFE662628171820829B5628694A4B4915954CF89391F3C06D9A4DF618CD54406A1198F4DF74EA2DDF55244076A5BD9295DD516B9346A98EC225F16968CA804B94F2CF67B0A4CC23A679766476CD8033CA3532230AB83092D78AB138653BAC3FE96C2E6A91387E2D7263B72CC0FEB5443233BD5C137351A4EEC65954845938DE8137C0E3F70D9932E18E4C771BD0ED3D11CDAF4EA9745D3C2C8C32E2F4C7302425A96720F939C9A32BA9475EC974D57326605F5B0402FD6431096AC965246DDEA5AD8B2B0C24A86FDA4CC9397DCE101DF441AEC0FB887CB17F61A25D2C5945BA2DC45766E939CE1210C5D0E9A8BD229EA308E995B6A99164BAC0F3985010C4AC7C36F0BBB3118A17FB1963E865AF49FD77FB4E1BA3D9551C3FAEA77CCD7A7D588294DE9EA3B8DB6A8CC98DA8C567CDAB709A287F5D53453267841E6113B3A06DF01038B6A83FA6AA4A645BB43D276B71C6EA65A98A4E9C839D38CFEDCE176C5480E8BD8AEEAB20FC1C89B889672D980C5C121545CFD4BECECE53E9CEE27EDEB6FD4F
-20210510172049 2 6 100 4095 2 E3508586273EAF882533D9104A0F6FF5818343120ECFA2DF8002402FEA175CD1C418C3CBCE3B8C3B8897FA169C9C9521399321A353ED16DE7EDFD5F28F3F8C1B5F52F368C463B3A1AB5CF5816666973A70FA756A6A2F70313D2830D490541C09F40E7ABDCA7EE76A625F19B87D4336196CBEBEB5491E4365D7DFDF56384A3DFE662628171820829B5628694A4B4915954CF89391F3C06D9A4DF618CD54406A1198F4DF74EA2DDF55244076A5BD9295DD516B9346A98EC225F16968CA804B94F2CF67B0A4CC23A679766476CD8033CA3532230AB83092D78AB138653BAC3FE96C2E6A91387E2D7263B72CC0FEB5443233BD5C137351A4EEC65954845938DE8137C0E3F70D9932E18E4C771BD0ED3D11CDAF4EA9745D3C2C8C32E2F4C7302425A96720F939C9A32BA9475EC974D57326605F5B0402FD6431096AC965246DDEA5AD8B2B0C24A86FDA4CC9397DCE101DF441AEC0FB887CB17F61A25D2C5945BA2DC45766E939CE1210C5D0E9A8BD229EA308E995B6A99164BAC0F3985010C4AC7C36F0BBB3118A17FB1963E865AF49FD77FB4E1BA3D9551C3FAEA77CCD7A7D588294DE9EA3B8DB6A8CC98DA8C567CDAB709A287F5D53453267841E6113B3A06DF01038B6A83FA6AA4A645BB43D276B71C6EA65A98A4E9C839D38CFEDCE176C5480E8BD8AEEAB20FC1C89B889672D980C5C121545CFD4BECECE53E9CEE27EDF621333
-20210510174942 2 6 100 4095 5 E3508586273EAF882533D9104A0F6FF5818343120ECFA2DF8002402FEA175CD1C418C3CBCE3B8C3B8897FA169C9C9521399321A353ED16DE7EDFD5F28F3F8C1B5F52F368C463B3A1AB5CF5816666973A70FA756A6A2F70313D2830D490541C09F40E7ABDCA7EE76A625F19B87D4336196CBEBEB5491E4365D7DFDF56384A3DFE662628171820829B5628694A4B4915954CF89391F3C06D9A4DF618CD54406A1198F4DF74EA2DDF55244076A5BD9295DD516B9346A98EC225F16968CA804B94F2CF67B0A4CC23A679766476CD8033CA3532230AB83092D78AB138653BAC3FE96C2E6A91387E2D7263B72CC0FEB5443233BD5C137351A4EEC65954845938DE8137C0E3F70D9932E18E4C771BD0ED3D11CDAF4EA9745D3C2C8C32E2F4C7302425A96720F939C9A32BA9475EC974D57326605F5B0402FD6431096AC965246DDEA5AD8B2B0C24A86FDA4CC9397DCE101DF441AEC0FB887CB17F61A25D2C5945BA2DC45766E939CE1210C5D0E9A8BD229EA308E995B6A99164BAC0F3985010C4AC7C36F0BBB3118A17FB1963E865AF49FD77FB4E1BA3D9551C3FAEA77CCD7A7D588294DE9EA3B8DB6A8CC98DA8C567CDAB709A287F5D53453267841E6113B3A06DF01038B6A83FA6AA4A645BB43D276B71C6EA65A98A4E9C839D38CFEDCE176C5480E8BD8AEEAB20FC1C89B889672D980C5C121545CFD4BECECE53E9CEE27EE15B9E07
-20210510175641 2 6 100 4095 5 E3508586273EAF882533D9104A0F6FF5818343120ECFA2DF8002402FEA175CD1C418C3CBCE3B8C3B8897FA169C9C9521399321A353ED16DE7EDFD5F28F3F8C1B5F52F368C463B3A1AB5CF5816666973A70FA756A6A2F70313D2830D490541C09F40E7ABDCA7EE76A625F19B87D4336196CBEBEB5491E4365D7DFDF56384A3DFE662628171820829B5628694A4B4915954CF89391F3C06D9A4DF618CD54406A1198F4DF74EA2DDF55244076A5BD9295DD516B9346A98EC225F16968CA804B94F2CF67B0A4CC23A679766476CD8033CA3532230AB83092D78AB138653BAC3FE96C2E6A91387E2D7263B72CC0FEB5443233BD5C137351A4EEC65954845938DE8137C0E3F70D9932E18E4C771BD0ED3D11CDAF4EA9745D3C2C8C32E2F4C7302425A96720F939C9A32BA9475EC974D57326605F5B0402FD6431096AC965246DDEA5AD8B2B0C24A86FDA4CC9397DCE101DF441AEC0FB887CB17F61A25D2C5945BA2DC45766E939CE1210C5D0E9A8BD229EA308E995B6A99164BAC0F3985010C4AC7C36F0BBB3118A17FB1963E865AF49FD77FB4E1BA3D9551C3FAEA77CCD7A7D588294DE9EA3B8DB6A8CC98DA8C567CDAB709A287F5D53453267841E6113B3A06DF01038B6A83FA6AA4A645BB43D276B71C6EA65A98A4E9C839D38CFEDCE176C5480E8BD8AEEAB20FC1C89B889672D980C5C121545CFD4BECECE53E9CEE27EE1CEFE0F
-20210510180112 2 6 100 4095 2 E3508586273EAF882533D9104A0F6FF5818343120ECFA2DF8002402FEA175CD1C418C3CBCE3B8C3B8897FA169C9C9521399321A353ED16DE7EDFD5F28F3F8C1B5F52F368C463B3A1AB5CF5816666973A70FA756A6A2F70313D2830D490541C09F40E7ABDCA7EE76A625F19B87D4336196CBEBEB5491E4365D7DFDF56384A3DFE662628171820829B5628694A4B4915954CF89391F3C06D9A4DF618CD54406A1198F4DF74EA2DDF55244076A5BD9295DD516B9346A98EC225F16968CA804B94F2CF67B0A4CC23A679766476CD8033CA3532230AB83092D78AB138653BAC3FE96C2E6A91387E2D7263B72CC0FEB5443233BD5C137351A4EEC65954845938DE8137C0E3F70D9932E18E4C771BD0ED3D11CDAF4EA9745D3C2C8C32E2F4C7302425A96720F939C9A32BA9475EC974D57326605F5B0402FD6431096AC965246DDEA5AD8B2B0C24A86FDA4CC9397DCE101DF441AEC0FB887CB17F61A25D2C5945BA2DC45766E939CE1210C5D0E9A8BD229EA308E995B6A99164BAC0F3985010C4AC7C36F0BBB3118A17FB1963E865AF49FD77FB4E1BA3D9551C3FAEA77CCD7A7D588294DE9EA3B8DB6A8CC98DA8C567CDAB709A287F5D53453267841E6113B3A06DF01038B6A83FA6AA4A645BB43D276B71C6EA65A98A4E9C839D38CFEDCE176C5480E8BD8AEEAB20FC1C89B889672D980C5C121545CFD4BECECE53E9CEE27EE2138F1B
-20210510180610 2 6 100 4095 5 E3508586273EAF882533D9104A0F6FF5818343120ECFA2DF8002402FEA175CD1C418C3CBCE3B8C3B8897FA169C9C9521399321A353ED16DE7EDFD5F28F3F8C1B5F52F368C463B3A1AB5CF5816666973A70FA756A6A2F70313D2830D490541C09F40E7ABDCA7EE76A625F19B87D4336196CBEBEB5491E4365D7DFDF56384A3DFE662628171820829B5628694A4B4915954CF89391F3C06D9A4DF618CD54406A1198F4DF74EA2DDF55244076A5BD9295DD516B9346A98EC225F16968CA804B94F2CF67B0A4CC23A679766476CD8033CA3532230AB83092D78AB138653BAC3FE96C2E6A91387E2D7263B72CC0FEB5443233BD5C137351A4EEC65954845938DE8137C0E3F70D9932E18E4C771BD0ED3D11CDAF4EA9745D3C2C8C32E2F4C7302425A96720F939C9A32BA9475EC974D57326605F5B0402FD6431096AC965246DDEA5AD8B2B0C24A86FDA4CC9397DCE101DF441AEC0FB887CB17F61A25D2C5945BA2DC45766E939CE1210C5D0E9A8BD229EA308E995B6A99164BAC0F3985010C4AC7C36F0BBB3118A17FB1963E865AF49FD77FB4E1BA3D9551C3FAEA77CCD7A7D588294DE9EA3B8DB6A8CC98DA8C567CDAB709A287F5D53453267841E6113B3A06DF01038B6A83FA6AA4A645BB43D276B71C6EA65A98A4E9C839D38CFEDCE176C5480E8BD8AEEAB20FC1C89B889672D980C5C121545CFD4BECECE53E9CEE27EE2635EA7
-20210510182139 2 6 100 4095 5 C0CF9D192A5E67E12DB4EBB35F3DD5A93041B217DDC24746828F760867A58487DCC1318CEB5929A76AB776A38F78415D03207716AFB66462B964A8B64E26D54306DFC888AF824BD68D46FD93EB19835F5CA576CDF7D57281B5A2D443CA10B94C9D091680FAE8AFDC9E862E7B8AA8EB9C5964A7A6DCF33D07735325CDC0AC2E0CB1AD72398FD23D9F375C766E55060C7E9556F16933363BD73288755FCFBE99FBEF5FEF5CDBE525AC7C1AB26CE56316568FA790082931F4015CE0BB432797A80617BEF82B448D8CF568A2EEF1CC594A4CAB3FAE7CB97866833D9BD646BB4A6850AAC1D6C8011C486C9FAB4AF5FB7C1591734B3D9FB3F46E6A07F61D1AA78B19B4C96AAE67ABCDC1218D205277054711CD88C39D93913AAFED002C96950852971C044779E8C44452321A72B50802658F1E62759B5155AE21FDC3F0CBFA1BF06E35147ED4E328E1D6FFF1BC67CE4EC4D7872797759891D74E53BD496BD7E54C6F28E8E2D60E0CC5381E136465C551BA03B91D112F50F4F84208C2AE35C7CE712F230539E5CE5211D87C56074EC6E53A0A1FFB811B9580F7045D14B89C0E6CEC5B12834317944BB2D743926BD2EFF4D8CD19E7A85C58E0CD4BAF7D7915F4A8EC46CB20FF3B82ED5C8D30F5A4CAA07E0C8CCEE173FC59C3444CEB672220B98F8065A9DD5244BAAA6D44347100D2D4FABC8FB7E6746848E0E9CFD2C6AD701D4CADABDF
-20210510182246 2 6 100 4095 5 C0CF9D192A5E67E12DB4EBB35F3DD5A93041B217DDC24746828F760867A58487DCC1318CEB5929A76AB776A38F78415D03207716AFB66462B964A8B64E26D54306DFC888AF824BD68D46FD93EB19835F5CA576CDF7D57281B5A2D443CA10B94C9D091680FAE8AFDC9E862E7B8AA8EB9C5964A7A6DCF33D07735325CDC0AC2E0CB1AD72398FD23D9F375C766E55060C7E9556F16933363BD73288755FCFBE99FBEF5FEF5CDBE525AC7C1AB26CE56316568FA790082931F4015CE0BB432797A80617BEF82B448D8CF568A2EEF1CC594A4CAB3FAE7CB97866833D9BD646BB4A6850AAC1D6C8011C486C9FAB4AF5FB7C1591734B3D9FB3F46E6A07F61D1AA78B19B4C96AAE67ABCDC1218D205277054711CD88C39D93913AAFED002C96950852971C044779E8C44452321A72B50802658F1E62759B5155AE21FDC3F0CBFA1BF06E35147ED4E328E1D6FFF1BC67CE4EC4D7872797759891D74E53BD496BD7E54C6F28E8E2D60E0CC5381E136465C551BA03B91D112F50F4F84208C2AE35C7CE712F230539E5CE5211D87C56074EC6E53A0A1FFB811B9580F7045D14B89C0E6CEC5B12834317944BB2D743926BD2EFF4D8CD19E7A85C58E0CD4BAF7D7915F4A8EC46CB20FF3B82ED5C8D30F5A4CAA07E0C8CCEE173FC59C3444CEB672220B98F8065A9DD5244BAAA6D44347100D2D4FABC8FB7E6746848E0E9CFD2C6AD701D4CBA2FDF
-20210510183239 2 6 100 4095 5 C0CF9D192A5E67E12DB4EBB35F3DD5A93041B217DDC24746828F760867A58487DCC1318CEB5929A76AB776A38F78415D03207716AFB66462B964A8B64E26D54306DFC888AF824BD68D46FD93EB19835F5CA576CDF7D57281B5A2D443CA10B94C9D091680FAE8AFDC9E862E7B8AA8EB9C5964A7A6DCF33D07735325CDC0AC2E0CB1AD72398FD23D9F375C766E55060C7E9556F16933363BD73288755FCFBE99FBEF5FEF5CDBE525AC7C1AB26CE56316568FA790082931F4015CE0BB432797A80617BEF82B448D8CF568A2EEF1CC594A4CAB3FAE7CB97866833D9BD646BB4A6850AAC1D6C8011C486C9FAB4AF5FB7C1591734B3D9FB3F46E6A07F61D1AA78B19B4C96AAE67ABCDC1218D205277054711CD88C39D93913AAFED002C96950852971C044779E8C44452321A72B50802658F1E62759B5155AE21FDC3F0CBFA1BF06E35147ED4E328E1D6FFF1BC67CE4EC4D7872797759891D74E53BD496BD7E54C6F28E8E2D60E0CC5381E136465C551BA03B91D112F50F4F84208C2AE35C7CE712F230539E5CE5211D87C56074EC6E53A0A1FFB811B9580F7045D14B89C0E6CEC5B12834317944BB2D743926BD2EFF4D8CD19E7A85C58E0CD4BAF7D7915F4A8EC46CB20FF3B82ED5C8D30F5A4CAA07E0C8CCEE173FC59C3444CEB672220B98F8065A9DD5244BAAA6D44347100D2D4FABC8FB7E6746848E0E9CFD2C6AD701D4D6A3817
-20210510185138 2 6 100 4095 2 C0CF9D192A5E67E12DB4EBB35F3DD5A93041B217DDC24746828F760867A58487DCC1318CEB5929A76AB776A38F78415D03207716AFB66462B964A8B64E26D54306DFC888AF824BD68D46FD93EB19835F5CA576CDF7D57281B5A2D443CA10B94C9D091680FAE8AFDC9E862E7B8AA8EB9C5964A7A6DCF33D07735325CDC0AC2E0CB1AD72398FD23D9F375C766E55060C7E9556F16933363BD73288755FCFBE99FBEF5FEF5CDBE525AC7C1AB26CE56316568FA790082931F4015CE0BB432797A80617BEF82B448D8CF568A2EEF1CC594A4CAB3FAE7CB97866833D9BD646BB4A6850AAC1D6C8011C486C9FAB4AF5FB7C1591734B3D9FB3F46E6A07F61D1AA78B19B4C96AAE67ABCDC1218D205277054711CD88C39D93913AAFED002C96950852971C044779E8C44452321A72B50802658F1E62759B5155AE21FDC3F0CBFA1BF06E35147ED4E328E1D6FFF1BC67CE4EC4D7872797759891D74E53BD496BD7E54C6F28E8E2D60E0CC5381E136465C551BA03B91D112F50F4F84208C2AE35C7CE712F230539E5CE5211D87C56074EC6E53A0A1FFB811B9580F7045D14B89C0E6CEC5B12834317944BB2D743926BD2EFF4D8CD19E7A85C58E0CD4BAF7D7915F4A8EC46CB20FF3B82ED5C8D30F5A4CAA07E0C8CCEE173FC59C3444CEB672220B98F8065A9DD5244BAAA6D44347100D2D4FABC8FB7E6746848E0E9CFD2C6AD701D4EBD743B
-20210510190703 2 6 100 4095 2 C0CF9D192A5E67E12DB4EBB35F3DD5A93041B217DDC24746828F760867A58487DCC1318CEB5929A76AB776A38F78415D03207716AFB66462B964A8B64E26D54306DFC888AF824BD68D46FD93EB19835F5CA576CDF7D57281B5A2D443CA10B94C9D091680FAE8AFDC9E862E7B8AA8EB9C5964A7A6DCF33D07735325CDC0AC2E0CB1AD72398FD23D9F375C766E55060C7E9556F16933363BD73288755FCFBE99FBEF5FEF5CDBE525AC7C1AB26CE56316568FA790082931F4015CE0BB432797A80617BEF82B448D8CF568A2EEF1CC594A4CAB3FAE7CB97866833D9BD646BB4A6850AAC1D6C8011C486C9FAB4AF5FB7C1591734B3D9FB3F46E6A07F61D1AA78B19B4C96AAE67ABCDC1218D205277054711CD88C39D93913AAFED002C96950852971C044779E8C44452321A72B50802658F1E62759B5155AE21FDC3F0CBFA1BF06E35147ED4E328E1D6FFF1BC67CE4EC4D7872797759891D74E53BD496BD7E54C6F28E8E2D60E0CC5381E136465C551BA03B91D112F50F4F84208C2AE35C7CE712F230539E5CE5211D87C56074EC6E53A0A1FFB811B9580F7045D14B89C0E6CEC5B12834317944BB2D743926BD2EFF4D8CD19E7A85C58E0CD4BAF7D7915F4A8EC46CB20FF3B82ED5C8D30F5A4CAA07E0C8CCEE173FC59C3444CEB672220B98F8065A9DD5244BAAA6D44347100D2D4FABC8FB7E6746848E0E9CFD2C6AD701D4FD39563
-20210510191012 2 6 100 4095 2 C0CF9D192A5E67E12DB4EBB35F3DD5A93041B217DDC24746828F760867A58487DCC1318CEB5929A76AB776A38F78415D03207716AFB66462B964A8B64E26D54306DFC888AF824BD68D46FD93EB19835F5CA576CDF7D57281B5A2D443CA10B94C9D091680FAE8AFDC9E862E7B8AA8EB9C5964A7A6DCF33D07735325CDC0AC2E0CB1AD72398FD23D9F375C766E55060C7E9556F16933363BD73288755FCFBE99FBEF5FEF5CDBE525AC7C1AB26CE56316568FA790082931F4015CE0BB432797A80617BEF82B448D8CF568A2EEF1CC594A4CAB3FAE7CB97866833D9BD646BB4A6850AAC1D6C8011C486C9FAB4AF5FB7C1591734B3D9FB3F46E6A07F61D1AA78B19B4C96AAE67ABCDC1218D205277054711CD88C39D93913AAFED002C96950852971C044779E8C44452321A72B50802658F1E62759B5155AE21FDC3F0CBFA1BF06E35147ED4E328E1D6FFF1BC67CE4EC4D7872797759891D74E53BD496BD7E54C6F28E8E2D60E0CC5381E136465C551BA03B91D112F50F4F84208C2AE35C7CE712F230539E5CE5211D87C56074EC6E53A0A1FFB811B9580F7045D14B89C0E6CEC5B12834317944BB2D743926BD2EFF4D8CD19E7A85C58E0CD4BAF7D7915F4A8EC46CB20FF3B82ED5C8D30F5A4CAA07E0C8CCEE173FC59C3444CEB672220B98F8065A9DD5244BAAA6D44347100D2D4FABC8FB7E6746848E0E9CFD2C6AD701D50038993
-20210510193403 2 6 100 4095 5 C0CF9D192A5E67E12DB4EBB35F3DD5A93041B217DDC24746828F760867A58487DCC1318CEB5929A76AB776A38F78415D03207716AFB66462B964A8B64E26D54306DFC888AF824BD68D46FD93EB19835F5CA576CDF7D57281B5A2D443CA10B94C9D091680FAE8AFDC9E862E7B8AA8EB9C5964A7A6DCF33D07735325CDC0AC2E0CB1AD72398FD23D9F375C766E55060C7E9556F16933363BD73288755FCFBE99FBEF5FEF5CDBE525AC7C1AB26CE56316568FA790082931F4015CE0BB432797A80617BEF82B448D8CF568A2EEF1CC594A4CAB3FAE7CB97866833D9BD646BB4A6850AAC1D6C8011C486C9FAB4AF5FB7C1591734B3D9FB3F46E6A07F61D1AA78B19B4C96AAE67ABCDC1218D205277054711CD88C39D93913AAFED002C96950852971C044779E8C44452321A72B50802658F1E62759B5155AE21FDC3F0CBFA1BF06E35147ED4E328E1D6FFF1BC67CE4EC4D7872797759891D74E53BD496BD7E54C6F28E8E2D60E0CC5381E136465C551BA03B91D112F50F4F84208C2AE35C7CE712F230539E5CE5211D87C56074EC6E53A0A1FFB811B9580F7045D14B89C0E6CEC5B12834317944BB2D743926BD2EFF4D8CD19E7A85C58E0CD4BAF7D7915F4A8EC46CB20FF3B82ED5C8D30F5A4CAA07E0C8CCEE173FC59C3444CEB672220B98F8065A9DD5244BAAA6D44347100D2D4FABC8FB7E6746848E0E9CFD2C6AD701D51B59F6F
-20210510193504 2 6 100 4095 2 C0CF9D192A5E67E12DB4EBB35F3DD5A93041B217DDC24746828F760867A58487DCC1318CEB5929A76AB776A38F78415D03207716AFB66462B964A8B64E26D54306DFC888AF824BD68D46FD93EB19835F5CA576CDF7D57281B5A2D443CA10B94C9D091680FAE8AFDC9E862E7B8AA8EB9C5964A7A6DCF33D07735325CDC0AC2E0CB1AD72398FD23D9F375C766E55060C7E9556F16933363BD73288755FCFBE99FBEF5FEF5CDBE525AC7C1AB26CE56316568FA790082931F4015CE0BB432797A80617BEF82B448D8CF568A2EEF1CC594A4CAB3FAE7CB97866833D9BD646BB4A6850AAC1D6C8011C486C9FAB4AF5FB7C1591734B3D9FB3F46E6A07F61D1AA78B19B4C96AAE67ABCDC1218D205277054711CD88C39D93913AAFED002C96950852971C044779E8C44452321A72B50802658F1E62759B5155AE21FDC3F0CBFA1BF06E35147ED4E328E1D6FFF1BC67CE4EC4D7872797759891D74E53BD496BD7E54C6F28E8E2D60E0CC5381E136465C551BA03B91D112F50F4F84208C2AE35C7CE712F230539E5CE5211D87C56074EC6E53A0A1FFB811B9580F7045D14B89C0E6CEC5B12834317944BB2D743926BD2EFF4D8CD19E7A85C58E0CD4BAF7D7915F4A8EC46CB20FF3B82ED5C8D30F5A4CAA07E0C8CCEE173FC59C3444CEB672220B98F8065A9DD5244BAAA6D44347100D2D4FABC8FB7E6746848E0E9CFD2C6AD701D51BFEACB
-20210510193712 2 6 100 4095 5 C0CF9D192A5E67E12DB4EBB35F3DD5A93041B217DDC24746828F760867A58487DCC1318CEB5929A76AB776A38F78415D03207716AFB66462B964A8B64E26D54306DFC888AF824BD68D46FD93EB19835F5CA576CDF7D57281B5A2D443CA10B94C9D091680FAE8AFDC9E862E7B8AA8EB9C5964A7A6DCF33D07735325CDC0AC2E0CB1AD72398FD23D9F375C766E55060C7E9556F16933363BD73288755FCFBE99FBEF5FEF5CDBE525AC7C1AB26CE56316568FA790082931F4015CE0BB432797A80617BEF82B448D8CF568A2EEF1CC594A4CAB3FAE7CB97866833D9BD646BB4A6850AAC1D6C8011C486C9FAB4AF5FB7C1591734B3D9FB3F46E6A07F61D1AA78B19B4C96AAE67ABCDC1218D205277054711CD88C39D93913AAFED002C96950852971C044779E8C44452321A72B50802658F1E62759B5155AE21FDC3F0CBFA1BF06E35147ED4E328E1D6FFF1BC67CE4EC4D7872797759891D74E53BD496BD7E54C6F28E8E2D60E0CC5381E136465C551BA03B91D112F50F4F84208C2AE35C7CE712F230539E5CE5211D87C56074EC6E53A0A1FFB811B9580F7045D14B89C0E6CEC5B12834317944BB2D743926BD2EFF4D8CD19E7A85C58E0CD4BAF7D7915F4A8EC46CB20FF3B82ED5C8D30F5A4CAA07E0C8CCEE173FC59C3444CEB672220B98F8065A9DD5244BAAA6D44347100D2D4FABC8FB7E6746848E0E9CFD2C6AD701D51DE6847
-20210510200016 2 6 100 4095 2 C0CF9D192A5E67E12DB4EBB35F3DD5A93041B217DDC24746828F760867A58487DCC1318CEB5929A76AB776A38F78415D03207716AFB66462B964A8B64E26D54306DFC888AF824BD68D46FD93EB19835F5CA576CDF7D57281B5A2D443CA10B94C9D091680FAE8AFDC9E862E7B8AA8EB9C5964A7A6DCF33D07735325CDC0AC2E0CB1AD72398FD23D9F375C766E55060C7E9556F16933363BD73288755FCFBE99FBEF5FEF5CDBE525AC7C1AB26CE56316568FA790082931F4015CE0BB432797A80617BEF82B448D8CF568A2EEF1CC594A4CAB3FAE7CB97866833D9BD646BB4A6850AAC1D6C8011C486C9FAB4AF5FB7C1591734B3D9FB3F46E6A07F61D1AA78B19B4C96AAE67ABCDC1218D205277054711CD88C39D93913AAFED002C96950852971C044779E8C44452321A72B50802658F1E62759B5155AE21FDC3F0CBFA1BF06E35147ED4E328E1D6FFF1BC67CE4EC4D7872797759891D74E53BD496BD7E54C6F28E8E2D60E0CC5381E136465C551BA03B91D112F50F4F84208C2AE35C7CE712F230539E5CE5211D87C56074EC6E53A0A1FFB811B9580F7045D14B89C0E6CEC5B12834317944BB2D743926BD2EFF4D8CD19E7A85C58E0CD4BAF7D7915F4A8EC46CB20FF3B82ED5C8D30F5A4CAA07E0C8CCEE173FC59C3444CEB672220B98F8065A9DD5244BAAA6D44347100D2D4FABC8FB7E6746848E0E9CFD2C6AD701D538092BB
-20210510202408 2 6 100 4095 2 C0CF9D192A5E67E12DB4EBB35F3DD5A93041B217DDC24746828F760867A58487DCC1318CEB5929A76AB776A38F78415D03207716AFB66462B964A8B64E26D54306DFC888AF824BD68D46FD93EB19835F5CA576CDF7D57281B5A2D443CA10B94C9D091680FAE8AFDC9E862E7B8AA8EB9C5964A7A6DCF33D07735325CDC0AC2E0CB1AD72398FD23D9F375C766E55060C7E9556F16933363BD73288755FCFBE99FBEF5FEF5CDBE525AC7C1AB26CE56316568FA790082931F4015CE0BB432797A80617BEF82B448D8CF568A2EEF1CC594A4CAB3FAE7CB97866833D9BD646BB4A6850AAC1D6C8011C486C9FAB4AF5FB7C1591734B3D9FB3F46E6A07F61D1AA78B19B4C96AAE67ABCDC1218D205277054711CD88C39D93913AAFED002C96950852971C044779E8C44452321A72B50802658F1E62759B5155AE21FDC3F0CBFA1BF06E35147ED4E328E1D6FFF1BC67CE4EC4D7872797759891D74E53BD496BD7E54C6F28E8E2D60E0CC5381E136465C551BA03B91D112F50F4F84208C2AE35C7CE712F230539E5CE5211D87C56074EC6E53A0A1FFB811B9580F7045D14B89C0E6CEC5B12834317944BB2D743926BD2EFF4D8CD19E7A85C58E0CD4BAF7D7915F4A8EC46CB20FF3B82ED5C8D30F5A4CAA07E0C8CCEE173FC59C3444CEB672220B98F8065A9DD5244BAAA6D44347100D2D4FABC8FB7E6746848E0E9CFD2C6AD701D552B8EA3
-20210510204717 2 6 100 4095 5 C0CF9D192A5E67E12DB4EBB35F3DD5A93041B217DDC24746828F760867A58487DCC1318CEB5929A76AB776A38F78415D03207716AFB66462B964A8B64E26D54306DFC888AF824BD68D46FD93EB19835F5CA576CDF7D57281B5A2D443CA10B94C9D091680FAE8AFDC9E862E7B8AA8EB9C5964A7A6DCF33D07735325CDC0AC2E0CB1AD72398FD23D9F375C766E55060C7E9556F16933363BD73288755FCFBE99FBEF5FEF5CDBE525AC7C1AB26CE56316568FA790082931F4015CE0BB432797A80617BEF82B448D8CF568A2EEF1CC594A4CAB3FAE7CB97866833D9BD646BB4A6850AAC1D6C8011C486C9FAB4AF5FB7C1591734B3D9FB3F46E6A07F61D1AA78B19B4C96AAE67ABCDC1218D205277054711CD88C39D93913AAFED002C96950852971C044779E8C44452321A72B50802658F1E62759B5155AE21FDC3F0CBFA1BF06E35147ED4E328E1D6FFF1BC67CE4EC4D7872797759891D74E53BD496BD7E54C6F28E8E2D60E0CC5381E136465C551BA03B91D112F50F4F84208C2AE35C7CE712F230539E5CE5211D87C56074EC6E53A0A1FFB811B9580F7045D14B89C0E6CEC5B12834317944BB2D743926BD2EFF4D8CD19E7A85C58E0CD4BAF7D7915F4A8EC46CB20FF3B82ED5C8D30F5A4CAA07E0C8CCEE173FC59C3444CEB672220B98F8065A9DD5244BAAA6D44347100D2D4FABC8FB7E6746848E0E9CFD2C6AD701D56C3E03F
-20210510210552 2 6 100 4095 5 C0CF9D192A5E67E12DB4EBB35F3DD5A93041B217DDC24746828F760867A58487DCC1318CEB5929A76AB776A38F78415D03207716AFB66462B964A8B64E26D54306DFC888AF824BD68D46FD93EB19835F5CA576CDF7D57281B5A2D443CA10B94C9D091680FAE8AFDC9E862E7B8AA8EB9C5964A7A6DCF33D07735325CDC0AC2E0CB1AD72398FD23D9F375C766E55060C7E9556F16933363BD73288755FCFBE99FBEF5FEF5CDBE525AC7C1AB26CE56316568FA790082931F4015CE0BB432797A80617BEF82B448D8CF568A2EEF1CC594A4CAB3FAE7CB97866833D9BD646BB4A6850AAC1D6C8011C486C9FAB4AF5FB7C1591734B3D9FB3F46E6A07F61D1AA78B19B4C96AAE67ABCDC1218D205277054711CD88C39D93913AAFED002C96950852971C044779E8C44452321A72B50802658F1E62759B5155AE21FDC3F0CBFA1BF06E35147ED4E328E1D6FFF1BC67CE4EC4D7872797759891D74E53BD496BD7E54C6F28E8E2D60E0CC5381E136465C551BA03B91D112F50F4F84208C2AE35C7CE712F230539E5CE5211D87C56074EC6E53A0A1FFB811B9580F7045D14B89C0E6CEC5B12834317944BB2D743926BD2EFF4D8CD19E7A85C58E0CD4BAF7D7915F4A8EC46CB20FF3B82ED5C8D30F5A4CAA07E0C8CCEE173FC59C3444CEB672220B98F8065A9DD5244BAAA6D44347100D2D4FABC8FB7E6746848E0E9CFD2C6AD701D580CD59F
-20210510211223 2 6 100 4095 5 C0CF9D192A5E67E12DB4EBB35F3DD5A93041B217DDC24746828F760867A58487DCC1318CEB5929A76AB776A38F78415D03207716AFB66462B964A8B64E26D54306DFC888AF824BD68D46FD93EB19835F5CA576CDF7D57281B5A2D443CA10B94C9D091680FAE8AFDC9E862E7B8AA8EB9C5964A7A6DCF33D07735325CDC0AC2E0CB1AD72398FD23D9F375C766E55060C7E9556F16933363BD73288755FCFBE99FBEF5FEF5CDBE525AC7C1AB26CE56316568FA790082931F4015CE0BB432797A80617BEF82B448D8CF568A2EEF1CC594A4CAB3FAE7CB97866833D9BD646BB4A6850AAC1D6C8011C486C9FAB4AF5FB7C1591734B3D9FB3F46E6A07F61D1AA78B19B4C96AAE67ABCDC1218D205277054711CD88C39D93913AAFED002C96950852971C044779E8C44452321A72B50802658F1E62759B5155AE21FDC3F0CBFA1BF06E35147ED4E328E1D6FFF1BC67CE4EC4D7872797759891D74E53BD496BD7E54C6F28E8E2D60E0CC5381E136465C551BA03B91D112F50F4F84208C2AE35C7CE712F230539E5CE5211D87C56074EC6E53A0A1FFB811B9580F7045D14B89C0E6CEC5B12834317944BB2D743926BD2EFF4D8CD19E7A85C58E0CD4BAF7D7915F4A8EC46CB20FF3B82ED5C8D30F5A4CAA07E0C8CCEE173FC59C3444CEB672220B98F8065A9DD5244BAAA6D44347100D2D4FABC8FB7E6746848E0E9CFD2C6AD701D587C16C7
-20210510211607 2 6 100 4095 2 C0CF9D192A5E67E12DB4EBB35F3DD5A93041B217DDC24746828F760867A58487DCC1318CEB5929A76AB776A38F78415D03207716AFB66462B964A8B64E26D54306DFC888AF824BD68D46FD93EB19835F5CA576CDF7D57281B5A2D443CA10B94C9D091680FAE8AFDC9E862E7B8AA8EB9C5964A7A6DCF33D07735325CDC0AC2E0CB1AD72398FD23D9F375C766E55060C7E9556F16933363BD73288755FCFBE99FBEF5FEF5CDBE525AC7C1AB26CE56316568FA790082931F4015CE0BB432797A80617BEF82B448D8CF568A2EEF1CC594A4CAB3FAE7CB97866833D9BD646BB4A6850AAC1D6C8011C486C9FAB4AF5FB7C1591734B3D9FB3F46E6A07F61D1AA78B19B4C96AAE67ABCDC1218D205277054711CD88C39D93913AAFED002C96950852971C044779E8C44452321A72B50802658F1E62759B5155AE21FDC3F0CBFA1BF06E35147ED4E328E1D6FFF1BC67CE4EC4D7872797759891D74E53BD496BD7E54C6F28E8E2D60E0CC5381E136465C551BA03B91D112F50F4F84208C2AE35C7CE712F230539E5CE5211D87C56074EC6E53A0A1FFB811B9580F7045D14B89C0E6CEC5B12834317944BB2D743926BD2EFF4D8CD19E7A85C58E0CD4BAF7D7915F4A8EC46CB20FF3B82ED5C8D30F5A4CAA07E0C8CCEE173FC59C3444CEB672220B98F8065A9DD5244BAAA6D44347100D2D4FABC8FB7E6746848E0E9CFD2C6AD701D58B825A3
-20210510212131 2 6 100 4095 2 C0CF9D192A5E67E12DB4EBB35F3DD5A93041B217DDC24746828F760867A58487DCC1318CEB5929A76AB776A38F78415D03207716AFB66462B964A8B64E26D54306DFC888AF824BD68D46FD93EB19835F5CA576CDF7D57281B5A2D443CA10B94C9D091680FAE8AFDC9E862E7B8AA8EB9C5964A7A6DCF33D07735325CDC0AC2E0CB1AD72398FD23D9F375C766E55060C7E9556F16933363BD73288755FCFBE99FBEF5FEF5CDBE525AC7C1AB26CE56316568FA790082931F4015CE0BB432797A80617BEF82B448D8CF568A2EEF1CC594A4CAB3FAE7CB97866833D9BD646BB4A6850AAC1D6C8011C486C9FAB4AF5FB7C1591734B3D9FB3F46E6A07F61D1AA78B19B4C96AAE67ABCDC1218D205277054711CD88C39D93913AAFED002C96950852971C044779E8C44452321A72B50802658F1E62759B5155AE21FDC3F0CBFA1BF06E35147ED4E328E1D6FFF1BC67CE4EC4D7872797759891D74E53BD496BD7E54C6F28E8E2D60E0CC5381E136465C551BA03B91D112F50F4F84208C2AE35C7CE712F230539E5CE5211D87C56074EC6E53A0A1FFB811B9580F7045D14B89C0E6CEC5B12834317944BB2D743926BD2EFF4D8CD19E7A85C58E0CD4BAF7D7915F4A8EC46CB20FF3B82ED5C8D30F5A4CAA07E0C8CCEE173FC59C3444CEB672220B98F8065A9DD5244BAAA6D44347100D2D4FABC8FB7E6746848E0E9CFD2C6AD701D5914A563
-20210510212930 2 6 100 4095 2 C0CF9D192A5E67E12DB4EBB35F3DD5A93041B217DDC24746828F760867A58487DCC1318CEB5929A76AB776A38F78415D03207716AFB66462B964A8B64E26D54306DFC888AF824BD68D46FD93EB19835F5CA576CDF7D57281B5A2D443CA10B94C9D091680FAE8AFDC9E862E7B8AA8EB9C5964A7A6DCF33D07735325CDC0AC2E0CB1AD72398FD23D9F375C766E55060C7E9556F16933363BD73288755FCFBE99FBEF5FEF5CDBE525AC7C1AB26CE56316568FA790082931F4015CE0BB432797A80617BEF82B448D8CF568A2EEF1CC594A4CAB3FAE7CB97866833D9BD646BB4A6850AAC1D6C8011C486C9FAB4AF5FB7C1591734B3D9FB3F46E6A07F61D1AA78B19B4C96AAE67ABCDC1218D205277054711CD88C39D93913AAFED002C96950852971C044779E8C44452321A72B50802658F1E62759B5155AE21FDC3F0CBFA1BF06E35147ED4E328E1D6FFF1BC67CE4EC4D7872797759891D74E53BD496BD7E54C6F28E8E2D60E0CC5381E136465C551BA03B91D112F50F4F84208C2AE35C7CE712F230539E5CE5211D87C56074EC6E53A0A1FFB811B9580F7045D14B89C0E6CEC5B12834317944BB2D743926BD2EFF4D8CD19E7A85C58E0CD4BAF7D7915F4A8EC46CB20FF3B82ED5C8D30F5A4CAA07E0C8CCEE173FC59C3444CEB672220B98F8065A9DD5244BAAA6D44347100D2D4FABC8FB7E6746848E0E9CFD2C6AD701D599D3C2B
-20210510214640 2 6 100 4095 2 C0CF9D192A5E67E12DB4EBB35F3DD5A93041B217DDC24746828F760867A58487DCC1318CEB5929A76AB776A38F78415D03207716AFB66462B964A8B64E26D54306DFC888AF824BD68D46FD93EB19835F5CA576CDF7D57281B5A2D443CA10B94C9D091680FAE8AFDC9E862E7B8AA8EB9C5964A7A6DCF33D07735325CDC0AC2E0CB1AD72398FD23D9F375C766E55060C7E9556F16933363BD73288755FCFBE99FBEF5FEF5CDBE525AC7C1AB26CE56316568FA790082931F4015CE0BB432797A80617BEF82B448D8CF568A2EEF1CC594A4CAB3FAE7CB97866833D9BD646BB4A6850AAC1D6C8011C486C9FAB4AF5FB7C1591734B3D9FB3F46E6A07F61D1AA78B19B4C96AAE67ABCDC1218D205277054711CD88C39D93913AAFED002C96950852971C044779E8C44452321A72B50802658F1E62759B5155AE21FDC3F0CBFA1BF06E35147ED4E328E1D6FFF1BC67CE4EC4D7872797759891D74E53BD496BD7E54C6F28E8E2D60E0CC5381E136465C551BA03B91D112F50F4F84208C2AE35C7CE712F230539E5CE5211D87C56074EC6E53A0A1FFB811B9580F7045D14B89C0E6CEC5B12834317944BB2D743926BD2EFF4D8CD19E7A85C58E0CD4BAF7D7915F4A8EC46CB20FF3B82ED5C8D30F5A4CAA07E0C8CCEE173FC59C3444CEB672220B98F8065A9DD5244BAAA6D44347100D2D4FABC8FB7E6746848E0E9CFD2C6AD701D5AD02FBB
-20210510221404 2 6 100 4095 2 C0CF9D192A5E67E12DB4EBB35F3DD5A93041B217DDC24746828F760867A58487DCC1318CEB5929A76AB776A38F78415D03207716AFB66462B964A8B64E26D54306DFC888AF824BD68D46FD93EB19835F5CA576CDF7D57281B5A2D443CA10B94C9D091680FAE8AFDC9E862E7B8AA8EB9C5964A7A6DCF33D07735325CDC0AC2E0CB1AD72398FD23D9F375C766E55060C7E9556F16933363BD73288755FCFBE99FBEF5FEF5CDBE525AC7C1AB26CE56316568FA790082931F4015CE0BB432797A80617BEF82B448D8CF568A2EEF1CC594A4CAB3FAE7CB97866833D9BD646BB4A6850AAC1D6C8011C486C9FAB4AF5FB7C1591734B3D9FB3F46E6A07F61D1AA78B19B4C96AAE67ABCDC1218D205277054711CD88C39D93913AAFED002C96950852971C044779E8C44452321A72B50802658F1E62759B5155AE21FDC3F0CBFA1BF06E35147ED4E328E1D6FFF1BC67CE4EC4D7872797759891D74E53BD496BD7E54C6F28E8E2D60E0CC5381E136465C551BA03B91D112F50F4F84208C2AE35C7CE712F230539E5CE5211D87C56074EC6E53A0A1FFB811B9580F7045D14B89C0E6CEC5B12834317944BB2D743926BD2EFF4D8CD19E7A85C58E0CD4BAF7D7915F4A8EC46CB20FF3B82ED5C8D30F5A4CAA07E0C8CCEE173FC59C3444CEB672220B98F8065A9DD5244BAAA6D44347100D2D4FABC8FB7E6746848E0E9CFD2C6AD701D5CBD7BCB
-20210510224430 2 6 100 4095 5 C0CF9D192A5E67E12DB4EBB35F3DD5A93041B217DDC24746828F760867A58487DCC1318CEB5929A76AB776A38F78415D03207716AFB66462B964A8B64E26D54306DFC888AF824BD68D46FD93EB19835F5CA576CDF7D57281B5A2D443CA10B94C9D091680FAE8AFDC9E862E7B8AA8EB9C5964A7A6DCF33D07735325CDC0AC2E0CB1AD72398FD23D9F375C766E55060C7E9556F16933363BD73288755FCFBE99FBEF5FEF5CDBE525AC7C1AB26CE56316568FA790082931F4015CE0BB432797A80617BEF82B448D8CF568A2EEF1CC594A4CAB3FAE7CB97866833D9BD646BB4A6850AAC1D6C8011C486C9FAB4AF5FB7C1591734B3D9FB3F46E6A07F61D1AA78B19B4C96AAE67ABCDC1218D205277054711CD88C39D93913AAFED002C96950852971C044779E8C44452321A72B50802658F1E62759B5155AE21FDC3F0CBFA1BF06E35147ED4E328E1D6FFF1BC67CE4EC4D7872797759891D74E53BD496BD7E54C6F28E8E2D60E0CC5381E136465C551BA03B91D112F50F4F84208C2AE35C7CE712F230539E5CE5211D87C56074EC6E53A0A1FFB811B9580F7045D14B89C0E6CEC5B12834317944BB2D743926BD2EFF4D8CD19E7A85C58E0CD4BAF7D7915F4A8EC46CB20FF3B82ED5C8D30F5A4CAA07E0C8CCEE173FC59C3444CEB672220B98F8065A9DD5244BAAA6D44347100D2D4FABC8FB7E6746848E0E9CFD2C6AD701D5EDD3847
-20210510224732 2 6 100 4095 2 C0CF9D192A5E67E12DB4EBB35F3DD5A93041B217DDC24746828F760867A58487DCC1318CEB5929A76AB776A38F78415D03207716AFB66462B964A8B64E26D54306DFC888AF824BD68D46FD93EB19835F5CA576CDF7D57281B5A2D443CA10B94C9D091680FAE8AFDC9E862E7B8AA8EB9C5964A7A6DCF33D07735325CDC0AC2E0CB1AD72398FD23D9F375C766E55060C7E9556F16933363BD73288755FCFBE99FBEF5FEF5CDBE525AC7C1AB26CE56316568FA790082931F4015CE0BB432797A80617BEF82B448D8CF568A2EEF1CC594A4CAB3FAE7CB97866833D9BD646BB4A6850AAC1D6C8011C486C9FAB4AF5FB7C1591734B3D9FB3F46E6A07F61D1AA78B19B4C96AAE67ABCDC1218D205277054711CD88C39D93913AAFED002C96950852971C044779E8C44452321A72B50802658F1E62759B5155AE21FDC3F0CBFA1BF06E35147ED4E328E1D6FFF1BC67CE4EC4D7872797759891D74E53BD496BD7E54C6F28E8E2D60E0CC5381E136465C551BA03B91D112F50F4F84208C2AE35C7CE712F230539E5CE5211D87C56074EC6E53A0A1FFB811B9580F7045D14B89C0E6CEC5B12834317944BB2D743926BD2EFF4D8CD19E7A85C58E0CD4BAF7D7915F4A8EC46CB20FF3B82ED5C8D30F5A4CAA07E0C8CCEE173FC59C3444CEB672220B98F8065A9DD5244BAAA6D44347100D2D4FABC8FB7E6746848E0E9CFD2C6AD701D5F0BA233
-20210510230510 2 6 100 4095 2 C0CF9D192A5E67E12DB4EBB35F3DD5A93041B217DDC24746828F760867A58487DCC1318CEB5929A76AB776A38F78415D03207716AFB66462B964A8B64E26D54306DFC888AF824BD68D46FD93EB19835F5CA576CDF7D57281B5A2D443CA10B94C9D091680FAE8AFDC9E862E7B8AA8EB9C5964A7A6DCF33D07735325CDC0AC2E0CB1AD72398FD23D9F375C766E55060C7E9556F16933363BD73288755FCFBE99FBEF5FEF5CDBE525AC7C1AB26CE56316568FA790082931F4015CE0BB432797A80617BEF82B448D8CF568A2EEF1CC594A4CAB3FAE7CB97866833D9BD646BB4A6850AAC1D6C8011C486C9FAB4AF5FB7C1591734B3D9FB3F46E6A07F61D1AA78B19B4C96AAE67ABCDC1218D205277054711CD88C39D93913AAFED002C96950852971C044779E8C44452321A72B50802658F1E62759B5155AE21FDC3F0CBFA1BF06E35147ED4E328E1D6FFF1BC67CE4EC4D7872797759891D74E53BD496BD7E54C6F28E8E2D60E0CC5381E136465C551BA03B91D112F50F4F84208C2AE35C7CE712F230539E5CE5211D87C56074EC6E53A0A1FFB811B9580F7045D14B89C0E6CEC5B12834317944BB2D743926BD2EFF4D8CD19E7A85C58E0CD4BAF7D7915F4A8EC46CB20FF3B82ED5C8D30F5A4CAA07E0C8CCEE173FC59C3444CEB672220B98F8065A9DD5244BAAA6D44347100D2D4FABC8FB7E6746848E0E9CFD2C6AD701D604292FB
-20210510231041 2 6 100 4095 2 C0CF9D192A5E67E12DB4EBB35F3DD5A93041B217DDC24746828F760867A58487DCC1318CEB5929A76AB776A38F78415D03207716AFB66462B964A8B64E26D54306DFC888AF824BD68D46FD93EB19835F5CA576CDF7D57281B5A2D443CA10B94C9D091680FAE8AFDC9E862E7B8AA8EB9C5964A7A6DCF33D07735325CDC0AC2E0CB1AD72398FD23D9F375C766E55060C7E9556F16933363BD73288755FCFBE99FBEF5FEF5CDBE525AC7C1AB26CE56316568FA790082931F4015CE0BB432797A80617BEF82B448D8CF568A2EEF1CC594A4CAB3FAE7CB97866833D9BD646BB4A6850AAC1D6C8011C486C9FAB4AF5FB7C1591734B3D9FB3F46E6A07F61D1AA78B19B4C96AAE67ABCDC1218D205277054711CD88C39D93913AAFED002C96950852971C044779E8C44452321A72B50802658F1E62759B5155AE21FDC3F0CBFA1BF06E35147ED4E328E1D6FFF1BC67CE4EC4D7872797759891D74E53BD496BD7E54C6F28E8E2D60E0CC5381E136465C551BA03B91D112F50F4F84208C2AE35C7CE712F230539E5CE5211D87C56074EC6E53A0A1FFB811B9580F7045D14B89C0E6CEC5B12834317944BB2D743926BD2EFF4D8CD19E7A85C58E0CD4BAF7D7915F4A8EC46CB20FF3B82ED5C8D30F5A4CAA07E0C8CCEE173FC59C3444CEB672220B98F8065A9DD5244BAAA6D44347100D2D4FABC8FB7E6746848E0E9CFD2C6AD701D609E882B
-20210510232117 2 6 100 4095 2 C0CF9D192A5E67E12DB4EBB35F3DD5A93041B217DDC24746828F760867A58487DCC1318CEB5929A76AB776A38F78415D03207716AFB66462B964A8B64E26D54306DFC888AF824BD68D46FD93EB19835F5CA576CDF7D57281B5A2D443CA10B94C9D091680FAE8AFDC9E862E7B8AA8EB9C5964A7A6DCF33D07735325CDC0AC2E0CB1AD72398FD23D9F375C766E55060C7E9556F16933363BD73288755FCFBE99FBEF5FEF5CDBE525AC7C1AB26CE56316568FA790082931F4015CE0BB432797A80617BEF82B448D8CF568A2EEF1CC594A4CAB3FAE7CB97866833D9BD646BB4A6850AAC1D6C8011C486C9FAB4AF5FB7C1591734B3D9FB3F46E6A07F61D1AA78B19B4C96AAE67ABCDC1218D205277054711CD88C39D93913AAFED002C96950852971C044779E8C44452321A72B50802658F1E62759B5155AE21FDC3F0CBFA1BF06E35147ED4E328E1D6FFF1BC67CE4EC4D7872797759891D74E53BD496BD7E54C6F28E8E2D60E0CC5381E136465C551BA03B91D112F50F4F84208C2AE35C7CE712F230539E5CE5211D87C56074EC6E53A0A1FFB811B9580F7045D14B89C0E6CEC5B12834317944BB2D743926BD2EFF4D8CD19E7A85C58E0CD4BAF7D7915F4A8EC46CB20FF3B82ED5C8D30F5A4CAA07E0C8CCEE173FC59C3444CEB672220B98F8065A9DD5244BAAA6D44347100D2D4FABC8FB7E6746848E0E9CFD2C6AD701D61508923
-20210510232533 2 6 100 4095 5 C0CF9D192A5E67E12DB4EBB35F3DD5A93041B217DDC24746828F760867A58487DCC1318CEB5929A76AB776A38F78415D03207716AFB66462B964A8B64E26D54306DFC888AF824BD68D46FD93EB19835F5CA576CDF7D57281B5A2D443CA10B94C9D091680FAE8AFDC9E862E7B8AA8EB9C5964A7A6DCF33D07735325CDC0AC2E0CB1AD72398FD23D9F375C766E55060C7E9556F16933363BD73288755FCFBE99FBEF5FEF5CDBE525AC7C1AB26CE56316568FA790082931F4015CE0BB432797A80617BEF82B448D8CF568A2EEF1CC594A4CAB3FAE7CB97866833D9BD646BB4A6850AAC1D6C8011C486C9FAB4AF5FB7C1591734B3D9FB3F46E6A07F61D1AA78B19B4C96AAE67ABCDC1218D205277054711CD88C39D93913AAFED002C96950852971C044779E8C44452321A72B50802658F1E62759B5155AE21FDC3F0CBFA1BF06E35147ED4E328E1D6FFF1BC67CE4EC4D7872797759891D74E53BD496BD7E54C6F28E8E2D60E0CC5381E136465C551BA03B91D112F50F4F84208C2AE35C7CE712F230539E5CE5211D87C56074EC6E53A0A1FFB811B9580F7045D14B89C0E6CEC5B12834317944BB2D743926BD2EFF4D8CD19E7A85C58E0CD4BAF7D7915F4A8EC46CB20FF3B82ED5C8D30F5A4CAA07E0C8CCEE173FC59C3444CEB672220B98F8065A9DD5244BAAA6D44347100D2D4FABC8FB7E6746848E0E9CFD2C6AD701D619565D7
-20210510232612 2 6 100 4095 5 C0CF9D192A5E67E12DB4EBB35F3DD5A93041B217DDC24746828F760867A58487DCC1318CEB5929A76AB776A38F78415D03207716AFB66462B964A8B64E26D54306DFC888AF824BD68D46FD93EB19835F5CA576CDF7D57281B5A2D443CA10B94C9D091680FAE8AFDC9E862E7B8AA8EB9C5964A7A6DCF33D07735325CDC0AC2E0CB1AD72398FD23D9F375C766E55060C7E9556F16933363BD73288755FCFBE99FBEF5FEF5CDBE525AC7C1AB26CE56316568FA790082931F4015CE0BB432797A80617BEF82B448D8CF568A2EEF1CC594A4CAB3FAE7CB97866833D9BD646BB4A6850AAC1D6C8011C486C9FAB4AF5FB7C1591734B3D9FB3F46E6A07F61D1AA78B19B4C96AAE67ABCDC1218D205277054711CD88C39D93913AAFED002C96950852971C044779E8C44452321A72B50802658F1E62759B5155AE21FDC3F0CBFA1BF06E35147ED4E328E1D6FFF1BC67CE4EC4D7872797759891D74E53BD496BD7E54C6F28E8E2D60E0CC5381E136465C551BA03B91D112F50F4F84208C2AE35C7CE712F230539E5CE5211D87C56074EC6E53A0A1FFB811B9580F7045D14B89C0E6CEC5B12834317944BB2D743926BD2EFF4D8CD19E7A85C58E0CD4BAF7D7915F4A8EC46CB20FF3B82ED5C8D30F5A4CAA07E0C8CCEE173FC59C3444CEB672220B98F8065A9DD5244BAAA6D44347100D2D4FABC8FB7E6746848E0E9CFD2C6AD701D6198BB57
-20210510235513 2 6 100 4095 2 C0CF9D192A5E67E12DB4EBB35F3DD5A93041B217DDC24746828F760867A58487DCC1318CEB5929A76AB776A38F78415D03207716AFB66462B964A8B64E26D54306DFC888AF824BD68D46FD93EB19835F5CA576CDF7D57281B5A2D443CA10B94C9D091680FAE8AFDC9E862E7B8AA8EB9C5964A7A6DCF33D07735325CDC0AC2E0CB1AD72398FD23D9F375C766E55060C7E9556F16933363BD73288755FCFBE99FBEF5FEF5CDBE525AC7C1AB26CE56316568FA790082931F4015CE0BB432797A80617BEF82B448D8CF568A2EEF1CC594A4CAB3FAE7CB97866833D9BD646BB4A6850AAC1D6C8011C486C9FAB4AF5FB7C1591734B3D9FB3F46E6A07F61D1AA78B19B4C96AAE67ABCDC1218D205277054711CD88C39D93913AAFED002C96950852971C044779E8C44452321A72B50802658F1E62759B5155AE21FDC3F0CBFA1BF06E35147ED4E328E1D6FFF1BC67CE4EC4D7872797759891D74E53BD496BD7E54C6F28E8E2D60E0CC5381E136465C551BA03B91D112F50F4F84208C2AE35C7CE712F230539E5CE5211D87C56074EC6E53A0A1FFB811B9580F7045D14B89C0E6CEC5B12834317944BB2D743926BD2EFF4D8CD19E7A85C58E0CD4BAF7D7915F4A8EC46CB20FF3B82ED5C8D30F5A4CAA07E0C8CCEE173FC59C3444CEB672220B98F8065A9DD5244BAAA6D44347100D2D4FABC8FB7E6746848E0E9CFD2C6AD701D63970EA3
-20210511001630 2 6 100 4095 5 C0CF9D192A5E67E12DB4EBB35F3DD5A93041B217DDC24746828F760867A58487DCC1318CEB5929A76AB776A38F78415D03207716AFB66462B964A8B64E26D54306DFC888AF824BD68D46FD93EB19835F5CA576CDF7D57281B5A2D443CA10B94C9D091680FAE8AFDC9E862E7B8AA8EB9C5964A7A6DCF33D07735325CDC0AC2E0CB1AD72398FD23D9F375C766E55060C7E9556F16933363BD73288755FCFBE99FBEF5FEF5CDBE525AC7C1AB26CE56316568FA790082931F4015CE0BB432797A80617BEF82B448D8CF568A2EEF1CC594A4CAB3FAE7CB97866833D9BD646BB4A6850AAC1D6C8011C486C9FAB4AF5FB7C1591734B3D9FB3F46E6A07F61D1AA78B19B4C96AAE67ABCDC1218D205277054711CD88C39D93913AAFED002C96950852971C044779E8C44452321A72B50802658F1E62759B5155AE21FDC3F0CBFA1BF06E35147ED4E328E1D6FFF1BC67CE4EC4D7872797759891D74E53BD496BD7E54C6F28E8E2D60E0CC5381E136465C551BA03B91D112F50F4F84208C2AE35C7CE712F230539E5CE5211D87C56074EC6E53A0A1FFB811B9580F7045D14B89C0E6CEC5B12834317944BB2D743926BD2EFF4D8CD19E7A85C58E0CD4BAF7D7915F4A8EC46CB20FF3B82ED5C8D30F5A4CAA07E0C8CCEE173FC59C3444CEB672220B98F8065A9DD5244BAAA6D44347100D2D4FABC8FB7E6746848E0E9CFD2C6AD701D650D625F
-20210511002532 2 6 100 4095 2 C0CF9D192A5E67E12DB4EBB35F3DD5A93041B217DDC24746828F760867A58487DCC1318CEB5929A76AB776A38F78415D03207716AFB66462B964A8B64E26D54306DFC888AF824BD68D46FD93EB19835F5CA576CDF7D57281B5A2D443CA10B94C9D091680FAE8AFDC9E862E7B8AA8EB9C5964A7A6DCF33D07735325CDC0AC2E0CB1AD72398FD23D9F375C766E55060C7E9556F16933363BD73288755FCFBE99FBEF5FEF5CDBE525AC7C1AB26CE56316568FA790082931F4015CE0BB432797A80617BEF82B448D8CF568A2EEF1CC594A4CAB3FAE7CB97866833D9BD646BB4A6850AAC1D6C8011C486C9FAB4AF5FB7C1591734B3D9FB3F46E6A07F61D1AA78B19B4C96AAE67ABCDC1218D205277054711CD88C39D93913AAFED002C96950852971C044779E8C44452321A72B50802658F1E62759B5155AE21FDC3F0CBFA1BF06E35147ED4E328E1D6FFF1BC67CE4EC4D7872797759891D74E53BD496BD7E54C6F28E8E2D60E0CC5381E136465C551BA03B91D112F50F4F84208C2AE35C7CE712F230539E5CE5211D87C56074EC6E53A0A1FFB811B9580F7045D14B89C0E6CEC5B12834317944BB2D743926BD2EFF4D8CD19E7A85C58E0CD4BAF7D7915F4A8EC46CB20FF3B82ED5C8D30F5A4CAA07E0C8CCEE173FC59C3444CEB672220B98F8065A9DD5244BAAA6D44347100D2D4FABC8FB7E6746848E0E9CFD2C6AD701D65AD01CB
-20210511002655 2 6 100 4095 5 C0CF9D192A5E67E12DB4EBB35F3DD5A93041B217DDC24746828F760867A58487DCC1318CEB5929A76AB776A38F78415D03207716AFB66462B964A8B64E26D54306DFC888AF824BD68D46FD93EB19835F5CA576CDF7D57281B5A2D443CA10B94C9D091680FAE8AFDC9E862E7B8AA8EB9C5964A7A6DCF33D07735325CDC0AC2E0CB1AD72398FD23D9F375C766E55060C7E9556F16933363BD73288755FCFBE99FBEF5FEF5CDBE525AC7C1AB26CE56316568FA790082931F4015CE0BB432797A80617BEF82B448D8CF568A2EEF1CC594A4CAB3FAE7CB97866833D9BD646BB4A6850AAC1D6C8011C486C9FAB4AF5FB7C1591734B3D9FB3F46E6A07F61D1AA78B19B4C96AAE67ABCDC1218D205277054711CD88C39D93913AAFED002C96950852971C044779E8C44452321A72B50802658F1E62759B5155AE21FDC3F0CBFA1BF06E35147ED4E328E1D6FFF1BC67CE4EC4D7872797759891D74E53BD496BD7E54C6F28E8E2D60E0CC5381E136465C551BA03B91D112F50F4F84208C2AE35C7CE712F230539E5CE5211D87C56074EC6E53A0A1FFB811B9580F7045D14B89C0E6CEC5B12834317944BB2D743926BD2EFF4D8CD19E7A85C58E0CD4BAF7D7915F4A8EC46CB20FF3B82ED5C8D30F5A4CAA07E0C8CCEE173FC59C3444CEB672220B98F8065A9DD5244BAAA6D44347100D2D4FABC8FB7E6746848E0E9CFD2C6AD701D65BD0E3F
-20210511004533 2 6 100 4095 5 C0CF9D192A5E67E12DB4EBB35F3DD5A93041B217DDC24746828F760867A58487DCC1318CEB5929A76AB776A38F78415D03207716AFB66462B964A8B64E26D54306DFC888AF824BD68D46FD93EB19835F5CA576CDF7D57281B5A2D443CA10B94C9D091680FAE8AFDC9E862E7B8AA8EB9C5964A7A6DCF33D07735325CDC0AC2E0CB1AD72398FD23D9F375C766E55060C7E9556F16933363BD73288755FCFBE99FBEF5FEF5CDBE525AC7C1AB26CE56316568FA790082931F4015CE0BB432797A80617BEF82B448D8CF568A2EEF1CC594A4CAB3FAE7CB97866833D9BD646BB4A6850AAC1D6C8011C486C9FAB4AF5FB7C1591734B3D9FB3F46E6A07F61D1AA78B19B4C96AAE67ABCDC1218D205277054711CD88C39D93913AAFED002C96950852971C044779E8C44452321A72B50802658F1E62759B5155AE21FDC3F0CBFA1BF06E35147ED4E328E1D6FFF1BC67CE4EC4D7872797759891D74E53BD496BD7E54C6F28E8E2D60E0CC5381E136465C551BA03B91D112F50F4F84208C2AE35C7CE712F230539E5CE5211D87C56074EC6E53A0A1FFB811B9580F7045D14B89C0E6CEC5B12834317944BB2D743926BD2EFF4D8CD19E7A85C58E0CD4BAF7D7915F4A8EC46CB20FF3B82ED5C8D30F5A4CAA07E0C8CCEE173FC59C3444CEB672220B98F8065A9DD5244BAAA6D44347100D2D4FABC8FB7E6746848E0E9CFD2C6AD701D6707A94F
-20210511005704 2 6 100 4095 5 C0CF9D192A5E67E12DB4EBB35F3DD5A93041B217DDC24746828F760867A58487DCC1318CEB5929A76AB776A38F78415D03207716AFB66462B964A8B64E26D54306DFC888AF824BD68D46FD93EB19835F5CA576CDF7D57281B5A2D443CA10B94C9D091680FAE8AFDC9E862E7B8AA8EB9C5964A7A6DCF33D07735325CDC0AC2E0CB1AD72398FD23D9F375C766E55060C7E9556F16933363BD73288755FCFBE99FBEF5FEF5CDBE525AC7C1AB26CE56316568FA790082931F4015CE0BB432797A80617BEF82B448D8CF568A2EEF1CC594A4CAB3FAE7CB97866833D9BD646BB4A6850AAC1D6C8011C486C9FAB4AF5FB7C1591734B3D9FB3F46E6A07F61D1AA78B19B4C96AAE67ABCDC1218D205277054711CD88C39D93913AAFED002C96950852971C044779E8C44452321A72B50802658F1E62759B5155AE21FDC3F0CBFA1BF06E35147ED4E328E1D6FFF1BC67CE4EC4D7872797759891D74E53BD496BD7E54C6F28E8E2D60E0CC5381E136465C551BA03B91D112F50F4F84208C2AE35C7CE712F230539E5CE5211D87C56074EC6E53A0A1FFB811B9580F7045D14B89C0E6CEC5B12834317944BB2D743926BD2EFF4D8CD19E7A85C58E0CD4BAF7D7915F4A8EC46CB20FF3B82ED5C8D30F5A4CAA07E0C8CCEE173FC59C3444CEB672220B98F8065A9DD5244BAAA6D44347100D2D4FABC8FB7E6746848E0E9CFD2C6AD701D67CFB01F
-20210511011635 2 6 100 4095 5 C0CF9D192A5E67E12DB4EBB35F3DD5A93041B217DDC24746828F760867A58487DCC1318CEB5929A76AB776A38F78415D03207716AFB66462B964A8B64E26D54306DFC888AF824BD68D46FD93EB19835F5CA576CDF7D57281B5A2D443CA10B94C9D091680FAE8AFDC9E862E7B8AA8EB9C5964A7A6DCF33D07735325CDC0AC2E0CB1AD72398FD23D9F375C766E55060C7E9556F16933363BD73288755FCFBE99FBEF5FEF5CDBE525AC7C1AB26CE56316568FA790082931F4015CE0BB432797A80617BEF82B448D8CF568A2EEF1CC594A4CAB3FAE7CB97866833D9BD646BB4A6850AAC1D6C8011C486C9FAB4AF5FB7C1591734B3D9FB3F46E6A07F61D1AA78B19B4C96AAE67ABCDC1218D205277054711CD88C39D93913AAFED002C96950852971C044779E8C44452321A72B50802658F1E62759B5155AE21FDC3F0CBFA1BF06E35147ED4E328E1D6FFF1BC67CE4EC4D7872797759891D74E53BD496BD7E54C6F28E8E2D60E0CC5381E136465C551BA03B91D112F50F4F84208C2AE35C7CE712F230539E5CE5211D87C56074EC6E53A0A1FFB811B9580F7045D14B89C0E6CEC5B12834317944BB2D743926BD2EFF4D8CD19E7A85C58E0CD4BAF7D7915F4A8EC46CB20FF3B82ED5C8D30F5A4CAA07E0C8CCEE173FC59C3444CEB672220B98F8065A9DD5244BAAA6D44347100D2D4FABC8FB7E6746848E0E9CFD2C6AD701D6922CFE7
-20210511012416 2 6 100 4095 5 C0CF9D192A5E67E12DB4EBB35F3DD5A93041B217DDC24746828F760867A58487DCC1318CEB5929A76AB776A38F78415D03207716AFB66462B964A8B64E26D54306DFC888AF824BD68D46FD93EB19835F5CA576CDF7D57281B5A2D443CA10B94C9D091680FAE8AFDC9E862E7B8AA8EB9C5964A7A6DCF33D07735325CDC0AC2E0CB1AD72398FD23D9F375C766E55060C7E9556F16933363BD73288755FCFBE99FBEF5FEF5CDBE525AC7C1AB26CE56316568FA790082931F4015CE0BB432797A80617BEF82B448D8CF568A2EEF1CC594A4CAB3FAE7CB97866833D9BD646BB4A6850AAC1D6C8011C486C9FAB4AF5FB7C1591734B3D9FB3F46E6A07F61D1AA78B19B4C96AAE67ABCDC1218D205277054711CD88C39D93913AAFED002C96950852971C044779E8C44452321A72B50802658F1E62759B5155AE21FDC3F0CBFA1BF06E35147ED4E328E1D6FFF1BC67CE4EC4D7872797759891D74E53BD496BD7E54C6F28E8E2D60E0CC5381E136465C551BA03B91D112F50F4F84208C2AE35C7CE712F230539E5CE5211D87C56074EC6E53A0A1FFB811B9580F7045D14B89C0E6CEC5B12834317944BB2D743926BD2EFF4D8CD19E7A85C58E0CD4BAF7D7915F4A8EC46CB20FF3B82ED5C8D30F5A4CAA07E0C8CCEE173FC59C3444CEB672220B98F8065A9DD5244BAAA6D44347100D2D4FABC8FB7E6746848E0E9CFD2C6AD701D69A4C92F
-20210511012915 2 6 100 4095 2 C0CF9D192A5E67E12DB4EBB35F3DD5A93041B217DDC24746828F760867A58487DCC1318CEB5929A76AB776A38F78415D03207716AFB66462B964A8B64E26D54306DFC888AF824BD68D46FD93EB19835F5CA576CDF7D57281B5A2D443CA10B94C9D091680FAE8AFDC9E862E7B8AA8EB9C5964A7A6DCF33D07735325CDC0AC2E0CB1AD72398FD23D9F375C766E55060C7E9556F16933363BD73288755FCFBE99FBEF5FEF5CDBE525AC7C1AB26CE56316568FA790082931F4015CE0BB432797A80617BEF82B448D8CF568A2EEF1CC594A4CAB3FAE7CB97866833D9BD646BB4A6850AAC1D6C8011C486C9FAB4AF5FB7C1591734B3D9FB3F46E6A07F61D1AA78B19B4C96AAE67ABCDC1218D205277054711CD88C39D93913AAFED002C96950852971C044779E8C44452321A72B50802658F1E62759B5155AE21FDC3F0CBFA1BF06E35147ED4E328E1D6FFF1BC67CE4EC4D7872797759891D74E53BD496BD7E54C6F28E8E2D60E0CC5381E136465C551BA03B91D112F50F4F84208C2AE35C7CE712F230539E5CE5211D87C56074EC6E53A0A1FFB811B9580F7045D14B89C0E6CEC5B12834317944BB2D743926BD2EFF4D8CD19E7A85C58E0CD4BAF7D7915F4A8EC46CB20FF3B82ED5C8D30F5A4CAA07E0C8CCEE173FC59C3444CEB672220B98F8065A9DD5244BAAA6D44347100D2D4FABC8FB7E6746848E0E9CFD2C6AD701D69F74C0B
-20210511102814 2 6 100 6143 5 EE2D1C3A0CC149C6675914AEFB8A3B27C939CB721B7D7D2AECDF4464406D6B59DF4C01ABE292F37396B097215BCF049F98D5B7CBA342EF5DFE31668084E83E783AC5C21CB152C08EE0BBAB4CC8F261AFD378F97D5044BC6BD3E555ADCF508ABC26E4CAF8D0B84EDDA7E78B56B89A497BC4D5A1D5C14D1A535777D4BBA17540B64F3E2695C5B134275A2F94D1388C0F666573454ED38B3E0CAA04BF5551662A429B54153795935493FE7E3C8130EE4568A278C2FF362D070FA4D10462B347E382EE340DF1EBBDBFEFAD66AB4B2296E982EC7F0947F6BF7845E8C40F9A7B4934727781E2D129C2E055227C3CD063BBFF14DE2958D6B4D3D3EF54ECA8757C3D102B98B6C97BE8087FE6B8ABC4B7D61AB491842E37A53890081C73359B4B878570BE3B30E557B819DBEC06F1291965419B7EAD74F1ADF900E771781024B44E5669DDA88FD9C62496764EA5CE3E791EB4CCDA3E4B665355C9EC92EF18046331332886B79DC3710C36F02D2EB260246AE83459514EF00FC5857CAC8562D4DD522FA4575ECD1BACA7313A1C91F72863DFC8AF0732C9025862525CF33E5EC545D356C620C70F16D2BDD22A9BD9A25469D21C70D437FA08ED36550A2EEEF3545EFDC5A0C0FCC1070A99B2D5EFC1A32D764AEE21DC38FD6086813C01F09298B41B3EFC7F34DB201EC538901C8E05A3B3295519042CF631226BBAF9A9F8A3C4BD6B00E24CD048A14ACA7C8B9EC1C1931853909EFF8B1FBCA46C9CB9E42BE7253E7F25A97C6D50E970EF8CEFE1C70C8A3254F5402F3DCC62A5A34B477A8B452352B6CB2BFC1F372130DBC4960DCD20088DB50B39998ECCB0CD2F797F7267529DB9A63B7BE8691F9B6155EFFAEEBDB8EE7FCA2EDD9DCC92B5DDCF536E87DA064010A15CA505885DEC6499E4B1408580A3F854E1C50BEA96D4B47D9022B004F426F1F69C7580573F60BA80045BA799FB486C1AB3E363D75DA7C2BE5E256001E728B4850BA99184068CFF7A87B25C95F43E17B35BEBFA4711A1307EA545B1BA97D13F752EB7CD6F42BA4776098D71C02E4961480D18AE898D2EBCD61E897041CB1A7056C4ADADD7
-20210511104622 2 6 100 6143 2 EE2D1C3A0CC149C6675914AEFB8A3B27C939CB721B7D7D2AECDF4464406D6B59DF4C01ABE292F37396B097215BCF049F98D5B7CBA342EF5DFE31668084E83E783AC5C21CB152C08EE0BBAB4CC8F261AFD378F97D5044BC6BD3E555ADCF508ABC26E4CAF8D0B84EDDA7E78B56B89A497BC4D5A1D5C14D1A535777D4BBA17540B64F3E2695C5B134275A2F94D1388C0F666573454ED38B3E0CAA04BF5551662A429B54153795935493FE7E3C8130EE4568A278C2FF362D070FA4D10462B347E382EE340DF1EBBDBFEFAD66AB4B2296E982EC7F0947F6BF7845E8C40F9A7B4934727781E2D129C2E055227C3CD063BBFF14DE2958D6B4D3D3EF54ECA8757C3D102B98B6C97BE8087FE6B8ABC4B7D61AB491842E37A53890081C73359B4B878570BE3B30E557B819DBEC06F1291965419B7EAD74F1ADF900E771781024B44E5669DDA88FD9C62496764EA5CE3E791EB4CCDA3E4B665355C9EC92EF18046331332886B79DC3710C36F02D2EB260246AE83459514EF00FC5857CAC8562D4DD522FA4575ECD1BACA7313A1C91F72863DFC8AF0732C9025862525CF33E5EC545D356C620C70F16D2BDD22A9BD9A25469D21C70D437FA08ED36550A2EEEF3545EFDC5A0C0FCC1070A99B2D5EFC1A32D764AEE21DC38FD6086813C01F09298B41B3EFC7F34DB201EC538901C8E05A3B3295519042CF631226BBAF9A9F8A3C4BD6B00E24CD048A14ACA7C8B9EC1C1931853909EFF8B1FBCA46C9CB9E42BE7253E7F25A97C6D50E970EF8CEFE1C70C8A3254F5402F3DCC62A5A34B477A8B452352B6CB2BFC1F372130DBC4960DCD20088DB50B39998ECCB0CD2F797F7267529DB9A63B7BE8691F9B6155EFFAEEBDB8EE7FCA2EDD9DCC92B5DDCF536E87DA064010A15CA505885DEC6499E4B1408580A3F854E1C50BEA96D4B47D9022B004F426F1F69C7580573F60BA80045BA799FB486C1AB3E363D75DA7C2BE5E256001E728B4850BA99184068CFF7A87B25C95F43E17B35BEBFA4711A1307EA545B1BA97D13F752EB7CD6F42BA4776098D71C02E4961480D18AE898D2EBCD61E897041CB1A7056C75C31DB
-20210511105027 2 6 100 6143 2 EE2D1C3A0CC149C6675914AEFB8A3B27C939CB721B7D7D2AECDF4464406D6B59DF4C01ABE292F37396B097215BCF049F98D5B7CBA342EF5DFE31668084E83E783AC5C21CB152C08EE0BBAB4CC8F261AFD378F97D5044BC6BD3E555ADCF508ABC26E4CAF8D0B84EDDA7E78B56B89A497BC4D5A1D5C14D1A535777D4BBA17540B64F3E2695C5B134275A2F94D1388C0F666573454ED38B3E0CAA04BF5551662A429B54153795935493FE7E3C8130EE4568A278C2FF362D070FA4D10462B347E382EE340DF1EBBDBFEFAD66AB4B2296E982EC7F0947F6BF7845E8C40F9A7B4934727781E2D129C2E055227C3CD063BBFF14DE2958D6B4D3D3EF54ECA8757C3D102B98B6C97BE8087FE6B8ABC4B7D61AB491842E37A53890081C73359B4B878570BE3B30E557B819DBEC06F1291965419B7EAD74F1ADF900E771781024B44E5669DDA88FD9C62496764EA5CE3E791EB4CCDA3E4B665355C9EC92EF18046331332886B79DC3710C36F02D2EB260246AE83459514EF00FC5857CAC8562D4DD522FA4575ECD1BACA7313A1C91F72863DFC8AF0732C9025862525CF33E5EC545D356C620C70F16D2BDD22A9BD9A25469D21C70D437FA08ED36550A2EEEF3545EFDC5A0C0FCC1070A99B2D5EFC1A32D764AEE21DC38FD6086813C01F09298B41B3EFC7F34DB201EC538901C8E05A3B3295519042CF631226BBAF9A9F8A3C4BD6B00E24CD048A14ACA7C8B9EC1C1931853909EFF8B1FBCA46C9CB9E42BE7253E7F25A97C6D50E970EF8CEFE1C70C8A3254F5402F3DCC62A5A34B477A8B452352B6CB2BFC1F372130DBC4960DCD20088DB50B39998ECCB0CD2F797F7267529DB9A63B7BE8691F9B6155EFFAEEBDB8EE7FCA2EDD9DCC92B5DDCF536E87DA064010A15CA505885DEC6499E4B1408580A3F854E1C50BEA96D4B47D9022B004F426F1F69C7580573F60BA80045BA799FB486C1AB3E363D75DA7C2BE5E256001E728B4850BA99184068CFF7A87B25C95F43E17B35BEBFA4711A1307EA545B1BA97D13F752EB7CD6F42BA4776098D71C02E4961480D18AE898D2EBCD61E897041CB1A7056C7F679E3
-20210511110103 2 6 100 6143 5 EE2D1C3A0CC149C6675914AEFB8A3B27C939CB721B7D7D2AECDF4464406D6B59DF4C01ABE292F37396B097215BCF049F98D5B7CBA342EF5DFE31668084E83E783AC5C21CB152C08EE0BBAB4CC8F261AFD378F97D5044BC6BD3E555ADCF508ABC26E4CAF8D0B84EDDA7E78B56B89A497BC4D5A1D5C14D1A535777D4BBA17540B64F3E2695C5B134275A2F94D1388C0F666573454ED38B3E0CAA04BF5551662A429B54153795935493FE7E3C8130EE4568A278C2FF362D070FA4D10462B347E382EE340DF1EBBDBFEFAD66AB4B2296E982EC7F0947F6BF7845E8C40F9A7B4934727781E2D129C2E055227C3CD063BBFF14DE2958D6B4D3D3EF54ECA8757C3D102B98B6C97BE8087FE6B8ABC4B7D61AB491842E37A53890081C73359B4B878570BE3B30E557B819DBEC06F1291965419B7EAD74F1ADF900E771781024B44E5669DDA88FD9C62496764EA5CE3E791EB4CCDA3E4B665355C9EC92EF18046331332886B79DC3710C36F02D2EB260246AE83459514EF00FC5857CAC8562D4DD522FA4575ECD1BACA7313A1C91F72863DFC8AF0732C9025862525CF33E5EC545D356C620C70F16D2BDD22A9BD9A25469D21C70D437FA08ED36550A2EEEF3545EFDC5A0C0FCC1070A99B2D5EFC1A32D764AEE21DC38FD6086813C01F09298B41B3EFC7F34DB201EC538901C8E05A3B3295519042CF631226BBAF9A9F8A3C4BD6B00E24CD048A14ACA7C8B9EC1C1931853909EFF8B1FBCA46C9CB9E42BE7253E7F25A97C6D50E970EF8CEFE1C70C8A3254F5402F3DCC62A5A34B477A8B452352B6CB2BFC1F372130DBC4960DCD20088DB50B39998ECCB0CD2F797F7267529DB9A63B7BE8691F9B6155EFFAEEBDB8EE7FCA2EDD9DCC92B5DDCF536E87DA064010A15CA505885DEC6499E4B1408580A3F854E1C50BEA96D4B47D9022B004F426F1F69C7580573F60BA80045BA799FB486C1AB3E363D75DA7C2BE5E256001E728B4850BA99184068CFF7A87B25C95F43E17B35BEBFA4711A1307EA545B1BA97D13F752EB7CD6F42BA4776098D71C02E4961480D18AE898D2EBCD61E897041CB1A7056C98961DF
-20210511113326 2 6 100 6143 2 EE2D1C3A0CC149C6675914AEFB8A3B27C939CB721B7D7D2AECDF4464406D6B59DF4C01ABE292F37396B097215BCF049F98D5B7CBA342EF5DFE31668084E83E783AC5C21CB152C08EE0BBAB4CC8F261AFD378F97D5044BC6BD3E555ADCF508ABC26E4CAF8D0B84EDDA7E78B56B89A497BC4D5A1D5C14D1A535777D4BBA17540B64F3E2695C5B134275A2F94D1388C0F666573454ED38B3E0CAA04BF5551662A429B54153795935493FE7E3C8130EE4568A278C2FF362D070FA4D10462B347E382EE340DF1EBBDBFEFAD66AB4B2296E982EC7F0947F6BF7845E8C40F9A7B4934727781E2D129C2E055227C3CD063BBFF14DE2958D6B4D3D3EF54ECA8757C3D102B98B6C97BE8087FE6B8ABC4B7D61AB491842E37A53890081C73359B4B878570BE3B30E557B819DBEC06F1291965419B7EAD74F1ADF900E771781024B44E5669DDA88FD9C62496764EA5CE3E791EB4CCDA3E4B665355C9EC92EF18046331332886B79DC3710C36F02D2EB260246AE83459514EF00FC5857CAC8562D4DD522FA4575ECD1BACA7313A1C91F72863DFC8AF0732C9025862525CF33E5EC545D356C620C70F16D2BDD22A9BD9A25469D21C70D437FA08ED36550A2EEEF3545EFDC5A0C0FCC1070A99B2D5EFC1A32D764AEE21DC38FD6086813C01F09298B41B3EFC7F34DB201EC538901C8E05A3B3295519042CF631226BBAF9A9F8A3C4BD6B00E24CD048A14ACA7C8B9EC1C1931853909EFF8B1FBCA46C9CB9E42BE7253E7F25A97C6D50E970EF8CEFE1C70C8A3254F5402F3DCC62A5A34B477A8B452352B6CB2BFC1F372130DBC4960DCD20088DB50B39998ECCB0CD2F797F7267529DB9A63B7BE8691F9B6155EFFAEEBDB8EE7FCA2EDD9DCC92B5DDCF536E87DA064010A15CA505885DEC6499E4B1408580A3F854E1C50BEA96D4B47D9022B004F426F1F69C7580573F60BA80045BA799FB486C1AB3E363D75DA7C2BE5E256001E728B4850BA99184068CFF7A87B25C95F43E17B35BEBFA4711A1307EA545B1BA97D13F752EB7CD6F42BA4776098D71C02E4961480D18AE898D2EBCD61E897041CB1A7056CE694ADB
-20210511113553 2 6 100 6143 2 EE2D1C3A0CC149C6675914AEFB8A3B27C939CB721B7D7D2AECDF4464406D6B59DF4C01ABE292F37396B097215BCF049F98D5B7CBA342EF5DFE31668084E83E783AC5C21CB152C08EE0BBAB4CC8F261AFD378F97D5044BC6BD3E555ADCF508ABC26E4CAF8D0B84EDDA7E78B56B89A497BC4D5A1D5C14D1A535777D4BBA17540B64F3E2695C5B134275A2F94D1388C0F666573454ED38B3E0CAA04BF5551662A429B54153795935493FE7E3C8130EE4568A278C2FF362D070FA4D10462B347E382EE340DF1EBBDBFEFAD66AB4B2296E982EC7F0947F6BF7845E8C40F9A7B4934727781E2D129C2E055227C3CD063BBFF14DE2958D6B4D3D3EF54ECA8757C3D102B98B6C97BE8087FE6B8ABC4B7D61AB491842E37A53890081C73359B4B878570BE3B30E557B819DBEC06F1291965419B7EAD74F1ADF900E771781024B44E5669DDA88FD9C62496764EA5CE3E791EB4CCDA3E4B665355C9EC92EF18046331332886B79DC3710C36F02D2EB260246AE83459514EF00FC5857CAC8562D4DD522FA4575ECD1BACA7313A1C91F72863DFC8AF0732C9025862525CF33E5EC545D356C620C70F16D2BDD22A9BD9A25469D21C70D437FA08ED36550A2EEEF3545EFDC5A0C0FCC1070A99B2D5EFC1A32D764AEE21DC38FD6086813C01F09298B41B3EFC7F34DB201EC538901C8E05A3B3295519042CF631226BBAF9A9F8A3C4BD6B00E24CD048A14ACA7C8B9EC1C1931853909EFF8B1FBCA46C9CB9E42BE7253E7F25A97C6D50E970EF8CEFE1C70C8A3254F5402F3DCC62A5A34B477A8B452352B6CB2BFC1F372130DBC4960DCD20088DB50B39998ECCB0CD2F797F7267529DB9A63B7BE8691F9B6155EFFAEEBDB8EE7FCA2EDD9DCC92B5DDCF536E87DA064010A15CA505885DEC6499E4B1408580A3F854E1C50BEA96D4B47D9022B004F426F1F69C7580573F60BA80045BA799FB486C1AB3E363D75DA7C2BE5E256001E728B4850BA99184068CFF7A87B25C95F43E17B35BEBFA4711A1307EA545B1BA97D13F752EB7CD6F42BA4776098D71C02E4961480D18AE898D2EBCD61E897041CB1A7056CEBCB733
-20210511120155 2 6 100 6143 2 EE2D1C3A0CC149C6675914AEFB8A3B27C939CB721B7D7D2AECDF4464406D6B59DF4C01ABE292F37396B097215BCF049F98D5B7CBA342EF5DFE31668084E83E783AC5C21CB152C08EE0BBAB4CC8F261AFD378F97D5044BC6BD3E555ADCF508ABC26E4CAF8D0B84EDDA7E78B56B89A497BC4D5A1D5C14D1A535777D4BBA17540B64F3E2695C5B134275A2F94D1388C0F666573454ED38B3E0CAA04BF5551662A429B54153795935493FE7E3C8130EE4568A278C2FF362D070FA4D10462B347E382EE340DF1EBBDBFEFAD66AB4B2296E982EC7F0947F6BF7845E8C40F9A7B4934727781E2D129C2E055227C3CD063BBFF14DE2958D6B4D3D3EF54ECA8757C3D102B98B6C97BE8087FE6B8ABC4B7D61AB491842E37A53890081C73359B4B878570BE3B30E557B819DBEC06F1291965419B7EAD74F1ADF900E771781024B44E5669DDA88FD9C62496764EA5CE3E791EB4CCDA3E4B665355C9EC92EF18046331332886B79DC3710C36F02D2EB260246AE83459514EF00FC5857CAC8562D4DD522FA4575ECD1BACA7313A1C91F72863DFC8AF0732C9025862525CF33E5EC545D356C620C70F16D2BDD22A9BD9A25469D21C70D437FA08ED36550A2EEEF3545EFDC5A0C0FCC1070A99B2D5EFC1A32D764AEE21DC38FD6086813C01F09298B41B3EFC7F34DB201EC538901C8E05A3B3295519042CF631226BBAF9A9F8A3C4BD6B00E24CD048A14ACA7C8B9EC1C1931853909EFF8B1FBCA46C9CB9E42BE7253E7F25A97C6D50E970EF8CEFE1C70C8A3254F5402F3DCC62A5A34B477A8B452352B6CB2BFC1F372130DBC4960DCD20088DB50B39998ECCB0CD2F797F7267529DB9A63B7BE8691F9B6155EFFAEEBDB8EE7FCA2EDD9DCC92B5DDCF536E87DA064010A15CA505885DEC6499E4B1408580A3F854E1C50BEA96D4B47D9022B004F426F1F69C7580573F60BA80045BA799FB486C1AB3E363D75DA7C2BE5E256001E728B4850BA99184068CFF7A87B25C95F43E17B35BEBFA4711A1307EA545B1BA97D13F752EB7CD6F42BA4776098D71C02E4961480D18AE898D2EBCD61E897041CB1A7056D29CD07B
-20210511121150 2 6 100 6143 2 EE2D1C3A0CC149C6675914AEFB8A3B27C939CB721B7D7D2AECDF4464406D6B59DF4C01ABE292F37396B097215BCF049F98D5B7CBA342EF5DFE31668084E83E783AC5C21CB152C08EE0BBAB4CC8F261AFD378F97D5044BC6BD3E555ADCF508ABC26E4CAF8D0B84EDDA7E78B56B89A497BC4D5A1D5C14D1A535777D4BBA17540B64F3E2695C5B134275A2F94D1388C0F666573454ED38B3E0CAA04BF5551662A429B54153795935493FE7E3C8130EE4568A278C2FF362D070FA4D10462B347E382EE340DF1EBBDBFEFAD66AB4B2296E982EC7F0947F6BF7845E8C40F9A7B4934727781E2D129C2E055227C3CD063BBFF14DE2958D6B4D3D3EF54ECA8757C3D102B98B6C97BE8087FE6B8ABC4B7D61AB491842E37A53890081C73359B4B878570BE3B30E557B819DBEC06F1291965419B7EAD74F1ADF900E771781024B44E5669DDA88FD9C62496764EA5CE3E791EB4CCDA3E4B665355C9EC92EF18046331332886B79DC3710C36F02D2EB260246AE83459514EF00FC5857CAC8562D4DD522FA4575ECD1BACA7313A1C91F72863DFC8AF0732C9025862525CF33E5EC545D356C620C70F16D2BDD22A9BD9A25469D21C70D437FA08ED36550A2EEEF3545EFDC5A0C0FCC1070A99B2D5EFC1A32D764AEE21DC38FD6086813C01F09298B41B3EFC7F34DB201EC538901C8E05A3B3295519042CF631226BBAF9A9F8A3C4BD6B00E24CD048A14ACA7C8B9EC1C1931853909EFF8B1FBCA46C9CB9E42BE7253E7F25A97C6D50E970EF8CEFE1C70C8A3254F5402F3DCC62A5A34B477A8B452352B6CB2BFC1F372130DBC4960DCD20088DB50B39998ECCB0CD2F797F7267529DB9A63B7BE8691F9B6155EFFAEEBDB8EE7FCA2EDD9DCC92B5DDCF536E87DA064010A15CA505885DEC6499E4B1408580A3F854E1C50BEA96D4B47D9022B004F426F1F69C7580573F60BA80045BA799FB486C1AB3E363D75DA7C2BE5E256001E728B4850BA99184068CFF7A87B25C95F43E17B35BEBFA4711A1307EA545B1BA97D13F752EB7CD6F42BA4776098D71C02E4961480D18AE898D2EBCD61E897041CB1A7056D40F2B2B
-20210511125715 2 6 100 6143 2 EE2D1C3A0CC149C6675914AEFB8A3B27C939CB721B7D7D2AECDF4464406D6B59DF4C01ABE292F37396B097215BCF049F98D5B7CBA342EF5DFE31668084E83E783AC5C21CB152C08EE0BBAB4CC8F261AFD378F97D5044BC6BD3E555ADCF508ABC26E4CAF8D0B84EDDA7E78B56B89A497BC4D5A1D5C14D1A535777D4BBA17540B64F3E2695C5B134275A2F94D1388C0F666573454ED38B3E0CAA04BF5551662A429B54153795935493FE7E3C8130EE4568A278C2FF362D070FA4D10462B347E382EE340DF1EBBDBFEFAD66AB4B2296E982EC7F0947F6BF7845E8C40F9A7B4934727781E2D129C2E055227C3CD063BBFF14DE2958D6B4D3D3EF54ECA8757C3D102B98B6C97BE8087FE6B8ABC4B7D61AB491842E37A53890081C73359B4B878570BE3B30E557B819DBEC06F1291965419B7EAD74F1ADF900E771781024B44E5669DDA88FD9C62496764EA5CE3E791EB4CCDA3E4B665355C9EC92EF18046331332886B79DC3710C36F02D2EB260246AE83459514EF00FC5857CAC8562D4DD522FA4575ECD1BACA7313A1C91F72863DFC8AF0732C9025862525CF33E5EC545D356C620C70F16D2BDD22A9BD9A25469D21C70D437FA08ED36550A2EEEF3545EFDC5A0C0FCC1070A99B2D5EFC1A32D764AEE21DC38FD6086813C01F09298B41B3EFC7F34DB201EC538901C8E05A3B3295519042CF631226BBAF9A9F8A3C4BD6B00E24CD048A14ACA7C8B9EC1C1931853909EFF8B1FBCA46C9CB9E42BE7253E7F25A97C6D50E970EF8CEFE1C70C8A3254F5402F3DCC62A5A34B477A8B452352B6CB2BFC1F372130DBC4960DCD20088DB50B39998ECCB0CD2F797F7267529DB9A63B7BE8691F9B6155EFFAEEBDB8EE7FCA2EDD9DCC92B5DDCF536E87DA064010A15CA505885DEC6499E4B1408580A3F854E1C50BEA96D4B47D9022B004F426F1F69C7580573F60BA80045BA799FB486C1AB3E363D75DA7C2BE5E256001E728B4850BA99184068CFF7A87B25C95F43E17B35BEBFA4711A1307EA545B1BA97D13F752EB7CD6F42BA4776098D71C02E4961480D18AE898D2EBCD61E897041CB1A7056DADDC183
-20210511133230 2 6 100 6143 2 EE2D1C3A0CC149C6675914AEFB8A3B27C939CB721B7D7D2AECDF4464406D6B59DF4C01ABE292F37396B097215BCF049F98D5B7CBA342EF5DFE31668084E83E783AC5C21CB152C08EE0BBAB4CC8F261AFD378F97D5044BC6BD3E555ADCF508ABC26E4CAF8D0B84EDDA7E78B56B89A497BC4D5A1D5C14D1A535777D4BBA17540B64F3E2695C5B134275A2F94D1388C0F666573454ED38B3E0CAA04BF5551662A429B54153795935493FE7E3C8130EE4568A278C2FF362D070FA4D10462B347E382EE340DF1EBBDBFEFAD66AB4B2296E982EC7F0947F6BF7845E8C40F9A7B4934727781E2D129C2E055227C3CD063BBFF14DE2958D6B4D3D3EF54ECA8757C3D102B98B6C97BE8087FE6B8ABC4B7D61AB491842E37A53890081C73359B4B878570BE3B30E557B819DBEC06F1291965419B7EAD74F1ADF900E771781024B44E5669DDA88FD9C62496764EA5CE3E791EB4CCDA3E4B665355C9EC92EF18046331332886B79DC3710C36F02D2EB260246AE83459514EF00FC5857CAC8562D4DD522FA4575ECD1BACA7313A1C91F72863DFC8AF0732C9025862525CF33E5EC545D356C620C70F16D2BDD22A9BD9A25469D21C70D437FA08ED36550A2EEEF3545EFDC5A0C0FCC1070A99B2D5EFC1A32D764AEE21DC38FD6086813C01F09298B41B3EFC7F34DB201EC538901C8E05A3B3295519042CF631226BBAF9A9F8A3C4BD6B00E24CD048A14ACA7C8B9EC1C1931853909EFF8B1FBCA46C9CB9E42BE7253E7F25A97C6D50E970EF8CEFE1C70C8A3254F5402F3DCC62A5A34B477A8B452352B6CB2BFC1F372130DBC4960DCD20088DB50B39998ECCB0CD2F797F7267529DB9A63B7BE8691F9B6155EFFAEEBDB8EE7FCA2EDD9DCC92B5DDCF536E87DA064010A15CA505885DEC6499E4B1408580A3F854E1C50BEA96D4B47D9022B004F426F1F69C7580573F60BA80045BA799FB486C1AB3E363D75DA7C2BE5E256001E728B4850BA99184068CFF7A87B25C95F43E17B35BEBFA4711A1307EA545B1BA97D13F752EB7CD6F42BA4776098D71C02E4961480D18AE898D2EBCD61E897041CB1A7056E00C0173
-20210511134118 2 6 100 6143 2 EE2D1C3A0CC149C6675914AEFB8A3B27C939CB721B7D7D2AECDF4464406D6B59DF4C01ABE292F37396B097215BCF049F98D5B7CBA342EF5DFE31668084E83E783AC5C21CB152C08EE0BBAB4CC8F261AFD378F97D5044BC6BD3E555ADCF508ABC26E4CAF8D0B84EDDA7E78B56B89A497BC4D5A1D5C14D1A535777D4BBA17540B64F3E2695C5B134275A2F94D1388C0F666573454ED38B3E0CAA04BF5551662A429B54153795935493FE7E3C8130EE4568A278C2FF362D070FA4D10462B347E382EE340DF1EBBDBFEFAD66AB4B2296E982EC7F0947F6BF7845E8C40F9A7B4934727781E2D129C2E055227C3CD063BBFF14DE2958D6B4D3D3EF54ECA8757C3D102B98B6C97BE8087FE6B8ABC4B7D61AB491842E37A53890081C73359B4B878570BE3B30E557B819DBEC06F1291965419B7EAD74F1ADF900E771781024B44E5669DDA88FD9C62496764EA5CE3E791EB4CCDA3E4B665355C9EC92EF18046331332886B79DC3710C36F02D2EB260246AE83459514EF00FC5857CAC8562D4DD522FA4575ECD1BACA7313A1C91F72863DFC8AF0732C9025862525CF33E5EC545D356C620C70F16D2BDD22A9BD9A25469D21C70D437FA08ED36550A2EEEF3545EFDC5A0C0FCC1070A99B2D5EFC1A32D764AEE21DC38FD6086813C01F09298B41B3EFC7F34DB201EC538901C8E05A3B3295519042CF631226BBAF9A9F8A3C4BD6B00E24CD048A14ACA7C8B9EC1C1931853909EFF8B1FBCA46C9CB9E42BE7253E7F25A97C6D50E970EF8CEFE1C70C8A3254F5402F3DCC62A5A34B477A8B452352B6CB2BFC1F372130DBC4960DCD20088DB50B39998ECCB0CD2F797F7267529DB9A63B7BE8691F9B6155EFFAEEBDB8EE7FCA2EDD9DCC92B5DDCF536E87DA064010A15CA505885DEC6499E4B1408580A3F854E1C50BEA96D4B47D9022B004F426F1F69C7580573F60BA80045BA799FB486C1AB3E363D75DA7C2BE5E256001E728B4850BA99184068CFF7A87B25C95F43E17B35BEBFA4711A1307EA545B1BA97D13F752EB7CD6F42BA4776098D71C02E4961480D18AE898D2EBCD61E897041CB1A7056E14EC08B
-20210511135454 2 6 100 6143 2 EE2D1C3A0CC149C6675914AEFB8A3B27C939CB721B7D7D2AECDF4464406D6B59DF4C01ABE292F37396B097215BCF049F98D5B7CBA342EF5DFE31668084E83E783AC5C21CB152C08EE0BBAB4CC8F261AFD378F97D5044BC6BD3E555ADCF508ABC26E4CAF8D0B84EDDA7E78B56B89A497BC4D5A1D5C14D1A535777D4BBA17540B64F3E2695C5B134275A2F94D1388C0F666573454ED38B3E0CAA04BF5551662A429B54153795935493FE7E3C8130EE4568A278C2FF362D070FA4D10462B347E382EE340DF1EBBDBFEFAD66AB4B2296E982EC7F0947F6BF7845E8C40F9A7B4934727781E2D129C2E055227C3CD063BBFF14DE2958D6B4D3D3EF54ECA8757C3D102B98B6C97BE8087FE6B8ABC4B7D61AB491842E37A53890081C73359B4B878570BE3B30E557B819DBEC06F1291965419B7EAD74F1ADF900E771781024B44E5669DDA88FD9C62496764EA5CE3E791EB4CCDA3E4B665355C9EC92EF18046331332886B79DC3710C36F02D2EB260246AE83459514EF00FC5857CAC8562D4DD522FA4575ECD1BACA7313A1C91F72863DFC8AF0732C9025862525CF33E5EC545D356C620C70F16D2BDD22A9BD9A25469D21C70D437FA08ED36550A2EEEF3545EFDC5A0C0FCC1070A99B2D5EFC1A32D764AEE21DC38FD6086813C01F09298B41B3EFC7F34DB201EC538901C8E05A3B3295519042CF631226BBAF9A9F8A3C4BD6B00E24CD048A14ACA7C8B9EC1C1931853909EFF8B1FBCA46C9CB9E42BE7253E7F25A97C6D50E970EF8CEFE1C70C8A3254F5402F3DCC62A5A34B477A8B452352B6CB2BFC1F372130DBC4960DCD20088DB50B39998ECCB0CD2F797F7267529DB9A63B7BE8691F9B6155EFFAEEBDB8EE7FCA2EDD9DCC92B5DDCF536E87DA064010A15CA505885DEC6499E4B1408580A3F854E1C50BEA96D4B47D9022B004F426F1F69C7580573F60BA80045BA799FB486C1AB3E363D75DA7C2BE5E256001E728B4850BA99184068CFF7A87B25C95F43E17B35BEBFA4711A1307EA545B1BA97D13F752EB7CD6F42BA4776098D71C02E4961480D18AE898D2EBCD61E897041CB1A7056E34379F3
-20210511140822 2 6 100 6143 5 EE2D1C3A0CC149C6675914AEFB8A3B27C939CB721B7D7D2AECDF4464406D6B59DF4C01ABE292F37396B097215BCF049F98D5B7CBA342EF5DFE31668084E83E783AC5C21CB152C08EE0BBAB4CC8F261AFD378F97D5044BC6BD3E555ADCF508ABC26E4CAF8D0B84EDDA7E78B56B89A497BC4D5A1D5C14D1A535777D4BBA17540B64F3E2695C5B134275A2F94D1388C0F666573454ED38B3E0CAA04BF5551662A429B54153795935493FE7E3C8130EE4568A278C2FF362D070FA4D10462B347E382EE340DF1EBBDBFEFAD66AB4B2296E982EC7F0947F6BF7845E8C40F9A7B4934727781E2D129C2E055227C3CD063BBFF14DE2958D6B4D3D3EF54ECA8757C3D102B98B6C97BE8087FE6B8ABC4B7D61AB491842E37A53890081C73359B4B878570BE3B30E557B819DBEC06F1291965419B7EAD74F1ADF900E771781024B44E5669DDA88FD9C62496764EA5CE3E791EB4CCDA3E4B665355C9EC92EF18046331332886B79DC3710C36F02D2EB260246AE83459514EF00FC5857CAC8562D4DD522FA4575ECD1BACA7313A1C91F72863DFC8AF0732C9025862525CF33E5EC545D356C620C70F16D2BDD22A9BD9A25469D21C70D437FA08ED36550A2EEEF3545EFDC5A0C0FCC1070A99B2D5EFC1A32D764AEE21DC38FD6086813C01F09298B41B3EFC7F34DB201EC538901C8E05A3B3295519042CF631226BBAF9A9F8A3C4BD6B00E24CD048A14ACA7C8B9EC1C1931853909EFF8B1FBCA46C9CB9E42BE7253E7F25A97C6D50E970EF8CEFE1C70C8A3254F5402F3DCC62A5A34B477A8B452352B6CB2BFC1F372130DBC4960DCD20088DB50B39998ECCB0CD2F797F7267529DB9A63B7BE8691F9B6155EFFAEEBDB8EE7FCA2EDD9DCC92B5DDCF536E87DA064010A15CA505885DEC6499E4B1408580A3F854E1C50BEA96D4B47D9022B004F426F1F69C7580573F60BA80045BA799FB486C1AB3E363D75DA7C2BE5E256001E728B4850BA99184068CFF7A87B25C95F43E17B35BEBFA4711A1307EA545B1BA97D13F752EB7CD6F42BA4776098D71C02E4961480D18AE898D2EBCD61E897041CB1A7056E531D6AF
-20210511142133 2 6 100 6143 5 EE2D1C3A0CC149C6675914AEFB8A3B27C939CB721B7D7D2AECDF4464406D6B59DF4C01ABE292F37396B097215BCF049F98D5B7CBA342EF5DFE31668084E83E783AC5C21CB152C08EE0BBAB4CC8F261AFD378F97D5044BC6BD3E555ADCF508ABC26E4CAF8D0B84EDDA7E78B56B89A497BC4D5A1D5C14D1A535777D4BBA17540B64F3E2695C5B134275A2F94D1388C0F666573454ED38B3E0CAA04BF5551662A429B54153795935493FE7E3C8130EE4568A278C2FF362D070FA4D10462B347E382EE340DF1EBBDBFEFAD66AB4B2296E982EC7F0947F6BF7845E8C40F9A7B4934727781E2D129C2E055227C3CD063BBFF14DE2958D6B4D3D3EF54ECA8757C3D102B98B6C97BE8087FE6B8ABC4B7D61AB491842E37A53890081C73359B4B878570BE3B30E557B819DBEC06F1291965419B7EAD74F1ADF900E771781024B44E5669DDA88FD9C62496764EA5CE3E791EB4CCDA3E4B665355C9EC92EF18046331332886B79DC3710C36F02D2EB260246AE83459514EF00FC5857CAC8562D4DD522FA4575ECD1BACA7313A1C91F72863DFC8AF0732C9025862525CF33E5EC545D356C620C70F16D2BDD22A9BD9A25469D21C70D437FA08ED36550A2EEEF3545EFDC5A0C0FCC1070A99B2D5EFC1A32D764AEE21DC38FD6086813C01F09298B41B3EFC7F34DB201EC538901C8E05A3B3295519042CF631226BBAF9A9F8A3C4BD6B00E24CD048A14ACA7C8B9EC1C1931853909EFF8B1FBCA46C9CB9E42BE7253E7F25A97C6D50E970EF8CEFE1C70C8A3254F5402F3DCC62A5A34B477A8B452352B6CB2BFC1F372130DBC4960DCD20088DB50B39998ECCB0CD2F797F7267529DB9A63B7BE8691F9B6155EFFAEEBDB8EE7FCA2EDD9DCC92B5DDCF536E87DA064010A15CA505885DEC6499E4B1408580A3F854E1C50BEA96D4B47D9022B004F426F1F69C7580573F60BA80045BA799FB486C1AB3E363D75DA7C2BE5E256001E728B4850BA99184068CFF7A87B25C95F43E17B35BEBFA4711A1307EA545B1BA97D13F752EB7CD6F42BA4776098D71C02E4961480D18AE898D2EBCD61E897041CB1A7056E71D2267
-20210511144054 2 6 100 6143 5 EE2D1C3A0CC149C6675914AEFB8A3B27C939CB721B7D7D2AECDF4464406D6B59DF4C01ABE292F37396B097215BCF049F98D5B7CBA342EF5DFE31668084E83E783AC5C21CB152C08EE0BBAB4CC8F261AFD378F97D5044BC6BD3E555ADCF508ABC26E4CAF8D0B84EDDA7E78B56B89A497BC4D5A1D5C14D1A535777D4BBA17540B64F3E2695C5B134275A2F94D1388C0F666573454ED38B3E0CAA04BF5551662A429B54153795935493FE7E3C8130EE4568A278C2FF362D070FA4D10462B347E382EE340DF1EBBDBFEFAD66AB4B2296E982EC7F0947F6BF7845E8C40F9A7B4934727781E2D129C2E055227C3CD063BBFF14DE2958D6B4D3D3EF54ECA8757C3D102B98B6C97BE8087FE6B8ABC4B7D61AB491842E37A53890081C73359B4B878570BE3B30E557B819DBEC06F1291965419B7EAD74F1ADF900E771781024B44E5669DDA88FD9C62496764EA5CE3E791EB4CCDA3E4B665355C9EC92EF18046331332886B79DC3710C36F02D2EB260246AE83459514EF00FC5857CAC8562D4DD522FA4575ECD1BACA7313A1C91F72863DFC8AF0732C9025862525CF33E5EC545D356C620C70F16D2BDD22A9BD9A25469D21C70D437FA08ED36550A2EEEF3545EFDC5A0C0FCC1070A99B2D5EFC1A32D764AEE21DC38FD6086813C01F09298B41B3EFC7F34DB201EC538901C8E05A3B3295519042CF631226BBAF9A9F8A3C4BD6B00E24CD048A14ACA7C8B9EC1C1931853909EFF8B1FBCA46C9CB9E42BE7253E7F25A97C6D50E970EF8CEFE1C70C8A3254F5402F3DCC62A5A34B477A8B452352B6CB2BFC1F372130DBC4960DCD20088DB50B39998ECCB0CD2F797F7267529DB9A63B7BE8691F9B6155EFFAEEBDB8EE7FCA2EDD9DCC92B5DDCF536E87DA064010A15CA505885DEC6499E4B1408580A3F854E1C50BEA96D4B47D9022B004F426F1F69C7580573F60BA80045BA799FB486C1AB3E363D75DA7C2BE5E256001E728B4850BA99184068CFF7A87B25C95F43E17B35BEBFA4711A1307EA545B1BA97D13F752EB7CD6F42BA4776098D71C02E4961480D18AE898D2EBCD61E897041CB1A7056E9EE160F
-20210511144259 2 6 100 6143 2 EE2D1C3A0CC149C6675914AEFB8A3B27C939CB721B7D7D2AECDF4464406D6B59DF4C01ABE292F37396B097215BCF049F98D5B7CBA342EF5DFE31668084E83E783AC5C21CB152C08EE0BBAB4CC8F261AFD378F97D5044BC6BD3E555ADCF508ABC26E4CAF8D0B84EDDA7E78B56B89A497BC4D5A1D5C14D1A535777D4BBA17540B64F3E2695C5B134275A2F94D1388C0F666573454ED38B3E0CAA04BF5551662A429B54153795935493FE7E3C8130EE4568A278C2FF362D070FA4D10462B347E382EE340DF1EBBDBFEFAD66AB4B2296E982EC7F0947F6BF7845E8C40F9A7B4934727781E2D129C2E055227C3CD063BBFF14DE2958D6B4D3D3EF54ECA8757C3D102B98B6C97BE8087FE6B8ABC4B7D61AB491842E37A53890081C73359B4B878570BE3B30E557B819DBEC06F1291965419B7EAD74F1ADF900E771781024B44E5669DDA88FD9C62496764EA5CE3E791EB4CCDA3E4B665355C9EC92EF18046331332886B79DC3710C36F02D2EB260246AE83459514EF00FC5857CAC8562D4DD522FA4575ECD1BACA7313A1C91F72863DFC8AF0732C9025862525CF33E5EC545D356C620C70F16D2BDD22A9BD9A25469D21C70D437FA08ED36550A2EEEF3545EFDC5A0C0FCC1070A99B2D5EFC1A32D764AEE21DC38FD6086813C01F09298B41B3EFC7F34DB201EC538901C8E05A3B3295519042CF631226BBAF9A9F8A3C4BD6B00E24CD048A14ACA7C8B9EC1C1931853909EFF8B1FBCA46C9CB9E42BE7253E7F25A97C6D50E970EF8CEFE1C70C8A3254F5402F3DCC62A5A34B477A8B452352B6CB2BFC1F372130DBC4960DCD20088DB50B39998ECCB0CD2F797F7267529DB9A63B7BE8691F9B6155EFFAEEBDB8EE7FCA2EDD9DCC92B5DDCF536E87DA064010A15CA505885DEC6499E4B1408580A3F854E1C50BEA96D4B47D9022B004F426F1F69C7580573F60BA80045BA799FB486C1AB3E363D75DA7C2BE5E256001E728B4850BA99184068CFF7A87B25C95F43E17B35BEBFA4711A1307EA545B1BA97D13F752EB7CD6F42BA4776098D71C02E4961480D18AE898D2EBCD61E897041CB1A7056EA31E3A3
-20210511144958 2 6 100 6143 2 EE2D1C3A0CC149C6675914AEFB8A3B27C939CB721B7D7D2AECDF4464406D6B59DF4C01ABE292F37396B097215BCF049F98D5B7CBA342EF5DFE31668084E83E783AC5C21CB152C08EE0BBAB4CC8F261AFD378F97D5044BC6BD3E555ADCF508ABC26E4CAF8D0B84EDDA7E78B56B89A497BC4D5A1D5C14D1A535777D4BBA17540B64F3E2695C5B134275A2F94D1388C0F666573454ED38B3E0CAA04BF5551662A429B54153795935493FE7E3C8130EE4568A278C2FF362D070FA4D10462B347E382EE340DF1EBBDBFEFAD66AB4B2296E982EC7F0947F6BF7845E8C40F9A7B4934727781E2D129C2E055227C3CD063BBFF14DE2958D6B4D3D3EF54ECA8757C3D102B98B6C97BE8087FE6B8ABC4B7D61AB491842E37A53890081C73359B4B878570BE3B30E557B819DBEC06F1291965419B7EAD74F1ADF900E771781024B44E5669DDA88FD9C62496764EA5CE3E791EB4CCDA3E4B665355C9EC92EF18046331332886B79DC3710C36F02D2EB260246AE83459514EF00FC5857CAC8562D4DD522FA4575ECD1BACA7313A1C91F72863DFC8AF0732C9025862525CF33E5EC545D356C620C70F16D2BDD22A9BD9A25469D21C70D437FA08ED36550A2EEEF3545EFDC5A0C0FCC1070A99B2D5EFC1A32D764AEE21DC38FD6086813C01F09298B41B3EFC7F34DB201EC538901C8E05A3B3295519042CF631226BBAF9A9F8A3C4BD6B00E24CD048A14ACA7C8B9EC1C1931853909EFF8B1FBCA46C9CB9E42BE7253E7F25A97C6D50E970EF8CEFE1C70C8A3254F5402F3DCC62A5A34B477A8B452352B6CB2BFC1F372130DBC4960DCD20088DB50B39998ECCB0CD2F797F7267529DB9A63B7BE8691F9B6155EFFAEEBDB8EE7FCA2EDD9DCC92B5DDCF536E87DA064010A15CA505885DEC6499E4B1408580A3F854E1C50BEA96D4B47D9022B004F426F1F69C7580573F60BA80045BA799FB486C1AB3E363D75DA7C2BE5E256001E728B4850BA99184068CFF7A87B25C95F43E17B35BEBFA4711A1307EA545B1BA97D13F752EB7CD6F42BA4776098D71C02E4961480D18AE898D2EBCD61E897041CB1A7056EB339A53
-20210511145731 2 6 100 6143 2 EE2D1C3A0CC149C6675914AEFB8A3B27C939CB721B7D7D2AECDF4464406D6B59DF4C01ABE292F37396B097215BCF049F98D5B7CBA342EF5DFE31668084E83E783AC5C21CB152C08EE0BBAB4CC8F261AFD378F97D5044BC6BD3E555ADCF508ABC26E4CAF8D0B84EDDA7E78B56B89A497BC4D5A1D5C14D1A535777D4BBA17540B64F3E2695C5B134275A2F94D1388C0F666573454ED38B3E0CAA04BF5551662A429B54153795935493FE7E3C8130EE4568A278C2FF362D070FA4D10462B347E382EE340DF1EBBDBFEFAD66AB4B2296E982EC7F0947F6BF7845E8C40F9A7B4934727781E2D129C2E055227C3CD063BBFF14DE2958D6B4D3D3EF54ECA8757C3D102B98B6C97BE8087FE6B8ABC4B7D61AB491842E37A53890081C73359B4B878570BE3B30E557B819DBEC06F1291965419B7EAD74F1ADF900E771781024B44E5669DDA88FD9C62496764EA5CE3E791EB4CCDA3E4B665355C9EC92EF18046331332886B79DC3710C36F02D2EB260246AE83459514EF00FC5857CAC8562D4DD522FA4575ECD1BACA7313A1C91F72863DFC8AF0732C9025862525CF33E5EC545D356C620C70F16D2BDD22A9BD9A25469D21C70D437FA08ED36550A2EEEF3545EFDC5A0C0FCC1070A99B2D5EFC1A32D764AEE21DC38FD6086813C01F09298B41B3EFC7F34DB201EC538901C8E05A3B3295519042CF631226BBAF9A9F8A3C4BD6B00E24CD048A14ACA7C8B9EC1C1931853909EFF8B1FBCA46C9CB9E42BE7253E7F25A97C6D50E970EF8CEFE1C70C8A3254F5402F3DCC62A5A34B477A8B452352B6CB2BFC1F372130DBC4960DCD20088DB50B39998ECCB0CD2F797F7267529DB9A63B7BE8691F9B6155EFFAEEBDB8EE7FCA2EDD9DCC92B5DDCF536E87DA064010A15CA505885DEC6499E4B1408580A3F854E1C50BEA96D4B47D9022B004F426F1F69C7580573F60BA80045BA799FB486C1AB3E363D75DA7C2BE5E256001E728B4850BA99184068CFF7A87B25C95F43E17B35BEBFA4711A1307EA545B1BA97D13F752EB7CD6F42BA4776098D71C02E4961480D18AE898D2EBCD61E897041CB1A7056EC45903B
-20210511150937 2 6 100 6143 5 EE2D1C3A0CC149C6675914AEFB8A3B27C939CB721B7D7D2AECDF4464406D6B59DF4C01ABE292F37396B097215BCF049F98D5B7CBA342EF5DFE31668084E83E783AC5C21CB152C08EE0BBAB4CC8F261AFD378F97D5044BC6BD3E555ADCF508ABC26E4CAF8D0B84EDDA7E78B56B89A497BC4D5A1D5C14D1A535777D4BBA17540B64F3E2695C5B134275A2F94D1388C0F666573454ED38B3E0CAA04BF5551662A429B54153795935493FE7E3C8130EE4568A278C2FF362D070FA4D10462B347E382EE340DF1EBBDBFEFAD66AB4B2296E982EC7F0947F6BF7845E8C40F9A7B4934727781E2D129C2E055227C3CD063BBFF14DE2958D6B4D3D3EF54ECA8757C3D102B98B6C97BE8087FE6B8ABC4B7D61AB491842E37A53890081C73359B4B878570BE3B30E557B819DBEC06F1291965419B7EAD74F1ADF900E771781024B44E5669DDA88FD9C62496764EA5CE3E791EB4CCDA3E4B665355C9EC92EF18046331332886B79DC3710C36F02D2EB260246AE83459514EF00FC5857CAC8562D4DD522FA4575ECD1BACA7313A1C91F72863DFC8AF0732C9025862525CF33E5EC545D356C620C70F16D2BDD22A9BD9A25469D21C70D437FA08ED36550A2EEEF3545EFDC5A0C0FCC1070A99B2D5EFC1A32D764AEE21DC38FD6086813C01F09298B41B3EFC7F34DB201EC538901C8E05A3B3295519042CF631226BBAF9A9F8A3C4BD6B00E24CD048A14ACA7C8B9EC1C1931853909EFF8B1FBCA46C9CB9E42BE7253E7F25A97C6D50E970EF8CEFE1C70C8A3254F5402F3DCC62A5A34B477A8B452352B6CB2BFC1F372130DBC4960DCD20088DB50B39998ECCB0CD2F797F7267529DB9A63B7BE8691F9B6155EFFAEEBDB8EE7FCA2EDD9DCC92B5DDCF536E87DA064010A15CA505885DEC6499E4B1408580A3F854E1C50BEA96D4B47D9022B004F426F1F69C7580573F60BA80045BA799FB486C1AB3E363D75DA7C2BE5E256001E728B4850BA99184068CFF7A87B25C95F43E17B35BEBFA4711A1307EA545B1BA97D13F752EB7CD6F42BA4776098D71C02E4961480D18AE898D2EBCD61E897041CB1A7056EDFF14D7
-20210511151422 2 6 100 6143 5 EE2D1C3A0CC149C6675914AEFB8A3B27C939CB721B7D7D2AECDF4464406D6B59DF4C01ABE292F37396B097215BCF049F98D5B7CBA342EF5DFE31668084E83E783AC5C21CB152C08EE0BBAB4CC8F261AFD378F97D5044BC6BD3E555ADCF508ABC26E4CAF8D0B84EDDA7E78B56B89A497BC4D5A1D5C14D1A535777D4BBA17540B64F3E2695C5B134275A2F94D1388C0F666573454ED38B3E0CAA04BF5551662A429B54153795935493FE7E3C8130EE4568A278C2FF362D070FA4D10462B347E382EE340DF1EBBDBFEFAD66AB4B2296E982EC7F0947F6BF7845E8C40F9A7B4934727781E2D129C2E055227C3CD063BBFF14DE2958D6B4D3D3EF54ECA8757C3D102B98B6C97BE8087FE6B8ABC4B7D61AB491842E37A53890081C73359B4B878570BE3B30E557B819DBEC06F1291965419B7EAD74F1ADF900E771781024B44E5669DDA88FD9C62496764EA5CE3E791EB4CCDA3E4B665355C9EC92EF18046331332886B79DC3710C36F02D2EB260246AE83459514EF00FC5857CAC8562D4DD522FA4575ECD1BACA7313A1C91F72863DFC8AF0732C9025862525CF33E5EC545D356C620C70F16D2BDD22A9BD9A25469D21C70D437FA08ED36550A2EEEF3545EFDC5A0C0FCC1070A99B2D5EFC1A32D764AEE21DC38FD6086813C01F09298B41B3EFC7F34DB201EC538901C8E05A3B3295519042CF631226BBAF9A9F8A3C4BD6B00E24CD048A14ACA7C8B9EC1C1931853909EFF8B1FBCA46C9CB9E42BE7253E7F25A97C6D50E970EF8CEFE1C70C8A3254F5402F3DCC62A5A34B477A8B452352B6CB2BFC1F372130DBC4960DCD20088DB50B39998ECCB0CD2F797F7267529DB9A63B7BE8691F9B6155EFFAEEBDB8EE7FCA2EDD9DCC92B5DDCF536E87DA064010A15CA505885DEC6499E4B1408580A3F854E1C50BEA96D4B47D9022B004F426F1F69C7580573F60BA80045BA799FB486C1AB3E363D75DA7C2BE5E256001E728B4850BA99184068CFF7A87B25C95F43E17B35BEBFA4711A1307EA545B1BA97D13F752EB7CD6F42BA4776098D71C02E4961480D18AE898D2EBCD61E897041CB1A7056EEA51A4F
-20210511154856 2 6 100 6143 2 EE2D1C3A0CC149C6675914AEFB8A3B27C939CB721B7D7D2AECDF4464406D6B59DF4C01ABE292F37396B097215BCF049F98D5B7CBA342EF5DFE31668084E83E783AC5C21CB152C08EE0BBAB4CC8F261AFD378F97D5044BC6BD3E555ADCF508ABC26E4CAF8D0B84EDDA7E78B56B89A497BC4D5A1D5C14D1A535777D4BBA17540B64F3E2695C5B134275A2F94D1388C0F666573454ED38B3E0CAA04BF5551662A429B54153795935493FE7E3C8130EE4568A278C2FF362D070FA4D10462B347E382EE340DF1EBBDBFEFAD66AB4B2296E982EC7F0947F6BF7845E8C40F9A7B4934727781E2D129C2E055227C3CD063BBFF14DE2958D6B4D3D3EF54ECA8757C3D102B98B6C97BE8087FE6B8ABC4B7D61AB491842E37A53890081C73359B4B878570BE3B30E557B819DBEC06F1291965419B7EAD74F1ADF900E771781024B44E5669DDA88FD9C62496764EA5CE3E791EB4CCDA3E4B665355C9EC92EF18046331332886B79DC3710C36F02D2EB260246AE83459514EF00FC5857CAC8562D4DD522FA4575ECD1BACA7313A1C91F72863DFC8AF0732C9025862525CF33E5EC545D356C620C70F16D2BDD22A9BD9A25469D21C70D437FA08ED36550A2EEEF3545EFDC5A0C0FCC1070A99B2D5EFC1A32D764AEE21DC38FD6086813C01F09298B41B3EFC7F34DB201EC538901C8E05A3B3295519042CF631226BBAF9A9F8A3C4BD6B00E24CD048A14ACA7C8B9EC1C1931853909EFF8B1FBCA46C9CB9E42BE7253E7F25A97C6D50E970EF8CEFE1C70C8A3254F5402F3DCC62A5A34B477A8B452352B6CB2BFC1F372130DBC4960DCD20088DB50B39998ECCB0CD2F797F7267529DB9A63B7BE8691F9B6155EFFAEEBDB8EE7FCA2EDD9DCC92B5DDCF536E87DA064010A15CA505885DEC6499E4B1408580A3F854E1C50BEA96D4B47D9022B004F426F1F69C7580573F60BA80045BA799FB486C1AB3E363D75DA7C2BE5E256001E728B4850BA99184068CFF7A87B25C95F43E17B35BEBFA4711A1307EA545B1BA97D13F752EB7CD6F42BA4776098D71C02E4961480D18AE898D2EBCD61E897041CB1A7056F391E0D3
-20210511160239 2 6 100 6143 5 EE2D1C3A0CC149C6675914AEFB8A3B27C939CB721B7D7D2AECDF4464406D6B59DF4C01ABE292F37396B097215BCF049F98D5B7CBA342EF5DFE31668084E83E783AC5C21CB152C08EE0BBAB4CC8F261AFD378F97D5044BC6BD3E555ADCF508ABC26E4CAF8D0B84EDDA7E78B56B89A497BC4D5A1D5C14D1A535777D4BBA17540B64F3E2695C5B134275A2F94D1388C0F666573454ED38B3E0CAA04BF5551662A429B54153795935493FE7E3C8130EE4568A278C2FF362D070FA4D10462B347E382EE340DF1EBBDBFEFAD66AB4B2296E982EC7F0947F6BF7845E8C40F9A7B4934727781E2D129C2E055227C3CD063BBFF14DE2958D6B4D3D3EF54ECA8757C3D102B98B6C97BE8087FE6B8ABC4B7D61AB491842E37A53890081C73359B4B878570BE3B30E557B819DBEC06F1291965419B7EAD74F1ADF900E771781024B44E5669DDA88FD9C62496764EA5CE3E791EB4CCDA3E4B665355C9EC92EF18046331332886B79DC3710C36F02D2EB260246AE83459514EF00FC5857CAC8562D4DD522FA4575ECD1BACA7313A1C91F72863DFC8AF0732C9025862525CF33E5EC545D356C620C70F16D2BDD22A9BD9A25469D21C70D437FA08ED36550A2EEEF3545EFDC5A0C0FCC1070A99B2D5EFC1A32D764AEE21DC38FD6086813C01F09298B41B3EFC7F34DB201EC538901C8E05A3B3295519042CF631226BBAF9A9F8A3C4BD6B00E24CD048A14ACA7C8B9EC1C1931853909EFF8B1FBCA46C9CB9E42BE7253E7F25A97C6D50E970EF8CEFE1C70C8A3254F5402F3DCC62A5A34B477A8B452352B6CB2BFC1F372130DBC4960DCD20088DB50B39998ECCB0CD2F797F7267529DB9A63B7BE8691F9B6155EFFAEEBDB8EE7FCA2EDD9DCC92B5DDCF536E87DA064010A15CA505885DEC6499E4B1408580A3F854E1C50BEA96D4B47D9022B004F426F1F69C7580573F60BA80045BA799FB486C1AB3E363D75DA7C2BE5E256001E728B4850BA99184068CFF7A87B25C95F43E17B35BEBFA4711A1307EA545B1BA97D13F752EB7CD6F42BA4776098D71C02E4961480D18AE898D2EBCD61E897041CB1A7056F5802B47
-20210511161337 2 6 100 6143 2 EE2D1C3A0CC149C6675914AEFB8A3B27C939CB721B7D7D2AECDF4464406D6B59DF4C01ABE292F37396B097215BCF049F98D5B7CBA342EF5DFE31668084E83E783AC5C21CB152C08EE0BBAB4CC8F261AFD378F97D5044BC6BD3E555ADCF508ABC26E4CAF8D0B84EDDA7E78B56B89A497BC4D5A1D5C14D1A535777D4BBA17540B64F3E2695C5B134275A2F94D1388C0F666573454ED38B3E0CAA04BF5551662A429B54153795935493FE7E3C8130EE4568A278C2FF362D070FA4D10462B347E382EE340DF1EBBDBFEFAD66AB4B2296E982EC7F0947F6BF7845E8C40F9A7B4934727781E2D129C2E055227C3CD063BBFF14DE2958D6B4D3D3EF54ECA8757C3D102B98B6C97BE8087FE6B8ABC4B7D61AB491842E37A53890081C73359B4B878570BE3B30E557B819DBEC06F1291965419B7EAD74F1ADF900E771781024B44E5669DDA88FD9C62496764EA5CE3E791EB4CCDA3E4B665355C9EC92EF18046331332886B79DC3710C36F02D2EB260246AE83459514EF00FC5857CAC8562D4DD522FA4575ECD1BACA7313A1C91F72863DFC8AF0732C9025862525CF33E5EC545D356C620C70F16D2BDD22A9BD9A25469D21C70D437FA08ED36550A2EEEF3545EFDC5A0C0FCC1070A99B2D5EFC1A32D764AEE21DC38FD6086813C01F09298B41B3EFC7F34DB201EC538901C8E05A3B3295519042CF631226BBAF9A9F8A3C4BD6B00E24CD048A14ACA7C8B9EC1C1931853909EFF8B1FBCA46C9CB9E42BE7253E7F25A97C6D50E970EF8CEFE1C70C8A3254F5402F3DCC62A5A34B477A8B452352B6CB2BFC1F372130DBC4960DCD20088DB50B39998ECCB0CD2F797F7267529DB9A63B7BE8691F9B6155EFFAEEBDB8EE7FCA2EDD9DCC92B5DDCF536E87DA064010A15CA505885DEC6499E4B1408580A3F854E1C50BEA96D4B47D9022B004F426F1F69C7580573F60BA80045BA799FB486C1AB3E363D75DA7C2BE5E256001E728B4850BA99184068CFF7A87B25C95F43E17B35BEBFA4711A1307EA545B1BA97D13F752EB7CD6F42BA4776098D71C02E4961480D18AE898D2EBCD61E897041CB1A7056F704FF83
-20210511163831 2 6 100 6143 5 EE2D1C3A0CC149C6675914AEFB8A3B27C939CB721B7D7D2AECDF4464406D6B59DF4C01ABE292F37396B097215BCF049F98D5B7CBA342EF5DFE31668084E83E783AC5C21CB152C08EE0BBAB4CC8F261AFD378F97D5044BC6BD3E555ADCF508ABC26E4CAF8D0B84EDDA7E78B56B89A497BC4D5A1D5C14D1A535777D4BBA17540B64F3E2695C5B134275A2F94D1388C0F666573454ED38B3E0CAA04BF5551662A429B54153795935493FE7E3C8130EE4568A278C2FF362D070FA4D10462B347E382EE340DF1EBBDBFEFAD66AB4B2296E982EC7F0947F6BF7845E8C40F9A7B4934727781E2D129C2E055227C3CD063BBFF14DE2958D6B4D3D3EF54ECA8757C3D102B98B6C97BE8087FE6B8ABC4B7D61AB491842E37A53890081C73359B4B878570BE3B30E557B819DBEC06F1291965419B7EAD74F1ADF900E771781024B44E5669DDA88FD9C62496764EA5CE3E791EB4CCDA3E4B665355C9EC92EF18046331332886B79DC3710C36F02D2EB260246AE83459514EF00FC5857CAC8562D4DD522FA4575ECD1BACA7313A1C91F72863DFC8AF0732C9025862525CF33E5EC545D356C620C70F16D2BDD22A9BD9A25469D21C70D437FA08ED36550A2EEEF3545EFDC5A0C0FCC1070A99B2D5EFC1A32D764AEE21DC38FD6086813C01F09298B41B3EFC7F34DB201EC538901C8E05A3B3295519042CF631226BBAF9A9F8A3C4BD6B00E24CD048A14ACA7C8B9EC1C1931853909EFF8B1FBCA46C9CB9E42BE7253E7F25A97C6D50E970EF8CEFE1C70C8A3254F5402F3DCC62A5A34B477A8B452352B6CB2BFC1F372130DBC4960DCD20088DB50B39998ECCB0CD2F797F7267529DB9A63B7BE8691F9B6155EFFAEEBDB8EE7FCA2EDD9DCC92B5DDCF536E87DA064010A15CA505885DEC6499E4B1408580A3F854E1C50BEA96D4B47D9022B004F426F1F69C7580573F60BA80045BA799FB486C1AB3E363D75DA7C2BE5E256001E728B4850BA99184068CFF7A87B25C95F43E17B35BEBFA4711A1307EA545B1BA97D13F752EB7CD6F42BA4776098D71C02E4961480D18AE898D2EBCD61E897041CB1A7056FA993EF7
-20210511164110 2 6 100 6143 5 EE2D1C3A0CC149C6675914AEFB8A3B27C939CB721B7D7D2AECDF4464406D6B59DF4C01ABE292F37396B097215BCF049F98D5B7CBA342EF5DFE31668084E83E783AC5C21CB152C08EE0BBAB4CC8F261AFD378F97D5044BC6BD3E555ADCF508ABC26E4CAF8D0B84EDDA7E78B56B89A497BC4D5A1D5C14D1A535777D4BBA17540B64F3E2695C5B134275A2F94D1388C0F666573454ED38B3E0CAA04BF5551662A429B54153795935493FE7E3C8130EE4568A278C2FF362D070FA4D10462B347E382EE340DF1EBBDBFEFAD66AB4B2296E982EC7F0947F6BF7845E8C40F9A7B4934727781E2D129C2E055227C3CD063BBFF14DE2958D6B4D3D3EF54ECA8757C3D102B98B6C97BE8087FE6B8ABC4B7D61AB491842E37A53890081C73359B4B878570BE3B30E557B819DBEC06F1291965419B7EAD74F1ADF900E771781024B44E5669DDA88FD9C62496764EA5CE3E791EB4CCDA3E4B665355C9EC92EF18046331332886B79DC3710C36F02D2EB260246AE83459514EF00FC5857CAC8562D4DD522FA4575ECD1BACA7313A1C91F72863DFC8AF0732C9025862525CF33E5EC545D356C620C70F16D2BDD22A9BD9A25469D21C70D437FA08ED36550A2EEEF3545EFDC5A0C0FCC1070A99B2D5EFC1A32D764AEE21DC38FD6086813C01F09298B41B3EFC7F34DB201EC538901C8E05A3B3295519042CF631226BBAF9A9F8A3C4BD6B00E24CD048A14ACA7C8B9EC1C1931853909EFF8B1FBCA46C9CB9E42BE7253E7F25A97C6D50E970EF8CEFE1C70C8A3254F5402F3DCC62A5A34B477A8B452352B6CB2BFC1F372130DBC4960DCD20088DB50B39998ECCB0CD2F797F7267529DB9A63B7BE8691F9B6155EFFAEEBDB8EE7FCA2EDD9DCC92B5DDCF536E87DA064010A15CA505885DEC6499E4B1408580A3F854E1C50BEA96D4B47D9022B004F426F1F69C7580573F60BA80045BA799FB486C1AB3E363D75DA7C2BE5E256001E728B4850BA99184068CFF7A87B25C95F43E17B35BEBFA4711A1307EA545B1BA97D13F752EB7CD6F42BA4776098D71C02E4961480D18AE898D2EBCD61E897041CB1A7056FAF3096F
-20210511164534 2 6 100 6143 2 EE2D1C3A0CC149C6675914AEFB8A3B27C939CB721B7D7D2AECDF4464406D6B59DF4C01ABE292F37396B097215BCF049F98D5B7CBA342EF5DFE31668084E83E783AC5C21CB152C08EE0BBAB4CC8F261AFD378F97D5044BC6BD3E555ADCF508ABC26E4CAF8D0B84EDDA7E78B56B89A497BC4D5A1D5C14D1A535777D4BBA17540B64F3E2695C5B134275A2F94D1388C0F666573454ED38B3E0CAA04BF5551662A429B54153795935493FE7E3C8130EE4568A278C2FF362D070FA4D10462B347E382EE340DF1EBBDBFEFAD66AB4B2296E982EC7F0947F6BF7845E8C40F9A7B4934727781E2D129C2E055227C3CD063BBFF14DE2958D6B4D3D3EF54ECA8757C3D102B98B6C97BE8087FE6B8ABC4B7D61AB491842E37A53890081C73359B4B878570BE3B30E557B819DBEC06F1291965419B7EAD74F1ADF900E771781024B44E5669DDA88FD9C62496764EA5CE3E791EB4CCDA3E4B665355C9EC92EF18046331332886B79DC3710C36F02D2EB260246AE83459514EF00FC5857CAC8562D4DD522FA4575ECD1BACA7313A1C91F72863DFC8AF0732C9025862525CF33E5EC545D356C620C70F16D2BDD22A9BD9A25469D21C70D437FA08ED36550A2EEEF3545EFDC5A0C0FCC1070A99B2D5EFC1A32D764AEE21DC38FD6086813C01F09298B41B3EFC7F34DB201EC538901C8E05A3B3295519042CF631226BBAF9A9F8A3C4BD6B00E24CD048A14ACA7C8B9EC1C1931853909EFF8B1FBCA46C9CB9E42BE7253E7F25A97C6D50E970EF8CEFE1C70C8A3254F5402F3DCC62A5A34B477A8B452352B6CB2BFC1F372130DBC4960DCD20088DB50B39998ECCB0CD2F797F7267529DB9A63B7BE8691F9B6155EFFAEEBDB8EE7FCA2EDD9DCC92B5DDCF536E87DA064010A15CA505885DEC6499E4B1408580A3F854E1C50BEA96D4B47D9022B004F426F1F69C7580573F60BA80045BA799FB486C1AB3E363D75DA7C2BE5E256001E728B4850BA99184068CFF7A87B25C95F43E17B35BEBFA4711A1307EA545B1BA97D13F752EB7CD6F42BA4776098D71C02E4961480D18AE898D2EBCD61E897041CB1A7056FB84285B
-20210511170505 2 6 100 6143 2 EE2D1C3A0CC149C6675914AEFB8A3B27C939CB721B7D7D2AECDF4464406D6B59DF4C01ABE292F37396B097215BCF049F98D5B7CBA342EF5DFE31668084E83E783AC5C21CB152C08EE0BBAB4CC8F261AFD378F97D5044BC6BD3E555ADCF508ABC26E4CAF8D0B84EDDA7E78B56B89A497BC4D5A1D5C14D1A535777D4BBA17540B64F3E2695C5B134275A2F94D1388C0F666573454ED38B3E0CAA04BF5551662A429B54153795935493FE7E3C8130EE4568A278C2FF362D070FA4D10462B347E382EE340DF1EBBDBFEFAD66AB4B2296E982EC7F0947F6BF7845E8C40F9A7B4934727781E2D129C2E055227C3CD063BBFF14DE2958D6B4D3D3EF54ECA8757C3D102B98B6C97BE8087FE6B8ABC4B7D61AB491842E37A53890081C73359B4B878570BE3B30E557B819DBEC06F1291965419B7EAD74F1ADF900E771781024B44E5669DDA88FD9C62496764EA5CE3E791EB4CCDA3E4B665355C9EC92EF18046331332886B79DC3710C36F02D2EB260246AE83459514EF00FC5857CAC8562D4DD522FA4575ECD1BACA7313A1C91F72863DFC8AF0732C9025862525CF33E5EC545D356C620C70F16D2BDD22A9BD9A25469D21C70D437FA08ED36550A2EEEF3545EFDC5A0C0FCC1070A99B2D5EFC1A32D764AEE21DC38FD6086813C01F09298B41B3EFC7F34DB201EC538901C8E05A3B3295519042CF631226BBAF9A9F8A3C4BD6B00E24CD048A14ACA7C8B9EC1C1931853909EFF8B1FBCA46C9CB9E42BE7253E7F25A97C6D50E970EF8CEFE1C70C8A3254F5402F3DCC62A5A34B477A8B452352B6CB2BFC1F372130DBC4960DCD20088DB50B39998ECCB0CD2F797F7267529DB9A63B7BE8691F9B6155EFFAEEBDB8EE7FCA2EDD9DCC92B5DDCF536E87DA064010A15CA505885DEC6499E4B1408580A3F854E1C50BEA96D4B47D9022B004F426F1F69C7580573F60BA80045BA799FB486C1AB3E363D75DA7C2BE5E256001E728B4850BA99184068CFF7A87B25C95F43E17B35BEBFA4711A1307EA545B1BA97D13F752EB7CD6F42BA4776098D71C02E4961480D18AE898D2EBCD61E897041CB1A7056FE524F93
-20210511172712 2 6 100 6143 2 EE2D1C3A0CC149C6675914AEFB8A3B27C939CB721B7D7D2AECDF4464406D6B59DF4C01ABE292F37396B097215BCF049F98D5B7CBA342EF5DFE31668084E83E783AC5C21CB152C08EE0BBAB4CC8F261AFD378F97D5044BC6BD3E555ADCF508ABC26E4CAF8D0B84EDDA7E78B56B89A497BC4D5A1D5C14D1A535777D4BBA17540B64F3E2695C5B134275A2F94D1388C0F666573454ED38B3E0CAA04BF5551662A429B54153795935493FE7E3C8130EE4568A278C2FF362D070FA4D10462B347E382EE340DF1EBBDBFEFAD66AB4B2296E982EC7F0947F6BF7845E8C40F9A7B4934727781E2D129C2E055227C3CD063BBFF14DE2958D6B4D3D3EF54ECA8757C3D102B98B6C97BE8087FE6B8ABC4B7D61AB491842E37A53890081C73359B4B878570BE3B30E557B819DBEC06F1291965419B7EAD74F1ADF900E771781024B44E5669DDA88FD9C62496764EA5CE3E791EB4CCDA3E4B665355C9EC92EF18046331332886B79DC3710C36F02D2EB260246AE83459514EF00FC5857CAC8562D4DD522FA4575ECD1BACA7313A1C91F72863DFC8AF0732C9025862525CF33E5EC545D356C620C70F16D2BDD22A9BD9A25469D21C70D437FA08ED36550A2EEEF3545EFDC5A0C0FCC1070A99B2D5EFC1A32D764AEE21DC38FD6086813C01F09298B41B3EFC7F34DB201EC538901C8E05A3B3295519042CF631226BBAF9A9F8A3C4BD6B00E24CD048A14ACA7C8B9EC1C1931853909EFF8B1FBCA46C9CB9E42BE7253E7F25A97C6D50E970EF8CEFE1C70C8A3254F5402F3DCC62A5A34B477A8B452352B6CB2BFC1F372130DBC4960DCD20088DB50B39998ECCB0CD2F797F7267529DB9A63B7BE8691F9B6155EFFAEEBDB8EE7FCA2EDD9DCC92B5DDCF536E87DA064010A15CA505885DEC6499E4B1408580A3F854E1C50BEA96D4B47D9022B004F426F1F69C7580573F60BA80045BA799FB486C1AB3E363D75DA7C2BE5E256001E728B4850BA99184068CFF7A87B25C95F43E17B35BEBFA4711A1307EA545B1BA97D13F752EB7CD6F42BA4776098D71C02E4961480D18AE898D2EBCD61E897041CB1A70570166A98B
-20210511174145 2 6 100 6143 5 EE2D1C3A0CC149C6675914AEFB8A3B27C939CB721B7D7D2AECDF4464406D6B59DF4C01ABE292F37396B097215BCF049F98D5B7CBA342EF5DFE31668084E83E783AC5C21CB152C08EE0BBAB4CC8F261AFD378F97D5044BC6BD3E555ADCF508ABC26E4CAF8D0B84EDDA7E78B56B89A497BC4D5A1D5C14D1A535777D4BBA17540B64F3E2695C5B134275A2F94D1388C0F666573454ED38B3E0CAA04BF5551662A429B54153795935493FE7E3C8130EE4568A278C2FF362D070FA4D10462B347E382EE340DF1EBBDBFEFAD66AB4B2296E982EC7F0947F6BF7845E8C40F9A7B4934727781E2D129C2E055227C3CD063BBFF14DE2958D6B4D3D3EF54ECA8757C3D102B98B6C97BE8087FE6B8ABC4B7D61AB491842E37A53890081C73359B4B878570BE3B30E557B819DBEC06F1291965419B7EAD74F1ADF900E771781024B44E5669DDA88FD9C62496764EA5CE3E791EB4CCDA3E4B665355C9EC92EF18046331332886B79DC3710C36F02D2EB260246AE83459514EF00FC5857CAC8562D4DD522FA4575ECD1BACA7313A1C91F72863DFC8AF0732C9025862525CF33E5EC545D356C620C70F16D2BDD22A9BD9A25469D21C70D437FA08ED36550A2EEEF3545EFDC5A0C0FCC1070A99B2D5EFC1A32D764AEE21DC38FD6086813C01F09298B41B3EFC7F34DB201EC538901C8E05A3B3295519042CF631226BBAF9A9F8A3C4BD6B00E24CD048A14ACA7C8B9EC1C1931853909EFF8B1FBCA46C9CB9E42BE7253E7F25A97C6D50E970EF8CEFE1C70C8A3254F5402F3DCC62A5A34B477A8B452352B6CB2BFC1F372130DBC4960DCD20088DB50B39998ECCB0CD2F797F7267529DB9A63B7BE8691F9B6155EFFAEEBDB8EE7FCA2EDD9DCC92B5DDCF536E87DA064010A15CA505885DEC6499E4B1408580A3F854E1C50BEA96D4B47D9022B004F426F1F69C7580573F60BA80045BA799FB486C1AB3E363D75DA7C2BE5E256001E728B4850BA99184068CFF7A87B25C95F43E17B35BEBFA4711A1307EA545B1BA97D13F752EB7CD6F42BA4776098D71C02E4961480D18AE898D2EBCD61E897041CB1A7057036F804F
-20210511180342 2 6 100 6143 5 EE2D1C3A0CC149C6675914AEFB8A3B27C939CB721B7D7D2AECDF4464406D6B59DF4C01ABE292F37396B097215BCF049F98D5B7CBA342EF5DFE31668084E83E783AC5C21CB152C08EE0BBAB4CC8F261AFD378F97D5044BC6BD3E555ADCF508ABC26E4CAF8D0B84EDDA7E78B56B89A497BC4D5A1D5C14D1A535777D4BBA17540B64F3E2695C5B134275A2F94D1388C0F666573454ED38B3E0CAA04BF5551662A429B54153795935493FE7E3C8130EE4568A278C2FF362D070FA4D10462B347E382EE340DF1EBBDBFEFAD66AB4B2296E982EC7F0947F6BF7845E8C40F9A7B4934727781E2D129C2E055227C3CD063BBFF14DE2958D6B4D3D3EF54ECA8757C3D102B98B6C97BE8087FE6B8ABC4B7D61AB491842E37A53890081C73359B4B878570BE3B30E557B819DBEC06F1291965419B7EAD74F1ADF900E771781024B44E5669DDA88FD9C62496764EA5CE3E791EB4CCDA3E4B665355C9EC92EF18046331332886B79DC3710C36F02D2EB260246AE83459514EF00FC5857CAC8562D4DD522FA4575ECD1BACA7313A1C91F72863DFC8AF0732C9025862525CF33E5EC545D356C620C70F16D2BDD22A9BD9A25469D21C70D437FA08ED36550A2EEEF3545EFDC5A0C0FCC1070A99B2D5EFC1A32D764AEE21DC38FD6086813C01F09298B41B3EFC7F34DB201EC538901C8E05A3B3295519042CF631226BBAF9A9F8A3C4BD6B00E24CD048A14ACA7C8B9EC1C1931853909EFF8B1FBCA46C9CB9E42BE7253E7F25A97C6D50E970EF8CEFE1C70C8A3254F5402F3DCC62A5A34B477A8B452352B6CB2BFC1F372130DBC4960DCD20088DB50B39998ECCB0CD2F797F7267529DB9A63B7BE8691F9B6155EFFAEEBDB8EE7FCA2EDD9DCC92B5DDCF536E87DA064010A15CA505885DEC6499E4B1408580A3F854E1C50BEA96D4B47D9022B004F426F1F69C7580573F60BA80045BA799FB486C1AB3E363D75DA7C2BE5E256001E728B4850BA99184068CFF7A87B25C95F43E17B35BEBFA4711A1307EA545B1BA97D13F752EB7CD6F42BA4776098D71C02E4961480D18AE898D2EBCD61E897041CB1A7057068862E7
-20210511183715 2 6 100 6143 5 EE2D1C3A0CC149C6675914AEFB8A3B27C939CB721B7D7D2AECDF4464406D6B59DF4C01ABE292F37396B097215BCF049F98D5B7CBA342EF5DFE31668084E83E783AC5C21CB152C08EE0BBAB4CC8F261AFD378F97D5044BC6BD3E555ADCF508ABC26E4CAF8D0B84EDDA7E78B56B89A497BC4D5A1D5C14D1A535777D4BBA17540B64F3E2695C5B134275A2F94D1388C0F666573454ED38B3E0CAA04BF5551662A429B54153795935493FE7E3C8130EE4568A278C2FF362D070FA4D10462B347E382EE340DF1EBBDBFEFAD66AB4B2296E982EC7F0947F6BF7845E8C40F9A7B4934727781E2D129C2E055227C3CD063BBFF14DE2958D6B4D3D3EF54ECA8757C3D102B98B6C97BE8087FE6B8ABC4B7D61AB491842E37A53890081C73359B4B878570BE3B30E557B819DBEC06F1291965419B7EAD74F1ADF900E771781024B44E5669DDA88FD9C62496764EA5CE3E791EB4CCDA3E4B665355C9EC92EF18046331332886B79DC3710C36F02D2EB260246AE83459514EF00FC5857CAC8562D4DD522FA4575ECD1BACA7313A1C91F72863DFC8AF0732C9025862525CF33E5EC545D356C620C70F16D2BDD22A9BD9A25469D21C70D437FA08ED36550A2EEEF3545EFDC5A0C0FCC1070A99B2D5EFC1A32D764AEE21DC38FD6086813C01F09298B41B3EFC7F34DB201EC538901C8E05A3B3295519042CF631226BBAF9A9F8A3C4BD6B00E24CD048A14ACA7C8B9EC1C1931853909EFF8B1FBCA46C9CB9E42BE7253E7F25A97C6D50E970EF8CEFE1C70C8A3254F5402F3DCC62A5A34B477A8B452352B6CB2BFC1F372130DBC4960DCD20088DB50B39998ECCB0CD2F797F7267529DB9A63B7BE8691F9B6155EFFAEEBDB8EE7FCA2EDD9DCC92B5DDCF536E87DA064010A15CA505885DEC6499E4B1408580A3F854E1C50BEA96D4B47D9022B004F426F1F69C7580573F60BA80045BA799FB486C1AB3E363D75DA7C2BE5E256001E728B4850BA99184068CFF7A87B25C95F43E17B35BEBFA4711A1307EA545B1BA97D13F752EB7CD6F42BA4776098D71C02E4961480D18AE898D2EBCD61E897041CB1A70570B38F77F
-20210511193129 2 6 100 6143 2 F58340194C3306C216EBA34FD995EAF9AF7B4471283E848F4B029734B8BCEBCD8E52D560FFF982CE43FF8B4743C8048BC6D4338C8B93AC9F00C5A9564A840146DE9539AD56551E9187BFC36282EE41C27355F3620B33561B868295222A693A11F5817C1A4306DAD1071FB2D38DE9462DBC4778784F4BD5B27F2FD173C360611E6A21FB82A494BEC22F4ABF1F5AA692B784E15FB737684C0ECC5B8D55FD023C52DE35464CA1AAA8F3F949F1BE6C194CB7C0DD0E5BA261A216CFC40D7DEA492929D777F6B8636A4C05D58652836E70E5956173BFD976CF08406210630C4489534639053F069285A6E55B851423BB3714647681FB05D545F941E69FE5756C500328991387212418E4C54146FBEF4A6D2481DE817DCAE3E1EEDE8E617357630B734FEFD566BB0338D8EE564F35518E59AF81F67AD190E45906A0832515515D6CCD73DE76FE730694CEED007F333DB1F6F9A026655F950751EF85AC1E571A3DA7203D1E53D4D93F521AE1AD75360DE1AD187EFE3A396F40AFED9C7797681A857003A7EA20C2203D2E40419253C6706FD30EAABC972CAA9C5C97B48DC734472D310E0DEE896862407E24A243EEE1E02309A6C7E1E53CD953B93FF54283ACE51B298BB1C92FF0A172948EF0CF8D239A5849D8E3D7AAC4486FB746501F3318145B042E62CA6EB70544E31581687DD67D8AD73FFB39DD71DA00E7F3738890D65610CAA049A5CD99AD928F98D3CFBD9A706E8908A2F51712B03562CB057F99431E0746B98DEE0D367DFC93CA546E26A44A72F47122FABCA47900D76A42B29C9160C46B40F811A1B8BA8651C7CEB1200DED520709D9CC0B21A20C9519084DA66A91158CE7A82674374580134EEA025BB0185807DF2A5B1EDEFEFA8D247A84B787E2597F8BF72ED6F570F32AACA50D10E94DB679FF68CE35AF77537EA4CB7928F7EDD5CABB65E32C0D88FACCFC51C2146BF3FDA433B76F09234552FC069312C38677AD95D501AF829B0A1484FEF9A2F804F0ECD4990079B66568956C34212CE0E483CF7C78D1E638893082826C15E7CA78004D04AC95EE36ED5200EBB74FA39E297FD7E2FF33
-20210511195502 2 6 100 6143 2 F58340194C3306C216EBA34FD995EAF9AF7B4471283E848F4B029734B8BCEBCD8E52D560FFF982CE43FF8B4743C8048BC6D4338C8B93AC9F00C5A9564A840146DE9539AD56551E9187BFC36282EE41C27355F3620B33561B868295222A693A11F5817C1A4306DAD1071FB2D38DE9462DBC4778784F4BD5B27F2FD173C360611E6A21FB82A494BEC22F4ABF1F5AA692B784E15FB737684C0ECC5B8D55FD023C52DE35464CA1AAA8F3F949F1BE6C194CB7C0DD0E5BA261A216CFC40D7DEA492929D777F6B8636A4C05D58652836E70E5956173BFD976CF08406210630C4489534639053F069285A6E55B851423BB3714647681FB05D545F941E69FE5756C500328991387212418E4C54146FBEF4A6D2481DE817DCAE3E1EEDE8E617357630B734FEFD566BB0338D8EE564F35518E59AF81F67AD190E45906A0832515515D6CCD73DE76FE730694CEED007F333DB1F6F9A026655F950751EF85AC1E571A3DA7203D1E53D4D93F521AE1AD75360DE1AD187EFE3A396F40AFED9C7797681A857003A7EA20C2203D2E40419253C6706FD30EAABC972CAA9C5C97B48DC734472D310E0DEE896862407E24A243EEE1E02309A6C7E1E53CD953B93FF54283ACE51B298BB1C92FF0A172948EF0CF8D239A5849D8E3D7AAC4486FB746501F3318145B042E62CA6EB70544E31581687DD67D8AD73FFB39DD71DA00E7F3738890D65610CAA049A5CD99AD928F98D3CFBD9A706E8908A2F51712B03562CB057F99431E0746B98DEE0D367DFC93CA546E26A44A72F47122FABCA47900D76A42B29C9160C46B40F811A1B8BA8651C7CEB1200DED520709D9CC0B21A20C9519084DA66A91158CE7A82674374580134EEA025BB0185807DF2A5B1EDEFEFA8D247A84B787E2597F8BF72ED6F570F32AACA50D10E94DB679FF68CE35AF77537EA4CB7928F7EDD5CABB65E32C0D88FACCFC51C2146BF3FDA433B76F09234552FC069312C38677AD95D501AF829B0A1484FEF9A2F804F0ECD4990079B66568956C34212CE0E483CF7C78D1E638893082826C15E7CA78004D04AC95EE36ED5200EBB74FA39E297FDB6A44F3
-20210511195827 2 6 100 6143 5 F58340194C3306C216EBA34FD995EAF9AF7B4471283E848F4B029734B8BCEBCD8E52D560FFF982CE43FF8B4743C8048BC6D4338C8B93AC9F00C5A9564A840146DE9539AD56551E9187BFC36282EE41C27355F3620B33561B868295222A693A11F5817C1A4306DAD1071FB2D38DE9462DBC4778784F4BD5B27F2FD173C360611E6A21FB82A494BEC22F4ABF1F5AA692B784E15FB737684C0ECC5B8D55FD023C52DE35464CA1AAA8F3F949F1BE6C194CB7C0DD0E5BA261A216CFC40D7DEA492929D777F6B8636A4C05D58652836E70E5956173BFD976CF08406210630C4489534639053F069285A6E55B851423BB3714647681FB05D545F941E69FE5756C500328991387212418E4C54146FBEF4A6D2481DE817DCAE3E1EEDE8E617357630B734FEFD566BB0338D8EE564F35518E59AF81F67AD190E45906A0832515515D6CCD73DE76FE730694CEED007F333DB1F6F9A026655F950751EF85AC1E571A3DA7203D1E53D4D93F521AE1AD75360DE1AD187EFE3A396F40AFED9C7797681A857003A7EA20C2203D2E40419253C6706FD30EAABC972CAA9C5C97B48DC734472D310E0DEE896862407E24A243EEE1E02309A6C7E1E53CD953B93FF54283ACE51B298BB1C92FF0A172948EF0CF8D239A5849D8E3D7AAC4486FB746501F3318145B042E62CA6EB70544E31581687DD67D8AD73FFB39DD71DA00E7F3738890D65610CAA049A5CD99AD928F98D3CFBD9A706E8908A2F51712B03562CB057F99431E0746B98DEE0D367DFC93CA546E26A44A72F47122FABCA47900D76A42B29C9160C46B40F811A1B8BA8651C7CEB1200DED520709D9CC0B21A20C9519084DA66A91158CE7A82674374580134EEA025BB0185807DF2A5B1EDEFEFA8D247A84B787E2597F8BF72ED6F570F32AACA50D10E94DB679FF68CE35AF77537EA4CB7928F7EDD5CABB65E32C0D88FACCFC51C2146BF3FDA433B76F09234552FC069312C38677AD95D501AF829B0A1484FEF9A2F804F0ECD4990079B66568956C34212CE0E483CF7C78D1E638893082826C15E7CA78004D04AC95EE36ED5200EBB74FA39E297FDBE676FF
-20210511204743 2 6 100 6143 2 F58340194C3306C216EBA34FD995EAF9AF7B4471283E848F4B029734B8BCEBCD8E52D560FFF982CE43FF8B4743C8048BC6D4338C8B93AC9F00C5A9564A840146DE9539AD56551E9187BFC36282EE41C27355F3620B33561B868295222A693A11F5817C1A4306DAD1071FB2D38DE9462DBC4778784F4BD5B27F2FD173C360611E6A21FB82A494BEC22F4ABF1F5AA692B784E15FB737684C0ECC5B8D55FD023C52DE35464CA1AAA8F3F949F1BE6C194CB7C0DD0E5BA261A216CFC40D7DEA492929D777F6B8636A4C05D58652836E70E5956173BFD976CF08406210630C4489534639053F069285A6E55B851423BB3714647681FB05D545F941E69FE5756C500328991387212418E4C54146FBEF4A6D2481DE817DCAE3E1EEDE8E617357630B734FEFD566BB0338D8EE564F35518E59AF81F67AD190E45906A0832515515D6CCD73DE76FE730694CEED007F333DB1F6F9A026655F950751EF85AC1E571A3DA7203D1E53D4D93F521AE1AD75360DE1AD187EFE3A396F40AFED9C7797681A857003A7EA20C2203D2E40419253C6706FD30EAABC972CAA9C5C97B48DC734472D310E0DEE896862407E24A243EEE1E02309A6C7E1E53CD953B93FF54283ACE51B298BB1C92FF0A172948EF0CF8D239A5849D8E3D7AAC4486FB746501F3318145B042E62CA6EB70544E31581687DD67D8AD73FFB39DD71DA00E7F3738890D65610CAA049A5CD99AD928F98D3CFBD9A706E8908A2F51712B03562CB057F99431E0746B98DEE0D367DFC93CA546E26A44A72F47122FABCA47900D76A42B29C9160C46B40F811A1B8BA8651C7CEB1200DED520709D9CC0B21A20C9519084DA66A91158CE7A82674374580134EEA025BB0185807DF2A5B1EDEFEFA8D247A84B787E2597F8BF72ED6F570F32AACA50D10E94DB679FF68CE35AF77537EA4CB7928F7EDD5CABB65E32C0D88FACCFC51C2146BF3FDA433B76F09234552FC069312C38677AD95D501AF829B0A1484FEF9A2F804F0ECD4990079B66568956C34212CE0E483CF7C78D1E638893082826C15E7CA78004D04AC95EE36ED5200EBB74FA39E297FE346C16B
-20210511205051 2 6 100 6143 5 F58340194C3306C216EBA34FD995EAF9AF7B4471283E848F4B029734B8BCEBCD8E52D560FFF982CE43FF8B4743C8048BC6D4338C8B93AC9F00C5A9564A840146DE9539AD56551E9187BFC36282EE41C27355F3620B33561B868295222A693A11F5817C1A4306DAD1071FB2D38DE9462DBC4778784F4BD5B27F2FD173C360611E6A21FB82A494BEC22F4ABF1F5AA692B784E15FB737684C0ECC5B8D55FD023C52DE35464CA1AAA8F3F949F1BE6C194CB7C0DD0E5BA261A216CFC40D7DEA492929D777F6B8636A4C05D58652836E70E5956173BFD976CF08406210630C4489534639053F069285A6E55B851423BB3714647681FB05D545F941E69FE5756C500328991387212418E4C54146FBEF4A6D2481DE817DCAE3E1EEDE8E617357630B734FEFD566BB0338D8EE564F35518E59AF81F67AD190E45906A0832515515D6CCD73DE76FE730694CEED007F333DB1F6F9A026655F950751EF85AC1E571A3DA7203D1E53D4D93F521AE1AD75360DE1AD187EFE3A396F40AFED9C7797681A857003A7EA20C2203D2E40419253C6706FD30EAABC972CAA9C5C97B48DC734472D310E0DEE896862407E24A243EEE1E02309A6C7E1E53CD953B93FF54283ACE51B298BB1C92FF0A172948EF0CF8D239A5849D8E3D7AAC4486FB746501F3318145B042E62CA6EB70544E31581687DD67D8AD73FFB39DD71DA00E7F3738890D65610CAA049A5CD99AD928F98D3CFBD9A706E8908A2F51712B03562CB057F99431E0746B98DEE0D367DFC93CA546E26A44A72F47122FABCA47900D76A42B29C9160C46B40F811A1B8BA8651C7CEB1200DED520709D9CC0B21A20C9519084DA66A91158CE7A82674374580134EEA025BB0185807DF2A5B1EDEFEFA8D247A84B787E2597F8BF72ED6F570F32AACA50D10E94DB679FF68CE35AF77537EA4CB7928F7EDD5CABB65E32C0D88FACCFC51C2146BF3FDA433B76F09234552FC069312C38677AD95D501AF829B0A1484FEF9A2F804F0ECD4990079B66568956C34212CE0E483CF7C78D1E638893082826C15E7CA78004D04AC95EE36ED5200EBB74FA39E297FE3B37BA7
-20210511210241 2 6 100 6143 5 F58340194C3306C216EBA34FD995EAF9AF7B4471283E848F4B029734B8BCEBCD8E52D560FFF982CE43FF8B4743C8048BC6D4338C8B93AC9F00C5A9564A840146DE9539AD56551E9187BFC36282EE41C27355F3620B33561B868295222A693A11F5817C1A4306DAD1071FB2D38DE9462DBC4778784F4BD5B27F2FD173C360611E6A21FB82A494BEC22F4ABF1F5AA692B784E15FB737684C0ECC5B8D55FD023C52DE35464CA1AAA8F3F949F1BE6C194CB7C0DD0E5BA261A216CFC40D7DEA492929D777F6B8636A4C05D58652836E70E5956173BFD976CF08406210630C4489534639053F069285A6E55B851423BB3714647681FB05D545F941E69FE5756C500328991387212418E4C54146FBEF4A6D2481DE817DCAE3E1EEDE8E617357630B734FEFD566BB0338D8EE564F35518E59AF81F67AD190E45906A0832515515D6CCD73DE76FE730694CEED007F333DB1F6F9A026655F950751EF85AC1E571A3DA7203D1E53D4D93F521AE1AD75360DE1AD187EFE3A396F40AFED9C7797681A857003A7EA20C2203D2E40419253C6706FD30EAABC972CAA9C5C97B48DC734472D310E0DEE896862407E24A243EEE1E02309A6C7E1E53CD953B93FF54283ACE51B298BB1C92FF0A172948EF0CF8D239A5849D8E3D7AAC4486FB746501F3318145B042E62CA6EB70544E31581687DD67D8AD73FFB39DD71DA00E7F3738890D65610CAA049A5CD99AD928F98D3CFBD9A706E8908A2F51712B03562CB057F99431E0746B98DEE0D367DFC93CA546E26A44A72F47122FABCA47900D76A42B29C9160C46B40F811A1B8BA8651C7CEB1200DED520709D9CC0B21A20C9519084DA66A91158CE7A82674374580134EEA025BB0185807DF2A5B1EDEFEFA8D247A84B787E2597F8BF72ED6F570F32AACA50D10E94DB679FF68CE35AF77537EA4CB7928F7EDD5CABB65E32C0D88FACCFC51C2146BF3FDA433B76F09234552FC069312C38677AD95D501AF829B0A1484FEF9A2F804F0ECD4990079B66568956C34212CE0E483CF7C78D1E638893082826C15E7CA78004D04AC95EE36ED5200EBB74FA39E297FE56FF4F7
-20210511211006 2 6 100 6143 2 F58340194C3306C216EBA34FD995EAF9AF7B4471283E848F4B029734B8BCEBCD8E52D560FFF982CE43FF8B4743C8048BC6D4338C8B93AC9F00C5A9564A840146DE9539AD56551E9187BFC36282EE41C27355F3620B33561B868295222A693A11F5817C1A4306DAD1071FB2D38DE9462DBC4778784F4BD5B27F2FD173C360611E6A21FB82A494BEC22F4ABF1F5AA692B784E15FB737684C0ECC5B8D55FD023C52DE35464CA1AAA8F3F949F1BE6C194CB7C0DD0E5BA261A216CFC40D7DEA492929D777F6B8636A4C05D58652836E70E5956173BFD976CF08406210630C4489534639053F069285A6E55B851423BB3714647681FB05D545F941E69FE5756C500328991387212418E4C54146FBEF4A6D2481DE817DCAE3E1EEDE8E617357630B734FEFD566BB0338D8EE564F35518E59AF81F67AD190E45906A0832515515D6CCD73DE76FE730694CEED007F333DB1F6F9A026655F950751EF85AC1E571A3DA7203D1E53D4D93F521AE1AD75360DE1AD187EFE3A396F40AFED9C7797681A857003A7EA20C2203D2E40419253C6706FD30EAABC972CAA9C5C97B48DC734472D310E0DEE896862407E24A243EEE1E02309A6C7E1E53CD953B93FF54283ACE51B298BB1C92FF0A172948EF0CF8D239A5849D8E3D7AAC4486FB746501F3318145B042E62CA6EB70544E31581687DD67D8AD73FFB39DD71DA00E7F3738890D65610CAA049A5CD99AD928F98D3CFBD9A706E8908A2F51712B03562CB057F99431E0746B98DEE0D367DFC93CA546E26A44A72F47122FABCA47900D76A42B29C9160C46B40F811A1B8BA8651C7CEB1200DED520709D9CC0B21A20C9519084DA66A91158CE7A82674374580134EEA025BB0185807DF2A5B1EDEFEFA8D247A84B787E2597F8BF72ED6F570F32AACA50D10E94DB679FF68CE35AF77537EA4CB7928F7EDD5CABB65E32C0D88FACCFC51C2146BF3FDA433B76F09234552FC069312C38677AD95D501AF829B0A1484FEF9A2F804F0ECD4990079B66568956C34212CE0E483CF7C78D1E638893082826C15E7CA78004D04AC95EE36ED5200EBB74FA39E297FE685FDFB
-20210511211804 2 6 100 6143 2 F58340194C3306C216EBA34FD995EAF9AF7B4471283E848F4B029734B8BCEBCD8E52D560FFF982CE43FF8B4743C8048BC6D4338C8B93AC9F00C5A9564A840146DE9539AD56551E9187BFC36282EE41C27355F3620B33561B868295222A693A11F5817C1A4306DAD1071FB2D38DE9462DBC4778784F4BD5B27F2FD173C360611E6A21FB82A494BEC22F4ABF1F5AA692B784E15FB737684C0ECC5B8D55FD023C52DE35464CA1AAA8F3F949F1BE6C194CB7C0DD0E5BA261A216CFC40D7DEA492929D777F6B8636A4C05D58652836E70E5956173BFD976CF08406210630C4489534639053F069285A6E55B851423BB3714647681FB05D545F941E69FE5756C500328991387212418E4C54146FBEF4A6D2481DE817DCAE3E1EEDE8E617357630B734FEFD566BB0338D8EE564F35518E59AF81F67AD190E45906A0832515515D6CCD73DE76FE730694CEED007F333DB1F6F9A026655F950751EF85AC1E571A3DA7203D1E53D4D93F521AE1AD75360DE1AD187EFE3A396F40AFED9C7797681A857003A7EA20C2203D2E40419253C6706FD30EAABC972CAA9C5C97B48DC734472D310E0DEE896862407E24A243EEE1E02309A6C7E1E53CD953B93FF54283ACE51B298BB1C92FF0A172948EF0CF8D239A5849D8E3D7AAC4486FB746501F3318145B042E62CA6EB70544E31581687DD67D8AD73FFB39DD71DA00E7F3738890D65610CAA049A5CD99AD928F98D3CFBD9A706E8908A2F51712B03562CB057F99431E0746B98DEE0D367DFC93CA546E26A44A72F47122FABCA47900D76A42B29C9160C46B40F811A1B8BA8651C7CEB1200DED520709D9CC0B21A20C9519084DA66A91158CE7A82674374580134EEA025BB0185807DF2A5B1EDEFEFA8D247A84B787E2597F8BF72ED6F570F32AACA50D10E94DB679FF68CE35AF77537EA4CB7928F7EDD5CABB65E32C0D88FACCFC51C2146BF3FDA433B76F09234552FC069312C38677AD95D501AF829B0A1484FEF9A2F804F0ECD4990079B66568956C34212CE0E483CF7C78D1E638893082826C15E7CA78004D04AC95EE36ED5200EBB74FA39E297FE7B482E3
-20210511213559 2 6 100 6143 2 F58340194C3306C216EBA34FD995EAF9AF7B4471283E848F4B029734B8BCEBCD8E52D560FFF982CE43FF8B4743C8048BC6D4338C8B93AC9F00C5A9564A840146DE9539AD56551E9187BFC36282EE41C27355F3620B33561B868295222A693A11F5817C1A4306DAD1071FB2D38DE9462DBC4778784F4BD5B27F2FD173C360611E6A21FB82A494BEC22F4ABF1F5AA692B784E15FB737684C0ECC5B8D55FD023C52DE35464CA1AAA8F3F949F1BE6C194CB7C0DD0E5BA261A216CFC40D7DEA492929D777F6B8636A4C05D58652836E70E5956173BFD976CF08406210630C4489534639053F069285A6E55B851423BB3714647681FB05D545F941E69FE5756C500328991387212418E4C54146FBEF4A6D2481DE817DCAE3E1EEDE8E617357630B734FEFD566BB0338D8EE564F35518E59AF81F67AD190E45906A0832515515D6CCD73DE76FE730694CEED007F333DB1F6F9A026655F950751EF85AC1E571A3DA7203D1E53D4D93F521AE1AD75360DE1AD187EFE3A396F40AFED9C7797681A857003A7EA20C2203D2E40419253C6706FD30EAABC972CAA9C5C97B48DC734472D310E0DEE896862407E24A243EEE1E02309A6C7E1E53CD953B93FF54283ACE51B298BB1C92FF0A172948EF0CF8D239A5849D8E3D7AAC4486FB746501F3318145B042E62CA6EB70544E31581687DD67D8AD73FFB39DD71DA00E7F3738890D65610CAA049A5CD99AD928F98D3CFBD9A706E8908A2F51712B03562CB057F99431E0746B98DEE0D367DFC93CA546E26A44A72F47122FABCA47900D76A42B29C9160C46B40F811A1B8BA8651C7CEB1200DED520709D9CC0B21A20C9519084DA66A91158CE7A82674374580134EEA025BB0185807DF2A5B1EDEFEFA8D247A84B787E2597F8BF72ED6F570F32AACA50D10E94DB679FF68CE35AF77537EA4CB7928F7EDD5CABB65E32C0D88FACCFC51C2146BF3FDA433B76F09234552FC069312C38677AD95D501AF829B0A1484FEF9A2F804F0ECD4990079B66568956C34212CE0E483CF7C78D1E638893082826C15E7CA78004D04AC95EE36ED5200EBB74FA39E297FEA624573
-20210511214955 2 6 100 6143 2 F58340194C3306C216EBA34FD995EAF9AF7B4471283E848F4B029734B8BCEBCD8E52D560FFF982CE43FF8B4743C8048BC6D4338C8B93AC9F00C5A9564A840146DE9539AD56551E9187BFC36282EE41C27355F3620B33561B868295222A693A11F5817C1A4306DAD1071FB2D38DE9462DBC4778784F4BD5B27F2FD173C360611E6A21FB82A494BEC22F4ABF1F5AA692B784E15FB737684C0ECC5B8D55FD023C52DE35464CA1AAA8F3F949F1BE6C194CB7C0DD0E5BA261A216CFC40D7DEA492929D777F6B8636A4C05D58652836E70E5956173BFD976CF08406210630C4489534639053F069285A6E55B851423BB3714647681FB05D545F941E69FE5756C500328991387212418E4C54146FBEF4A6D2481DE817DCAE3E1EEDE8E617357630B734FEFD566BB0338D8EE564F35518E59AF81F67AD190E45906A0832515515D6CCD73DE76FE730694CEED007F333DB1F6F9A026655F950751EF85AC1E571A3DA7203D1E53D4D93F521AE1AD75360DE1AD187EFE3A396F40AFED9C7797681A857003A7EA20C2203D2E40419253C6706FD30EAABC972CAA9C5C97B48DC734472D310E0DEE896862407E24A243EEE1E02309A6C7E1E53CD953B93FF54283ACE51B298BB1C92FF0A172948EF0CF8D239A5849D8E3D7AAC4486FB746501F3318145B042E62CA6EB70544E31581687DD67D8AD73FFB39DD71DA00E7F3738890D65610CAA049A5CD99AD928F98D3CFBD9A706E8908A2F51712B03562CB057F99431E0746B98DEE0D367DFC93CA546E26A44A72F47122FABCA47900D76A42B29C9160C46B40F811A1B8BA8651C7CEB1200DED520709D9CC0B21A20C9519084DA66A91158CE7A82674374580134EEA025BB0185807DF2A5B1EDEFEFA8D247A84B787E2597F8BF72ED6F570F32AACA50D10E94DB679FF68CE35AF77537EA4CB7928F7EDD5CABB65E32C0D88FACCFC51C2146BF3FDA433B76F09234552FC069312C38677AD95D501AF829B0A1484FEF9A2F804F0ECD4990079B66568956C34212CE0E483CF7C78D1E638893082826C15E7CA78004D04AC95EE36ED5200EBB74FA39E297FEC6A1563
-20210511220820 2 6 100 6143 2 F58340194C3306C216EBA34FD995EAF9AF7B4471283E848F4B029734B8BCEBCD8E52D560FFF982CE43FF8B4743C8048BC6D4338C8B93AC9F00C5A9564A840146DE9539AD56551E9187BFC36282EE41C27355F3620B33561B868295222A693A11F5817C1A4306DAD1071FB2D38DE9462DBC4778784F4BD5B27F2FD173C360611E6A21FB82A494BEC22F4ABF1F5AA692B784E15FB737684C0ECC5B8D55FD023C52DE35464CA1AAA8F3F949F1BE6C194CB7C0DD0E5BA261A216CFC40D7DEA492929D777F6B8636A4C05D58652836E70E5956173BFD976CF08406210630C4489534639053F069285A6E55B851423BB3714647681FB05D545F941E69FE5756C500328991387212418E4C54146FBEF4A6D2481DE817DCAE3E1EEDE8E617357630B734FEFD566BB0338D8EE564F35518E59AF81F67AD190E45906A0832515515D6CCD73DE76FE730694CEED007F333DB1F6F9A026655F950751EF85AC1E571A3DA7203D1E53D4D93F521AE1AD75360DE1AD187EFE3A396F40AFED9C7797681A857003A7EA20C2203D2E40419253C6706FD30EAABC972CAA9C5C97B48DC734472D310E0DEE896862407E24A243EEE1E02309A6C7E1E53CD953B93FF54283ACE51B298BB1C92FF0A172948EF0CF8D239A5849D8E3D7AAC4486FB746501F3318145B042E62CA6EB70544E31581687DD67D8AD73FFB39DD71DA00E7F3738890D65610CAA049A5CD99AD928F98D3CFBD9A706E8908A2F51712B03562CB057F99431E0746B98DEE0D367DFC93CA546E26A44A72F47122FABCA47900D76A42B29C9160C46B40F811A1B8BA8651C7CEB1200DED520709D9CC0B21A20C9519084DA66A91158CE7A82674374580134EEA025BB0185807DF2A5B1EDEFEFA8D247A84B787E2597F8BF72ED6F570F32AACA50D10E94DB679FF68CE35AF77537EA4CB7928F7EDD5CABB65E32C0D88FACCFC51C2146BF3FDA433B76F09234552FC069312C38677AD95D501AF829B0A1484FEF9A2F804F0ECD4990079B66568956C34212CE0E483CF7C78D1E638893082826C15E7CA78004D04AC95EE36ED5200EBB74FA39E297FEF28F693
-20210511221550 2 6 100 6143 5 F58340194C3306C216EBA34FD995EAF9AF7B4471283E848F4B029734B8BCEBCD8E52D560FFF982CE43FF8B4743C8048BC6D4338C8B93AC9F00C5A9564A840146DE9539AD56551E9187BFC36282EE41C27355F3620B33561B868295222A693A11F5817C1A4306DAD1071FB2D38DE9462DBC4778784F4BD5B27F2FD173C360611E6A21FB82A494BEC22F4ABF1F5AA692B784E15FB737684C0ECC5B8D55FD023C52DE35464CA1AAA8F3F949F1BE6C194CB7C0DD0E5BA261A216CFC40D7DEA492929D777F6B8636A4C05D58652836E70E5956173BFD976CF08406210630C4489534639053F069285A6E55B851423BB3714647681FB05D545F941E69FE5756C500328991387212418E4C54146FBEF4A6D2481DE817DCAE3E1EEDE8E617357630B734FEFD566BB0338D8EE564F35518E59AF81F67AD190E45906A0832515515D6CCD73DE76FE730694CEED007F333DB1F6F9A026655F950751EF85AC1E571A3DA7203D1E53D4D93F521AE1AD75360DE1AD187EFE3A396F40AFED9C7797681A857003A7EA20C2203D2E40419253C6706FD30EAABC972CAA9C5C97B48DC734472D310E0DEE896862407E24A243EEE1E02309A6C7E1E53CD953B93FF54283ACE51B298BB1C92FF0A172948EF0CF8D239A5849D8E3D7AAC4486FB746501F3318145B042E62CA6EB70544E31581687DD67D8AD73FFB39DD71DA00E7F3738890D65610CAA049A5CD99AD928F98D3CFBD9A706E8908A2F51712B03562CB057F99431E0746B98DEE0D367DFC93CA546E26A44A72F47122FABCA47900D76A42B29C9160C46B40F811A1B8BA8651C7CEB1200DED520709D9CC0B21A20C9519084DA66A91158CE7A82674374580134EEA025BB0185807DF2A5B1EDEFEFA8D247A84B787E2597F8BF72ED6F570F32AACA50D10E94DB679FF68CE35AF77537EA4CB7928F7EDD5CABB65E32C0D88FACCFC51C2146BF3FDA433B76F09234552FC069312C38677AD95D501AF829B0A1484FEF9A2F804F0ECD4990079B66568956C34212CE0E483CF7C78D1E638893082826C15E7CA78004D04AC95EE36ED5200EBB74FA39E297FF0410367
-20210511222301 2 6 100 6143 5 F58340194C3306C216EBA34FD995EAF9AF7B4471283E848F4B029734B8BCEBCD8E52D560FFF982CE43FF8B4743C8048BC6D4338C8B93AC9F00C5A9564A840146DE9539AD56551E9187BFC36282EE41C27355F3620B33561B868295222A693A11F5817C1A4306DAD1071FB2D38DE9462DBC4778784F4BD5B27F2FD173C360611E6A21FB82A494BEC22F4ABF1F5AA692B784E15FB737684C0ECC5B8D55FD023C52DE35464CA1AAA8F3F949F1BE6C194CB7C0DD0E5BA261A216CFC40D7DEA492929D777F6B8636A4C05D58652836E70E5956173BFD976CF08406210630C4489534639053F069285A6E55B851423BB3714647681FB05D545F941E69FE5756C500328991387212418E4C54146FBEF4A6D2481DE817DCAE3E1EEDE8E617357630B734FEFD566BB0338D8EE564F35518E59AF81F67AD190E45906A0832515515D6CCD73DE76FE730694CEED007F333DB1F6F9A026655F950751EF85AC1E571A3DA7203D1E53D4D93F521AE1AD75360DE1AD187EFE3A396F40AFED9C7797681A857003A7EA20C2203D2E40419253C6706FD30EAABC972CAA9C5C97B48DC734472D310E0DEE896862407E24A243EEE1E02309A6C7E1E53CD953B93FF54283ACE51B298BB1C92FF0A172948EF0CF8D239A5849D8E3D7AAC4486FB746501F3318145B042E62CA6EB70544E31581687DD67D8AD73FFB39DD71DA00E7F3738890D65610CAA049A5CD99AD928F98D3CFBD9A706E8908A2F51712B03562CB057F99431E0746B98DEE0D367DFC93CA546E26A44A72F47122FABCA47900D76A42B29C9160C46B40F811A1B8BA8651C7CEB1200DED520709D9CC0B21A20C9519084DA66A91158CE7A82674374580134EEA025BB0185807DF2A5B1EDEFEFA8D247A84B787E2597F8BF72ED6F570F32AACA50D10E94DB679FF68CE35AF77537EA4CB7928F7EDD5CABB65E32C0D88FACCFC51C2146BF3FDA433B76F09234552FC069312C38677AD95D501AF829B0A1484FEF9A2F804F0ECD4990079B66568956C34212CE0E483CF7C78D1E638893082826C15E7CA78004D04AC95EE36ED5200EBB74FA39E297FF14E2BAF
-20210511223017 2 6 100 6143 2 F58340194C3306C216EBA34FD995EAF9AF7B4471283E848F4B029734B8BCEBCD8E52D560FFF982CE43FF8B4743C8048BC6D4338C8B93AC9F00C5A9564A840146DE9539AD56551E9187BFC36282EE41C27355F3620B33561B868295222A693A11F5817C1A4306DAD1071FB2D38DE9462DBC4778784F4BD5B27F2FD173C360611E6A21FB82A494BEC22F4ABF1F5AA692B784E15FB737684C0ECC5B8D55FD023C52DE35464CA1AAA8F3F949F1BE6C194CB7C0DD0E5BA261A216CFC40D7DEA492929D777F6B8636A4C05D58652836E70E5956173BFD976CF08406210630C4489534639053F069285A6E55B851423BB3714647681FB05D545F941E69FE5756C500328991387212418E4C54146FBEF4A6D2481DE817DCAE3E1EEDE8E617357630B734FEFD566BB0338D8EE564F35518E59AF81F67AD190E45906A0832515515D6CCD73DE76FE730694CEED007F333DB1F6F9A026655F950751EF85AC1E571A3DA7203D1E53D4D93F521AE1AD75360DE1AD187EFE3A396F40AFED9C7797681A857003A7EA20C2203D2E40419253C6706FD30EAABC972CAA9C5C97B48DC734472D310E0DEE896862407E24A243EEE1E02309A6C7E1E53CD953B93FF54283ACE51B298BB1C92FF0A172948EF0CF8D239A5849D8E3D7AAC4486FB746501F3318145B042E62CA6EB70544E31581687DD67D8AD73FFB39DD71DA00E7F3738890D65610CAA049A5CD99AD928F98D3CFBD9A706E8908A2F51712B03562CB057F99431E0746B98DEE0D367DFC93CA546E26A44A72F47122FABCA47900D76A42B29C9160C46B40F811A1B8BA8651C7CEB1200DED520709D9CC0B21A20C9519084DA66A91158CE7A82674374580134EEA025BB0185807DF2A5B1EDEFEFA8D247A84B787E2597F8BF72ED6F570F32AACA50D10E94DB679FF68CE35AF77537EA4CB7928F7EDD5CABB65E32C0D88FACCFC51C2146BF3FDA433B76F09234552FC069312C38677AD95D501AF829B0A1484FEF9A2F804F0ECD4990079B66568956C34212CE0E483CF7C78D1E638893082826C15E7CA78004D04AC95EE36ED5200EBB74FA39E297FF25C4F8B
-20210511223717 2 6 100 6143 5 F58340194C3306C216EBA34FD995EAF9AF7B4471283E848F4B029734B8BCEBCD8E52D560FFF982CE43FF8B4743C8048BC6D4338C8B93AC9F00C5A9564A840146DE9539AD56551E9187BFC36282EE41C27355F3620B33561B868295222A693A11F5817C1A4306DAD1071FB2D38DE9462DBC4778784F4BD5B27F2FD173C360611E6A21FB82A494BEC22F4ABF1F5AA692B784E15FB737684C0ECC5B8D55FD023C52DE35464CA1AAA8F3F949F1BE6C194CB7C0DD0E5BA261A216CFC40D7DEA492929D777F6B8636A4C05D58652836E70E5956173BFD976CF08406210630C4489534639053F069285A6E55B851423BB3714647681FB05D545F941E69FE5756C500328991387212418E4C54146FBEF4A6D2481DE817DCAE3E1EEDE8E617357630B734FEFD566BB0338D8EE564F35518E59AF81F67AD190E45906A0832515515D6CCD73DE76FE730694CEED007F333DB1F6F9A026655F950751EF85AC1E571A3DA7203D1E53D4D93F521AE1AD75360DE1AD187EFE3A396F40AFED9C7797681A857003A7EA20C2203D2E40419253C6706FD30EAABC972CAA9C5C97B48DC734472D310E0DEE896862407E24A243EEE1E02309A6C7E1E53CD953B93FF54283ACE51B298BB1C92FF0A172948EF0CF8D239A5849D8E3D7AAC4486FB746501F3318145B042E62CA6EB70544E31581687DD67D8AD73FFB39DD71DA00E7F3738890D65610CAA049A5CD99AD928F98D3CFBD9A706E8908A2F51712B03562CB057F99431E0746B98DEE0D367DFC93CA546E26A44A72F47122FABCA47900D76A42B29C9160C46B40F811A1B8BA8651C7CEB1200DED520709D9CC0B21A20C9519084DA66A91158CE7A82674374580134EEA025BB0185807DF2A5B1EDEFEFA8D247A84B787E2597F8BF72ED6F570F32AACA50D10E94DB679FF68CE35AF77537EA4CB7928F7EDD5CABB65E32C0D88FACCFC51C2146BF3FDA433B76F09234552FC069312C38677AD95D501AF829B0A1484FEF9A2F804F0ECD4990079B66568956C34212CE0E483CF7C78D1E638893082826C15E7CA78004D04AC95EE36ED5200EBB74FA39E297FF358C9EF
-20210511224022 2 6 100 6143 5 F58340194C3306C216EBA34FD995EAF9AF7B4471283E848F4B029734B8BCEBCD8E52D560FFF982CE43FF8B4743C8048BC6D4338C8B93AC9F00C5A9564A840146DE9539AD56551E9187BFC36282EE41C27355F3620B33561B868295222A693A11F5817C1A4306DAD1071FB2D38DE9462DBC4778784F4BD5B27F2FD173C360611E6A21FB82A494BEC22F4ABF1F5AA692B784E15FB737684C0ECC5B8D55FD023C52DE35464CA1AAA8F3F949F1BE6C194CB7C0DD0E5BA261A216CFC40D7DEA492929D777F6B8636A4C05D58652836E70E5956173BFD976CF08406210630C4489534639053F069285A6E55B851423BB3714647681FB05D545F941E69FE5756C500328991387212418E4C54146FBEF4A6D2481DE817DCAE3E1EEDE8E617357630B734FEFD566BB0338D8EE564F35518E59AF81F67AD190E45906A0832515515D6CCD73DE76FE730694CEED007F333DB1F6F9A026655F950751EF85AC1E571A3DA7203D1E53D4D93F521AE1AD75360DE1AD187EFE3A396F40AFED9C7797681A857003A7EA20C2203D2E40419253C6706FD30EAABC972CAA9C5C97B48DC734472D310E0DEE896862407E24A243EEE1E02309A6C7E1E53CD953B93FF54283ACE51B298BB1C92FF0A172948EF0CF8D239A5849D8E3D7AAC4486FB746501F3318145B042E62CA6EB70544E31581687DD67D8AD73FFB39DD71DA00E7F3738890D65610CAA049A5CD99AD928F98D3CFBD9A706E8908A2F51712B03562CB057F99431E0746B98DEE0D367DFC93CA546E26A44A72F47122FABCA47900D76A42B29C9160C46B40F811A1B8BA8651C7CEB1200DED520709D9CC0B21A20C9519084DA66A91158CE7A82674374580134EEA025BB0185807DF2A5B1EDEFEFA8D247A84B787E2597F8BF72ED6F570F32AACA50D10E94DB679FF68CE35AF77537EA4CB7928F7EDD5CABB65E32C0D88FACCFC51C2146BF3FDA433B76F09234552FC069312C38677AD95D501AF829B0A1484FEF9A2F804F0ECD4990079B66568956C34212CE0E483CF7C78D1E638893082826C15E7CA78004D04AC95EE36ED5200EBB74FA39E297FF3C5C0C7
-20210511224934 2 6 100 6143 5 F58340194C3306C216EBA34FD995EAF9AF7B4471283E848F4B029734B8BCEBCD8E52D560FFF982CE43FF8B4743C8048BC6D4338C8B93AC9F00C5A9564A840146DE9539AD56551E9187BFC36282EE41C27355F3620B33561B868295222A693A11F5817C1A4306DAD1071FB2D38DE9462DBC4778784F4BD5B27F2FD173C360611E6A21FB82A494BEC22F4ABF1F5AA692B784E15FB737684C0ECC5B8D55FD023C52DE35464CA1AAA8F3F949F1BE6C194CB7C0DD0E5BA261A216CFC40D7DEA492929D777F6B8636A4C05D58652836E70E5956173BFD976CF08406210630C4489534639053F069285A6E55B851423BB3714647681FB05D545F941E69FE5756C500328991387212418E4C54146FBEF4A6D2481DE817DCAE3E1EEDE8E617357630B734FEFD566BB0338D8EE564F35518E59AF81F67AD190E45906A0832515515D6CCD73DE76FE730694CEED007F333DB1F6F9A026655F950751EF85AC1E571A3DA7203D1E53D4D93F521AE1AD75360DE1AD187EFE3A396F40AFED9C7797681A857003A7EA20C2203D2E40419253C6706FD30EAABC972CAA9C5C97B48DC734472D310E0DEE896862407E24A243EEE1E02309A6C7E1E53CD953B93FF54283ACE51B298BB1C92FF0A172948EF0CF8D239A5849D8E3D7AAC4486FB746501F3318145B042E62CA6EB70544E31581687DD67D8AD73FFB39DD71DA00E7F3738890D65610CAA049A5CD99AD928F98D3CFBD9A706E8908A2F51712B03562CB057F99431E0746B98DEE0D367DFC93CA546E26A44A72F47122FABCA47900D76A42B29C9160C46B40F811A1B8BA8651C7CEB1200DED520709D9CC0B21A20C9519084DA66A91158CE7A82674374580134EEA025BB0185807DF2A5B1EDEFEFA8D247A84B787E2597F8BF72ED6F570F32AACA50D10E94DB679FF68CE35AF77537EA4CB7928F7EDD5CABB65E32C0D88FACCFC51C2146BF3FDA433B76F09234552FC069312C38677AD95D501AF829B0A1484FEF9A2F804F0ECD4990079B66568956C34212CE0E483CF7C78D1E638893082826C15E7CA78004D04AC95EE36ED5200EBB74FA39E297FF5128EE7
-20210511225354 2 6 100 6143 2 F58340194C3306C216EBA34FD995EAF9AF7B4471283E848F4B029734B8BCEBCD8E52D560FFF982CE43FF8B4743C8048BC6D4338C8B93AC9F00C5A9564A840146DE9539AD56551E9187BFC36282EE41C27355F3620B33561B868295222A693A11F5817C1A4306DAD1071FB2D38DE9462DBC4778784F4BD5B27F2FD173C360611E6A21FB82A494BEC22F4ABF1F5AA692B784E15FB737684C0ECC5B8D55FD023C52DE35464CA1AAA8F3F949F1BE6C194CB7C0DD0E5BA261A216CFC40D7DEA492929D777F6B8636A4C05D58652836E70E5956173BFD976CF08406210630C4489534639053F069285A6E55B851423BB3714647681FB05D545F941E69FE5756C500328991387212418E4C54146FBEF4A6D2481DE817DCAE3E1EEDE8E617357630B734FEFD566BB0338D8EE564F35518E59AF81F67AD190E45906A0832515515D6CCD73DE76FE730694CEED007F333DB1F6F9A026655F950751EF85AC1E571A3DA7203D1E53D4D93F521AE1AD75360DE1AD187EFE3A396F40AFED9C7797681A857003A7EA20C2203D2E40419253C6706FD30EAABC972CAA9C5C97B48DC734472D310E0DEE896862407E24A243EEE1E02309A6C7E1E53CD953B93FF54283ACE51B298BB1C92FF0A172948EF0CF8D239A5849D8E3D7AAC4486FB746501F3318145B042E62CA6EB70544E31581687DD67D8AD73FFB39DD71DA00E7F3738890D65610CAA049A5CD99AD928F98D3CFBD9A706E8908A2F51712B03562CB057F99431E0746B98DEE0D367DFC93CA546E26A44A72F47122FABCA47900D76A42B29C9160C46B40F811A1B8BA8651C7CEB1200DED520709D9CC0B21A20C9519084DA66A91158CE7A82674374580134EEA025BB0185807DF2A5B1EDEFEFA8D247A84B787E2597F8BF72ED6F570F32AACA50D10E94DB679FF68CE35AF77537EA4CB7928F7EDD5CABB65E32C0D88FACCFC51C2146BF3FDA433B76F09234552FC069312C38677AD95D501AF829B0A1484FEF9A2F804F0ECD4990079B66568956C34212CE0E483CF7C78D1E638893082826C15E7CA78004D04AC95EE36ED5200EBB74FA39E297FF5AC9E43
-20210511225504 2 6 100 6143 5 F58340194C3306C216EBA34FD995EAF9AF7B4471283E848F4B029734B8BCEBCD8E52D560FFF982CE43FF8B4743C8048BC6D4338C8B93AC9F00C5A9564A840146DE9539AD56551E9187BFC36282EE41C27355F3620B33561B868295222A693A11F5817C1A4306DAD1071FB2D38DE9462DBC4778784F4BD5B27F2FD173C360611E6A21FB82A494BEC22F4ABF1F5AA692B784E15FB737684C0ECC5B8D55FD023C52DE35464CA1AAA8F3F949F1BE6C194CB7C0DD0E5BA261A216CFC40D7DEA492929D777F6B8636A4C05D58652836E70E5956173BFD976CF08406210630C4489534639053F069285A6E55B851423BB3714647681FB05D545F941E69FE5756C500328991387212418E4C54146FBEF4A6D2481DE817DCAE3E1EEDE8E617357630B734FEFD566BB0338D8EE564F35518E59AF81F67AD190E45906A0832515515D6CCD73DE76FE730694CEED007F333DB1F6F9A026655F950751EF85AC1E571A3DA7203D1E53D4D93F521AE1AD75360DE1AD187EFE3A396F40AFED9C7797681A857003A7EA20C2203D2E40419253C6706FD30EAABC972CAA9C5C97B48DC734472D310E0DEE896862407E24A243EEE1E02309A6C7E1E53CD953B93FF54283ACE51B298BB1C92FF0A172948EF0CF8D239A5849D8E3D7AAC4486FB746501F3318145B042E62CA6EB70544E31581687DD67D8AD73FFB39DD71DA00E7F3738890D65610CAA049A5CD99AD928F98D3CFBD9A706E8908A2F51712B03562CB057F99431E0746B98DEE0D367DFC93CA546E26A44A72F47122FABCA47900D76A42B29C9160C46B40F811A1B8BA8651C7CEB1200DED520709D9CC0B21A20C9519084DA66A91158CE7A82674374580134EEA025BB0185807DF2A5B1EDEFEFA8D247A84B787E2597F8BF72ED6F570F32AACA50D10E94DB679FF68CE35AF77537EA4CB7928F7EDD5CABB65E32C0D88FACCFC51C2146BF3FDA433B76F09234552FC069312C38677AD95D501AF829B0A1484FEF9A2F804F0ECD4990079B66568956C34212CE0E483CF7C78D1E638893082826C15E7CA78004D04AC95EE36ED5200EBB74FA39E297FF5CE8FCF
-20210511230424 2 6 100 6143 2 F58340194C3306C216EBA34FD995EAF9AF7B4471283E848F4B029734B8BCEBCD8E52D560FFF982CE43FF8B4743C8048BC6D4338C8B93AC9F00C5A9564A840146DE9539AD56551E9187BFC36282EE41C27355F3620B33561B868295222A693A11F5817C1A4306DAD1071FB2D38DE9462DBC4778784F4BD5B27F2FD173C360611E6A21FB82A494BEC22F4ABF1F5AA692B784E15FB737684C0ECC5B8D55FD023C52DE35464CA1AAA8F3F949F1BE6C194CB7C0DD0E5BA261A216CFC40D7DEA492929D777F6B8636A4C05D58652836E70E5956173BFD976CF08406210630C4489534639053F069285A6E55B851423BB3714647681FB05D545F941E69FE5756C500328991387212418E4C54146FBEF4A6D2481DE817DCAE3E1EEDE8E617357630B734FEFD566BB0338D8EE564F35518E59AF81F67AD190E45906A0832515515D6CCD73DE76FE730694CEED007F333DB1F6F9A026655F950751EF85AC1E571A3DA7203D1E53D4D93F521AE1AD75360DE1AD187EFE3A396F40AFED9C7797681A857003A7EA20C2203D2E40419253C6706FD30EAABC972CAA9C5C97B48DC734472D310E0DEE896862407E24A243EEE1E02309A6C7E1E53CD953B93FF54283ACE51B298BB1C92FF0A172948EF0CF8D239A5849D8E3D7AAC4486FB746501F3318145B042E62CA6EB70544E31581687DD67D8AD73FFB39DD71DA00E7F3738890D65610CAA049A5CD99AD928F98D3CFBD9A706E8908A2F51712B03562CB057F99431E0746B98DEE0D367DFC93CA546E26A44A72F47122FABCA47900D76A42B29C9160C46B40F811A1B8BA8651C7CEB1200DED520709D9CC0B21A20C9519084DA66A91158CE7A82674374580134EEA025BB0185807DF2A5B1EDEFEFA8D247A84B787E2597F8BF72ED6F570F32AACA50D10E94DB679FF68CE35AF77537EA4CB7928F7EDD5CABB65E32C0D88FACCFC51C2146BF3FDA433B76F09234552FC069312C38677AD95D501AF829B0A1484FEF9A2F804F0ECD4990079B66568956C34212CE0E483CF7C78D1E638893082826C15E7CA78004D04AC95EE36ED5200EBB74FA39E297FF71E9D43
-20210511233003 2 6 100 6143 5 F58340194C3306C216EBA34FD995EAF9AF7B4471283E848F4B029734B8BCEBCD8E52D560FFF982CE43FF8B4743C8048BC6D4338C8B93AC9F00C5A9564A840146DE9539AD56551E9187BFC36282EE41C27355F3620B33561B868295222A693A11F5817C1A4306DAD1071FB2D38DE9462DBC4778784F4BD5B27F2FD173C360611E6A21FB82A494BEC22F4ABF1F5AA692B784E15FB737684C0ECC5B8D55FD023C52DE35464CA1AAA8F3F949F1BE6C194CB7C0DD0E5BA261A216CFC40D7DEA492929D777F6B8636A4C05D58652836E70E5956173BFD976CF08406210630C4489534639053F069285A6E55B851423BB3714647681FB05D545F941E69FE5756C500328991387212418E4C54146FBEF4A6D2481DE817DCAE3E1EEDE8E617357630B734FEFD566BB0338D8EE564F35518E59AF81F67AD190E45906A0832515515D6CCD73DE76FE730694CEED007F333DB1F6F9A026655F950751EF85AC1E571A3DA7203D1E53D4D93F521AE1AD75360DE1AD187EFE3A396F40AFED9C7797681A857003A7EA20C2203D2E40419253C6706FD30EAABC972CAA9C5C97B48DC734472D310E0DEE896862407E24A243EEE1E02309A6C7E1E53CD953B93FF54283ACE51B298BB1C92FF0A172948EF0CF8D239A5849D8E3D7AAC4486FB746501F3318145B042E62CA6EB70544E31581687DD67D8AD73FFB39DD71DA00E7F3738890D65610CAA049A5CD99AD928F98D3CFBD9A706E8908A2F51712B03562CB057F99431E0746B98DEE0D367DFC93CA546E26A44A72F47122FABCA47900D76A42B29C9160C46B40F811A1B8BA8651C7CEB1200DED520709D9CC0B21A20C9519084DA66A91158CE7A82674374580134EEA025BB0185807DF2A5B1EDEFEFA8D247A84B787E2597F8BF72ED6F570F32AACA50D10E94DB679FF68CE35AF77537EA4CB7928F7EDD5CABB65E32C0D88FACCFC51C2146BF3FDA433B76F09234552FC069312C38677AD95D501AF829B0A1484FEF9A2F804F0ECD4990079B66568956C34212CE0E483CF7C78D1E638893082826C15E7CA78004D04AC95EE36ED5200EBB74FA39E297FFAD91657
-20210511233554 2 6 100 6143 2 F58340194C3306C216EBA34FD995EAF9AF7B4471283E848F4B029734B8BCEBCD8E52D560FFF982CE43FF8B4743C8048BC6D4338C8B93AC9F00C5A9564A840146DE9539AD56551E9187BFC36282EE41C27355F3620B33561B868295222A693A11F5817C1A4306DAD1071FB2D38DE9462DBC4778784F4BD5B27F2FD173C360611E6A21FB82A494BEC22F4ABF1F5AA692B784E15FB737684C0ECC5B8D55FD023C52DE35464CA1AAA8F3F949F1BE6C194CB7C0DD0E5BA261A216CFC40D7DEA492929D777F6B8636A4C05D58652836E70E5956173BFD976CF08406210630C4489534639053F069285A6E55B851423BB3714647681FB05D545F941E69FE5756C500328991387212418E4C54146FBEF4A6D2481DE817DCAE3E1EEDE8E617357630B734FEFD566BB0338D8EE564F35518E59AF81F67AD190E45906A0832515515D6CCD73DE76FE730694CEED007F333DB1F6F9A026655F950751EF85AC1E571A3DA7203D1E53D4D93F521AE1AD75360DE1AD187EFE3A396F40AFED9C7797681A857003A7EA20C2203D2E40419253C6706FD30EAABC972CAA9C5C97B48DC734472D310E0DEE896862407E24A243EEE1E02309A6C7E1E53CD953B93FF54283ACE51B298BB1C92FF0A172948EF0CF8D239A5849D8E3D7AAC4486FB746501F3318145B042E62CA6EB70544E31581687DD67D8AD73FFB39DD71DA00E7F3738890D65610CAA049A5CD99AD928F98D3CFBD9A706E8908A2F51712B03562CB057F99431E0746B98DEE0D367DFC93CA546E26A44A72F47122FABCA47900D76A42B29C9160C46B40F811A1B8BA8651C7CEB1200DED520709D9CC0B21A20C9519084DA66A91158CE7A82674374580134EEA025BB0185807DF2A5B1EDEFEFA8D247A84B787E2597F8BF72ED6F570F32AACA50D10E94DB679FF68CE35AF77537EA4CB7928F7EDD5CABB65E32C0D88FACCFC51C2146BF3FDA433B76F09234552FC069312C38677AD95D501AF829B0A1484FEF9A2F804F0ECD4990079B66568956C34212CE0E483CF7C78D1E638893082826C15E7CA78004D04AC95EE36ED5200EBB74FA39E297FFBAD309B
-20210511233732 2 6 100 6143 2 F58340194C3306C216EBA34FD995EAF9AF7B4471283E848F4B029734B8BCEBCD8E52D560FFF982CE43FF8B4743C8048BC6D4338C8B93AC9F00C5A9564A840146DE9539AD56551E9187BFC36282EE41C27355F3620B33561B868295222A693A11F5817C1A4306DAD1071FB2D38DE9462DBC4778784F4BD5B27F2FD173C360611E6A21FB82A494BEC22F4ABF1F5AA692B784E15FB737684C0ECC5B8D55FD023C52DE35464CA1AAA8F3F949F1BE6C194CB7C0DD0E5BA261A216CFC40D7DEA492929D777F6B8636A4C05D58652836E70E5956173BFD976CF08406210630C4489534639053F069285A6E55B851423BB3714647681FB05D545F941E69FE5756C500328991387212418E4C54146FBEF4A6D2481DE817DCAE3E1EEDE8E617357630B734FEFD566BB0338D8EE564F35518E59AF81F67AD190E45906A0832515515D6CCD73DE76FE730694CEED007F333DB1F6F9A026655F950751EF85AC1E571A3DA7203D1E53D4D93F521AE1AD75360DE1AD187EFE3A396F40AFED9C7797681A857003A7EA20C2203D2E40419253C6706FD30EAABC972CAA9C5C97B48DC734472D310E0DEE896862407E24A243EEE1E02309A6C7E1E53CD953B93FF54283ACE51B298BB1C92FF0A172948EF0CF8D239A5849D8E3D7AAC4486FB746501F3318145B042E62CA6EB70544E31581687DD67D8AD73FFB39DD71DA00E7F3738890D65610CAA049A5CD99AD928F98D3CFBD9A706E8908A2F51712B03562CB057F99431E0746B98DEE0D367DFC93CA546E26A44A72F47122FABCA47900D76A42B29C9160C46B40F811A1B8BA8651C7CEB1200DED520709D9CC0B21A20C9519084DA66A91158CE7A82674374580134EEA025BB0185807DF2A5B1EDEFEFA8D247A84B787E2597F8BF72ED6F570F32AACA50D10E94DB679FF68CE35AF77537EA4CB7928F7EDD5CABB65E32C0D88FACCFC51C2146BF3FDA433B76F09234552FC069312C38677AD95D501AF829B0A1484FEF9A2F804F0ECD4990079B66568956C34212CE0E483CF7C78D1E638893082826C15E7CA78004D04AC95EE36ED5200EBB74FA39E297FFBE1CC5B
-20210511235930 2 6 100 6143 2 F58340194C3306C216EBA34FD995EAF9AF7B4471283E848F4B029734B8BCEBCD8E52D560FFF982CE43FF8B4743C8048BC6D4338C8B93AC9F00C5A9564A840146DE9539AD56551E9187BFC36282EE41C27355F3620B33561B868295222A693A11F5817C1A4306DAD1071FB2D38DE9462DBC4778784F4BD5B27F2FD173C360611E6A21FB82A494BEC22F4ABF1F5AA692B784E15FB737684C0ECC5B8D55FD023C52DE35464CA1AAA8F3F949F1BE6C194CB7C0DD0E5BA261A216CFC40D7DEA492929D777F6B8636A4C05D58652836E70E5956173BFD976CF08406210630C4489534639053F069285A6E55B851423BB3714647681FB05D545F941E69FE5756C500328991387212418E4C54146FBEF4A6D2481DE817DCAE3E1EEDE8E617357630B734FEFD566BB0338D8EE564F35518E59AF81F67AD190E45906A0832515515D6CCD73DE76FE730694CEED007F333DB1F6F9A026655F950751EF85AC1E571A3DA7203D1E53D4D93F521AE1AD75360DE1AD187EFE3A396F40AFED9C7797681A857003A7EA20C2203D2E40419253C6706FD30EAABC972CAA9C5C97B48DC734472D310E0DEE896862407E24A243EEE1E02309A6C7E1E53CD953B93FF54283ACE51B298BB1C92FF0A172948EF0CF8D239A5849D8E3D7AAC4486FB746501F3318145B042E62CA6EB70544E31581687DD67D8AD73FFB39DD71DA00E7F3738890D65610CAA049A5CD99AD928F98D3CFBD9A706E8908A2F51712B03562CB057F99431E0746B98DEE0D367DFC93CA546E26A44A72F47122FABCA47900D76A42B29C9160C46B40F811A1B8BA8651C7CEB1200DED520709D9CC0B21A20C9519084DA66A91158CE7A82674374580134EEA025BB0185807DF2A5B1EDEFEFA8D247A84B787E2597F8BF72ED6F570F32AACA50D10E94DB679FF68CE35AF77537EA4CB7928F7EDD5CABB65E32C0D88FACCFC51C2146BF3FDA433B76F09234552FC069312C38677AD95D501AF829B0A1484FEF9A2F804F0ECD4990079B66568956C34212CE0E483CF7C78D1E638893082826C15E7CA78004D04AC95EE36ED5200EBB74FA39E297FFF12F2D3
-20210512001430 2 6 100 6143 2 F58340194C3306C216EBA34FD995EAF9AF7B4471283E848F4B029734B8BCEBCD8E52D560FFF982CE43FF8B4743C8048BC6D4338C8B93AC9F00C5A9564A840146DE9539AD56551E9187BFC36282EE41C27355F3620B33561B868295222A693A11F5817C1A4306DAD1071FB2D38DE9462DBC4778784F4BD5B27F2FD173C360611E6A21FB82A494BEC22F4ABF1F5AA692B784E15FB737684C0ECC5B8D55FD023C52DE35464CA1AAA8F3F949F1BE6C194CB7C0DD0E5BA261A216CFC40D7DEA492929D777F6B8636A4C05D58652836E70E5956173BFD976CF08406210630C4489534639053F069285A6E55B851423BB3714647681FB05D545F941E69FE5756C500328991387212418E4C54146FBEF4A6D2481DE817DCAE3E1EEDE8E617357630B734FEFD566BB0338D8EE564F35518E59AF81F67AD190E45906A0832515515D6CCD73DE76FE730694CEED007F333DB1F6F9A026655F950751EF85AC1E571A3DA7203D1E53D4D93F521AE1AD75360DE1AD187EFE3A396F40AFED9C7797681A857003A7EA20C2203D2E40419253C6706FD30EAABC972CAA9C5C97B48DC734472D310E0DEE896862407E24A243EEE1E02309A6C7E1E53CD953B93FF54283ACE51B298BB1C92FF0A172948EF0CF8D239A5849D8E3D7AAC4486FB746501F3318145B042E62CA6EB70544E31581687DD67D8AD73FFB39DD71DA00E7F3738890D65610CAA049A5CD99AD928F98D3CFBD9A706E8908A2F51712B03562CB057F99431E0746B98DEE0D367DFC93CA546E26A44A72F47122FABCA47900D76A42B29C9160C46B40F811A1B8BA8651C7CEB1200DED520709D9CC0B21A20C9519084DA66A91158CE7A82674374580134EEA025BB0185807DF2A5B1EDEFEFA8D247A84B787E2597F8BF72ED6F570F32AACA50D10E94DB679FF68CE35AF77537EA4CB7928F7EDD5CABB65E32C0D88FACCFC51C2146BF3FDA433B76F09234552FC069312C38677AD95D501AF829B0A1484FEF9A2F804F0ECD4990079B66568956C34212CE0E483CF7C78D1E638893082826C15E7CA78004D04AC95EE36ED5200EBB74FA39E298001373093
-20210512002303 2 6 100 6143 2 F58340194C3306C216EBA34FD995EAF9AF7B4471283E848F4B029734B8BCEBCD8E52D560FFF982CE43FF8B4743C8048BC6D4338C8B93AC9F00C5A9564A840146DE9539AD56551E9187BFC36282EE41C27355F3620B33561B868295222A693A11F5817C1A4306DAD1071FB2D38DE9462DBC4778784F4BD5B27F2FD173C360611E6A21FB82A494BEC22F4ABF1F5AA692B784E15FB737684C0ECC5B8D55FD023C52DE35464CA1AAA8F3F949F1BE6C194CB7C0DD0E5BA261A216CFC40D7DEA492929D777F6B8636A4C05D58652836E70E5956173BFD976CF08406210630C4489534639053F069285A6E55B851423BB3714647681FB05D545F941E69FE5756C500328991387212418E4C54146FBEF4A6D2481DE817DCAE3E1EEDE8E617357630B734FEFD566BB0338D8EE564F35518E59AF81F67AD190E45906A0832515515D6CCD73DE76FE730694CEED007F333DB1F6F9A026655F950751EF85AC1E571A3DA7203D1E53D4D93F521AE1AD75360DE1AD187EFE3A396F40AFED9C7797681A857003A7EA20C2203D2E40419253C6706FD30EAABC972CAA9C5C97B48DC734472D310E0DEE896862407E24A243EEE1E02309A6C7E1E53CD953B93FF54283ACE51B298BB1C92FF0A172948EF0CF8D239A5849D8E3D7AAC4486FB746501F3318145B042E62CA6EB70544E31581687DD67D8AD73FFB39DD71DA00E7F3738890D65610CAA049A5CD99AD928F98D3CFBD9A706E8908A2F51712B03562CB057F99431E0746B98DEE0D367DFC93CA546E26A44A72F47122FABCA47900D76A42B29C9160C46B40F811A1B8BA8651C7CEB1200DED520709D9CC0B21A20C9519084DA66A91158CE7A82674374580134EEA025BB0185807DF2A5B1EDEFEFA8D247A84B787E2597F8BF72ED6F570F32AACA50D10E94DB679FF68CE35AF77537EA4CB7928F7EDD5CABB65E32C0D88FACCFC51C2146BF3FDA433B76F09234552FC069312C38677AD95D501AF829B0A1484FEF9A2F804F0ECD4990079B66568956C34212CE0E483CF7C78D1E638893082826C15E7CA78004D04AC95EE36ED5200EBB74FA39E2980026463FB
-20210512004700 2 6 100 6143 5 F58340194C3306C216EBA34FD995EAF9AF7B4471283E848F4B029734B8BCEBCD8E52D560FFF982CE43FF8B4743C8048BC6D4338C8B93AC9F00C5A9564A840146DE9539AD56551E9187BFC36282EE41C27355F3620B33561B868295222A693A11F5817C1A4306DAD1071FB2D38DE9462DBC4778784F4BD5B27F2FD173C360611E6A21FB82A494BEC22F4ABF1F5AA692B784E15FB737684C0ECC5B8D55FD023C52DE35464CA1AAA8F3F949F1BE6C194CB7C0DD0E5BA261A216CFC40D7DEA492929D777F6B8636A4C05D58652836E70E5956173BFD976CF08406210630C4489534639053F069285A6E55B851423BB3714647681FB05D545F941E69FE5756C500328991387212418E4C54146FBEF4A6D2481DE817DCAE3E1EEDE8E617357630B734FEFD566BB0338D8EE564F35518E59AF81F67AD190E45906A0832515515D6CCD73DE76FE730694CEED007F333DB1F6F9A026655F950751EF85AC1E571A3DA7203D1E53D4D93F521AE1AD75360DE1AD187EFE3A396F40AFED9C7797681A857003A7EA20C2203D2E40419253C6706FD30EAABC972CAA9C5C97B48DC734472D310E0DEE896862407E24A243EEE1E02309A6C7E1E53CD953B93FF54283ACE51B298BB1C92FF0A172948EF0CF8D239A5849D8E3D7AAC4486FB746501F3318145B042E62CA6EB70544E31581687DD67D8AD73FFB39DD71DA00E7F3738890D65610CAA049A5CD99AD928F98D3CFBD9A706E8908A2F51712B03562CB057F99431E0746B98DEE0D367DFC93CA546E26A44A72F47122FABCA47900D76A42B29C9160C46B40F811A1B8BA8651C7CEB1200DED520709D9CC0B21A20C9519084DA66A91158CE7A82674374580134EEA025BB0185807DF2A5B1EDEFEFA8D247A84B787E2597F8BF72ED6F570F32AACA50D10E94DB679FF68CE35AF77537EA4CB7928F7EDD5CABB65E32C0D88FACCFC51C2146BF3FDA433B76F09234552FC069312C38677AD95D501AF829B0A1484FEF9A2F804F0ECD4990079B66568956C34212CE0E483CF7C78D1E638893082826C15E7CA78004D04AC95EE36ED5200EBB74FA39E298005D412AF
-20210512011719 2 6 100 6143 5 F58340194C3306C216EBA34FD995EAF9AF7B4471283E848F4B029734B8BCEBCD8E52D560FFF982CE43FF8B4743C8048BC6D4338C8B93AC9F00C5A9564A840146DE9539AD56551E9187BFC36282EE41C27355F3620B33561B868295222A693A11F5817C1A4306DAD1071FB2D38DE9462DBC4778784F4BD5B27F2FD173C360611E6A21FB82A494BEC22F4ABF1F5AA692B784E15FB737684C0ECC5B8D55FD023C52DE35464CA1AAA8F3F949F1BE6C194CB7C0DD0E5BA261A216CFC40D7DEA492929D777F6B8636A4C05D58652836E70E5956173BFD976CF08406210630C4489534639053F069285A6E55B851423BB3714647681FB05D545F941E69FE5756C500328991387212418E4C54146FBEF4A6D2481DE817DCAE3E1EEDE8E617357630B734FEFD566BB0338D8EE564F35518E59AF81F67AD190E45906A0832515515D6CCD73DE76FE730694CEED007F333DB1F6F9A026655F950751EF85AC1E571A3DA7203D1E53D4D93F521AE1AD75360DE1AD187EFE3A396F40AFED9C7797681A857003A7EA20C2203D2E40419253C6706FD30EAABC972CAA9C5C97B48DC734472D310E0DEE896862407E24A243EEE1E02309A6C7E1E53CD953B93FF54283ACE51B298BB1C92FF0A172948EF0CF8D239A5849D8E3D7AAC4486FB746501F3318145B042E62CA6EB70544E31581687DD67D8AD73FFB39DD71DA00E7F3738890D65610CAA049A5CD99AD928F98D3CFBD9A706E8908A2F51712B03562CB057F99431E0746B98DEE0D367DFC93CA546E26A44A72F47122FABCA47900D76A42B29C9160C46B40F811A1B8BA8651C7CEB1200DED520709D9CC0B21A20C9519084DA66A91158CE7A82674374580134EEA025BB0185807DF2A5B1EDEFEFA8D247A84B787E2597F8BF72ED6F570F32AACA50D10E94DB679FF68CE35AF77537EA4CB7928F7EDD5CABB65E32C0D88FACCFC51C2146BF3FDA433B76F09234552FC069312C38677AD95D501AF829B0A1484FEF9A2F804F0ECD4990079B66568956C34212CE0E483CF7C78D1E638893082826C15E7CA78004D04AC95EE36ED5200EBB74FA39E29800A1EF6AF
-20210512012230 2 6 100 6143 2 F58340194C3306C216EBA34FD995EAF9AF7B4471283E848F4B029734B8BCEBCD8E52D560FFF982CE43FF8B4743C8048BC6D4338C8B93AC9F00C5A9564A840146DE9539AD56551E9187BFC36282EE41C27355F3620B33561B868295222A693A11F5817C1A4306DAD1071FB2D38DE9462DBC4778784F4BD5B27F2FD173C360611E6A21FB82A494BEC22F4ABF1F5AA692B784E15FB737684C0ECC5B8D55FD023C52DE35464CA1AAA8F3F949F1BE6C194CB7C0DD0E5BA261A216CFC40D7DEA492929D777F6B8636A4C05D58652836E70E5956173BFD976CF08406210630C4489534639053F069285A6E55B851423BB3714647681FB05D545F941E69FE5756C500328991387212418E4C54146FBEF4A6D2481DE817DCAE3E1EEDE8E617357630B734FEFD566BB0338D8EE564F35518E59AF81F67AD190E45906A0832515515D6CCD73DE76FE730694CEED007F333DB1F6F9A026655F950751EF85AC1E571A3DA7203D1E53D4D93F521AE1AD75360DE1AD187EFE3A396F40AFED9C7797681A857003A7EA20C2203D2E40419253C6706FD30EAABC972CAA9C5C97B48DC734472D310E0DEE896862407E24A243EEE1E02309A6C7E1E53CD953B93FF54283ACE51B298BB1C92FF0A172948EF0CF8D239A5849D8E3D7AAC4486FB746501F3318145B042E62CA6EB70544E31581687DD67D8AD73FFB39DD71DA00E7F3738890D65610CAA049A5CD99AD928F98D3CFBD9A706E8908A2F51712B03562CB057F99431E0746B98DEE0D367DFC93CA546E26A44A72F47122FABCA47900D76A42B29C9160C46B40F811A1B8BA8651C7CEB1200DED520709D9CC0B21A20C9519084DA66A91158CE7A82674374580134EEA025BB0185807DF2A5B1EDEFEFA8D247A84B787E2597F8BF72ED6F570F32AACA50D10E94DB679FF68CE35AF77537EA4CB7928F7EDD5CABB65E32C0D88FACCFC51C2146BF3FDA433B76F09234552FC069312C38677AD95D501AF829B0A1484FEF9A2F804F0ECD4990079B66568956C34212CE0E483CF7C78D1E638893082826C15E7CA78004D04AC95EE36ED5200EBB74FA39E29800AD88A43
-20210512012724 2 6 100 6143 5 F58340194C3306C216EBA34FD995EAF9AF7B4471283E848F4B029734B8BCEBCD8E52D560FFF982CE43FF8B4743C8048BC6D4338C8B93AC9F00C5A9564A840146DE9539AD56551E9187BFC36282EE41C27355F3620B33561B868295222A693A11F5817C1A4306DAD1071FB2D38DE9462DBC4778784F4BD5B27F2FD173C360611E6A21FB82A494BEC22F4ABF1F5AA692B784E15FB737684C0ECC5B8D55FD023C52DE35464CA1AAA8F3F949F1BE6C194CB7C0DD0E5BA261A216CFC40D7DEA492929D777F6B8636A4C05D58652836E70E5956173BFD976CF08406210630C4489534639053F069285A6E55B851423BB3714647681FB05D545F941E69FE5756C500328991387212418E4C54146FBEF4A6D2481DE817DCAE3E1EEDE8E617357630B734FEFD566BB0338D8EE564F35518E59AF81F67AD190E45906A0832515515D6CCD73DE76FE730694CEED007F333DB1F6F9A026655F950751EF85AC1E571A3DA7203D1E53D4D93F521AE1AD75360DE1AD187EFE3A396F40AFED9C7797681A857003A7EA20C2203D2E40419253C6706FD30EAABC972CAA9C5C97B48DC734472D310E0DEE896862407E24A243EEE1E02309A6C7E1E53CD953B93FF54283ACE51B298BB1C92FF0A172948EF0CF8D239A5849D8E3D7AAC4486FB746501F3318145B042E62CA6EB70544E31581687DD67D8AD73FFB39DD71DA00E7F3738890D65610CAA049A5CD99AD928F98D3CFBD9A706E8908A2F51712B03562CB057F99431E0746B98DEE0D367DFC93CA546E26A44A72F47122FABCA47900D76A42B29C9160C46B40F811A1B8BA8651C7CEB1200DED520709D9CC0B21A20C9519084DA66A91158CE7A82674374580134EEA025BB0185807DF2A5B1EDEFEFA8D247A84B787E2597F8BF72ED6F570F32AACA50D10E94DB679FF68CE35AF77537EA4CB7928F7EDD5CABB65E32C0D88FACCFC51C2146BF3FDA433B76F09234552FC069312C38677AD95D501AF829B0A1484FEF9A2F804F0ECD4990079B66568956C34212CE0E483CF7C78D1E638893082826C15E7CA78004D04AC95EE36ED5200EBB74FA39E29800B84DE0F
-20210512013230 2 6 100 6143 5 F58340194C3306C216EBA34FD995EAF9AF7B4471283E848F4B029734B8BCEBCD8E52D560FFF982CE43FF8B4743C8048BC6D4338C8B93AC9F00C5A9564A840146DE9539AD56551E9187BFC36282EE41C27355F3620B33561B868295222A693A11F5817C1A4306DAD1071FB2D38DE9462DBC4778784F4BD5B27F2FD173C360611E6A21FB82A494BEC22F4ABF1F5AA692B784E15FB737684C0ECC5B8D55FD023C52DE35464CA1AAA8F3F949F1BE6C194CB7C0DD0E5BA261A216CFC40D7DEA492929D777F6B8636A4C05D58652836E70E5956173BFD976CF08406210630C4489534639053F069285A6E55B851423BB3714647681FB05D545F941E69FE5756C500328991387212418E4C54146FBEF4A6D2481DE817DCAE3E1EEDE8E617357630B734FEFD566BB0338D8EE564F35518E59AF81F67AD190E45906A0832515515D6CCD73DE76FE730694CEED007F333DB1F6F9A026655F950751EF85AC1E571A3DA7203D1E53D4D93F521AE1AD75360DE1AD187EFE3A396F40AFED9C7797681A857003A7EA20C2203D2E40419253C6706FD30EAABC972CAA9C5C97B48DC734472D310E0DEE896862407E24A243EEE1E02309A6C7E1E53CD953B93FF54283ACE51B298BB1C92FF0A172948EF0CF8D239A5849D8E3D7AAC4486FB746501F3318145B042E62CA6EB70544E31581687DD67D8AD73FFB39DD71DA00E7F3738890D65610CAA049A5CD99AD928F98D3CFBD9A706E8908A2F51712B03562CB057F99431E0746B98DEE0D367DFC93CA546E26A44A72F47122FABCA47900D76A42B29C9160C46B40F811A1B8BA8651C7CEB1200DED520709D9CC0B21A20C9519084DA66A91158CE7A82674374580134EEA025BB0185807DF2A5B1EDEFEFA8D247A84B787E2597F8BF72ED6F570F32AACA50D10E94DB679FF68CE35AF77537EA4CB7928F7EDD5CABB65E32C0D88FACCFC51C2146BF3FDA433B76F09234552FC069312C38677AD95D501AF829B0A1484FEF9A2F804F0ECD4990079B66568956C34212CE0E483CF7C78D1E638893082826C15E7CA78004D04AC95EE36ED5200EBB74FA39E29800C3AA1EF
-20210512013650 2 6 100 6143 2 F58340194C3306C216EBA34FD995EAF9AF7B4471283E848F4B029734B8BCEBCD8E52D560FFF982CE43FF8B4743C8048BC6D4338C8B93AC9F00C5A9564A840146DE9539AD56551E9187BFC36282EE41C27355F3620B33561B868295222A693A11F5817C1A4306DAD1071FB2D38DE9462DBC4778784F4BD5B27F2FD173C360611E6A21FB82A494BEC22F4ABF1F5AA692B784E15FB737684C0ECC5B8D55FD023C52DE35464CA1AAA8F3F949F1BE6C194CB7C0DD0E5BA261A216CFC40D7DEA492929D777F6B8636A4C05D58652836E70E5956173BFD976CF08406210630C4489534639053F069285A6E55B851423BB3714647681FB05D545F941E69FE5756C500328991387212418E4C54146FBEF4A6D2481DE817DCAE3E1EEDE8E617357630B734FEFD566BB0338D8EE564F35518E59AF81F67AD190E45906A0832515515D6CCD73DE76FE730694CEED007F333DB1F6F9A026655F950751EF85AC1E571A3DA7203D1E53D4D93F521AE1AD75360DE1AD187EFE3A396F40AFED9C7797681A857003A7EA20C2203D2E40419253C6706FD30EAABC972CAA9C5C97B48DC734472D310E0DEE896862407E24A243EEE1E02309A6C7E1E53CD953B93FF54283ACE51B298BB1C92FF0A172948EF0CF8D239A5849D8E3D7AAC4486FB746501F3318145B042E62CA6EB70544E31581687DD67D8AD73FFB39DD71DA00E7F3738890D65610CAA049A5CD99AD928F98D3CFBD9A706E8908A2F51712B03562CB057F99431E0746B98DEE0D367DFC93CA546E26A44A72F47122FABCA47900D76A42B29C9160C46B40F811A1B8BA8651C7CEB1200DED520709D9CC0B21A20C9519084DA66A91158CE7A82674374580134EEA025BB0185807DF2A5B1EDEFEFA8D247A84B787E2597F8BF72ED6F570F32AACA50D10E94DB679FF68CE35AF77537EA4CB7928F7EDD5CABB65E32C0D88FACCFC51C2146BF3FDA433B76F09234552FC069312C38677AD95D501AF829B0A1484FEF9A2F804F0ECD4990079B66568956C34212CE0E483CF7C78D1E638893082826C15E7CA78004D04AC95EE36ED5200EBB74FA39E29800CCDD483
-20210512015950 2 6 100 6143 2 F58340194C3306C216EBA34FD995EAF9AF7B4471283E848F4B029734B8BCEBCD8E52D560FFF982CE43FF8B4743C8048BC6D4338C8B93AC9F00C5A9564A840146DE9539AD56551E9187BFC36282EE41C27355F3620B33561B868295222A693A11F5817C1A4306DAD1071FB2D38DE9462DBC4778784F4BD5B27F2FD173C360611E6A21FB82A494BEC22F4ABF1F5AA692B784E15FB737684C0ECC5B8D55FD023C52DE35464CA1AAA8F3F949F1BE6C194CB7C0DD0E5BA261A216CFC40D7DEA492929D777F6B8636A4C05D58652836E70E5956173BFD976CF08406210630C4489534639053F069285A6E55B851423BB3714647681FB05D545F941E69FE5756C500328991387212418E4C54146FBEF4A6D2481DE817DCAE3E1EEDE8E617357630B734FEFD566BB0338D8EE564F35518E59AF81F67AD190E45906A0832515515D6CCD73DE76FE730694CEED007F333DB1F6F9A026655F950751EF85AC1E571A3DA7203D1E53D4D93F521AE1AD75360DE1AD187EFE3A396F40AFED9C7797681A857003A7EA20C2203D2E40419253C6706FD30EAABC972CAA9C5C97B48DC734472D310E0DEE896862407E24A243EEE1E02309A6C7E1E53CD953B93FF54283ACE51B298BB1C92FF0A172948EF0CF8D239A5849D8E3D7AAC4486FB746501F3318145B042E62CA6EB70544E31581687DD67D8AD73FFB39DD71DA00E7F3738890D65610CAA049A5CD99AD928F98D3CFBD9A706E8908A2F51712B03562CB057F99431E0746B98DEE0D367DFC93CA546E26A44A72F47122FABCA47900D76A42B29C9160C46B40F811A1B8BA8651C7CEB1200DED520709D9CC0B21A20C9519084DA66A91158CE7A82674374580134EEA025BB0185807DF2A5B1EDEFEFA8D247A84B787E2597F8BF72ED6F570F32AACA50D10E94DB679FF68CE35AF77537EA4CB7928F7EDD5CABB65E32C0D88FACCFC51C2146BF3FDA433B76F09234552FC069312C38677AD95D501AF829B0A1484FEF9A2F804F0ECD4990079B66568956C34212CE0E483CF7C78D1E638893082826C15E7CA78004D04AC95EE36ED5200EBB74FA39E2980100A0E43
-20210512020847 2 6 100 6143 5 F58340194C3306C216EBA34FD995EAF9AF7B4471283E848F4B029734B8BCEBCD8E52D560FFF982CE43FF8B4743C8048BC6D4338C8B93AC9F00C5A9564A840146DE9539AD56551E9187BFC36282EE41C27355F3620B33561B868295222A693A11F5817C1A4306DAD1071FB2D38DE9462DBC4778784F4BD5B27F2FD173C360611E6A21FB82A494BEC22F4ABF1F5AA692B784E15FB737684C0ECC5B8D55FD023C52DE35464CA1AAA8F3F949F1BE6C194CB7C0DD0E5BA261A216CFC40D7DEA492929D777F6B8636A4C05D58652836E70E5956173BFD976CF08406210630C4489534639053F069285A6E55B851423BB3714647681FB05D545F941E69FE5756C500328991387212418E4C54146FBEF4A6D2481DE817DCAE3E1EEDE8E617357630B734FEFD566BB0338D8EE564F35518E59AF81F67AD190E45906A0832515515D6CCD73DE76FE730694CEED007F333DB1F6F9A026655F950751EF85AC1E571A3DA7203D1E53D4D93F521AE1AD75360DE1AD187EFE3A396F40AFED9C7797681A857003A7EA20C2203D2E40419253C6706FD30EAABC972CAA9C5C97B48DC734472D310E0DEE896862407E24A243EEE1E02309A6C7E1E53CD953B93FF54283ACE51B298BB1C92FF0A172948EF0CF8D239A5849D8E3D7AAC4486FB746501F3318145B042E62CA6EB70544E31581687DD67D8AD73FFB39DD71DA00E7F3738890D65610CAA049A5CD99AD928F98D3CFBD9A706E8908A2F51712B03562CB057F99431E0746B98DEE0D367DFC93CA546E26A44A72F47122FABCA47900D76A42B29C9160C46B40F811A1B8BA8651C7CEB1200DED520709D9CC0B21A20C9519084DA66A91158CE7A82674374580134EEA025BB0185807DF2A5B1EDEFEFA8D247A84B787E2597F8BF72ED6F570F32AACA50D10E94DB679FF68CE35AF77537EA4CB7928F7EDD5CABB65E32C0D88FACCFC51C2146BF3FDA433B76F09234552FC069312C38677AD95D501AF829B0A1484FEF9A2F804F0ECD4990079B66568956C34212CE0E483CF7C78D1E638893082826C15E7CA78004D04AC95EE36ED5200EBB74FA39E2980114782B7
-20210512022553 2 6 100 6143 2 F58340194C3306C216EBA34FD995EAF9AF7B4471283E848F4B029734B8BCEBCD8E52D560FFF982CE43FF8B4743C8048BC6D4338C8B93AC9F00C5A9564A840146DE9539AD56551E9187BFC36282EE41C27355F3620B33561B868295222A693A11F5817C1A4306DAD1071FB2D38DE9462DBC4778784F4BD5B27F2FD173C360611E6A21FB82A494BEC22F4ABF1F5AA692B784E15FB737684C0ECC5B8D55FD023C52DE35464CA1AAA8F3F949F1BE6C194CB7C0DD0E5BA261A216CFC40D7DEA492929D777F6B8636A4C05D58652836E70E5956173BFD976CF08406210630C4489534639053F069285A6E55B851423BB3714647681FB05D545F941E69FE5756C500328991387212418E4C54146FBEF4A6D2481DE817DCAE3E1EEDE8E617357630B734FEFD566BB0338D8EE564F35518E59AF81F67AD190E45906A0832515515D6CCD73DE76FE730694CEED007F333DB1F6F9A026655F950751EF85AC1E571A3DA7203D1E53D4D93F521AE1AD75360DE1AD187EFE3A396F40AFED9C7797681A857003A7EA20C2203D2E40419253C6706FD30EAABC972CAA9C5C97B48DC734472D310E0DEE896862407E24A243EEE1E02309A6C7E1E53CD953B93FF54283ACE51B298BB1C92FF0A172948EF0CF8D239A5849D8E3D7AAC4486FB746501F3318145B042E62CA6EB70544E31581687DD67D8AD73FFB39DD71DA00E7F3738890D65610CAA049A5CD99AD928F98D3CFBD9A706E8908A2F51712B03562CB057F99431E0746B98DEE0D367DFC93CA546E26A44A72F47122FABCA47900D76A42B29C9160C46B40F811A1B8BA8651C7CEB1200DED520709D9CC0B21A20C9519084DA66A91158CE7A82674374580134EEA025BB0185807DF2A5B1EDEFEFA8D247A84B787E2597F8BF72ED6F570F32AACA50D10E94DB679FF68CE35AF77537EA4CB7928F7EDD5CABB65E32C0D88FACCFC51C2146BF3FDA433B76F09234552FC069312C38677AD95D501AF829B0A1484FEF9A2F804F0ECD4990079B66568956C34212CE0E483CF7C78D1E638893082826C15E7CA78004D04AC95EE36ED5200EBB74FA39E298013B2C213
-20210512022729 2 6 100 6143 5 F58340194C3306C216EBA34FD995EAF9AF7B4471283E848F4B029734B8BCEBCD8E52D560FFF982CE43FF8B4743C8048BC6D4338C8B93AC9F00C5A9564A840146DE9539AD56551E9187BFC36282EE41C27355F3620B33561B868295222A693A11F5817C1A4306DAD1071FB2D38DE9462DBC4778784F4BD5B27F2FD173C360611E6A21FB82A494BEC22F4ABF1F5AA692B784E15FB737684C0ECC5B8D55FD023C52DE35464CA1AAA8F3F949F1BE6C194CB7C0DD0E5BA261A216CFC40D7DEA492929D777F6B8636A4C05D58652836E70E5956173BFD976CF08406210630C4489534639053F069285A6E55B851423BB3714647681FB05D545F941E69FE5756C500328991387212418E4C54146FBEF4A6D2481DE817DCAE3E1EEDE8E617357630B734FEFD566BB0338D8EE564F35518E59AF81F67AD190E45906A0832515515D6CCD73DE76FE730694CEED007F333DB1F6F9A026655F950751EF85AC1E571A3DA7203D1E53D4D93F521AE1AD75360DE1AD187EFE3A396F40AFED9C7797681A857003A7EA20C2203D2E40419253C6706FD30EAABC972CAA9C5C97B48DC734472D310E0DEE896862407E24A243EEE1E02309A6C7E1E53CD953B93FF54283ACE51B298BB1C92FF0A172948EF0CF8D239A5849D8E3D7AAC4486FB746501F3318145B042E62CA6EB70544E31581687DD67D8AD73FFB39DD71DA00E7F3738890D65610CAA049A5CD99AD928F98D3CFBD9A706E8908A2F51712B03562CB057F99431E0746B98DEE0D367DFC93CA546E26A44A72F47122FABCA47900D76A42B29C9160C46B40F811A1B8BA8651C7CEB1200DED520709D9CC0B21A20C9519084DA66A91158CE7A82674374580134EEA025BB0185807DF2A5B1EDEFEFA8D247A84B787E2597F8BF72ED6F570F32AACA50D10E94DB679FF68CE35AF77537EA4CB7928F7EDD5CABB65E32C0D88FACCFC51C2146BF3FDA433B76F09234552FC069312C38677AD95D501AF829B0A1484FEF9A2F804F0ECD4990079B66568956C34212CE0E483CF7C78D1E638893082826C15E7CA78004D04AC95EE36ED5200EBB74FA39E298013E47BAF
-20210512025425 2 6 100 6143 2 F58340194C3306C216EBA34FD995EAF9AF7B4471283E848F4B029734B8BCEBCD8E52D560FFF982CE43FF8B4743C8048BC6D4338C8B93AC9F00C5A9564A840146DE9539AD56551E9187BFC36282EE41C27355F3620B33561B868295222A693A11F5817C1A4306DAD1071FB2D38DE9462DBC4778784F4BD5B27F2FD173C360611E6A21FB82A494BEC22F4ABF1F5AA692B784E15FB737684C0ECC5B8D55FD023C52DE35464CA1AAA8F3F949F1BE6C194CB7C0DD0E5BA261A216CFC40D7DEA492929D777F6B8636A4C05D58652836E70E5956173BFD976CF08406210630C4489534639053F069285A6E55B851423BB3714647681FB05D545F941E69FE5756C500328991387212418E4C54146FBEF4A6D2481DE817DCAE3E1EEDE8E617357630B734FEFD566BB0338D8EE564F35518E59AF81F67AD190E45906A0832515515D6CCD73DE76FE730694CEED007F333DB1F6F9A026655F950751EF85AC1E571A3DA7203D1E53D4D93F521AE1AD75360DE1AD187EFE3A396F40AFED9C7797681A857003A7EA20C2203D2E40419253C6706FD30EAABC972CAA9C5C97B48DC734472D310E0DEE896862407E24A243EEE1E02309A6C7E1E53CD953B93FF54283ACE51B298BB1C92FF0A172948EF0CF8D239A5849D8E3D7AAC4486FB746501F3318145B042E62CA6EB70544E31581687DD67D8AD73FFB39DD71DA00E7F3738890D65610CAA049A5CD99AD928F98D3CFBD9A706E8908A2F51712B03562CB057F99431E0746B98DEE0D367DFC93CA546E26A44A72F47122FABCA47900D76A42B29C9160C46B40F811A1B8BA8651C7CEB1200DED520709D9CC0B21A20C9519084DA66A91158CE7A82674374580134EEA025BB0185807DF2A5B1EDEFEFA8D247A84B787E2597F8BF72ED6F570F32AACA50D10E94DB679FF68CE35AF77537EA4CB7928F7EDD5CABB65E32C0D88FACCFC51C2146BF3FDA433B76F09234552FC069312C38677AD95D501AF829B0A1484FEF9A2F804F0ECD4990079B66568956C34212CE0E483CF7C78D1E638893082826C15E7CA78004D04AC95EE36ED5200EBB74FA39E2980179E503B
-20210510215238 2 6 100 7679 2 C260CF005EEA851908A07073F58C88D37464F6C4353E3652C60C64BB441FAB9B7FB9F6CBB9D8073D3FE935B70EA1F508B2AF0E89899E9B6FD2B0E0583386A56CDADB39C1E362175A28F278B43A478B8506B1592C5A1DB8F33CE21C43CC5763DE1218C349755906B8D975B9DA963936BC01F7D79C5928C25E602D5B838892C62FDD61FAD8D0E189A70EC5891239BF69A75C87ACF1DC8DC50B359A9DC624FF7F92627B5D29748D84549AA6A831A35742E579A206F56DB0AD497AA834B877538C8045F3EE38A189AF9FFFBFC36FA4758EF1334DA487353514C0C406DB6B38E9327895D73DA4E92042EA6880336392E7E8342A1A7526816FEC68E95C995C9388779636AF8A45F54274EBDDD439AA16EE284FAF1E5459C99372083CF1531730F0354BF7E9C0733A3E785E82D99D270870B97D303F2A968C1469041D62277A14DFA2B279991C7E3C45DFEE93192650BF89D46218932FEB1C357EFA71A7F669F42FA4417F7053AEA70D43646CFDBCF7C05A1ABF53D1B5CA701BB6281097C600F951EDDEB258722C6EBA5A663BEB51CDA38D36584D6566BA1878558A7B2D32B28675D1FB2463C8C8AA5CC9CCBD733F3D741BDDC3F0F9532AAA1BB6E039F59B3CE4E5566440DEABF306861EAC945A4DDB2BC7E1B4096D92EB6901C7B83EB8980128935FCB70E82E855BBE41A9438BE84ACC738F818E5E3EDBA0AEE97CDB1634BABB6B1928BB43EDFB053DE5B3B4F0194A4D79D2EDB949D94B197F5D9406AAD368D5EEC0212A0BCA174F2BFFAACFAF2C51AE1F39DCDD849B04C0AE98935C80E62F63755F9B740343A28A5A7B93D8F5FA63E9C322BF46F484911A3B5581F9039F0A930E77AF641EEA0D1734D59B28B13280A9641382D3E489E069F2D659491F261B5FB7B4B7C7AE823D3C426FDEFD75734AD97DC4359E30BA7E99E073D8D6FD1C6B0F01006F33C829528E46565CE86F781228E2D22D7A5AA4C9E6B53DDACF380404CD9D2B2CDE31C6ECA679AA6A997AC53F9E9A429BFF636A008488447622ACFD6754E17048D0E7F7DF03CE0DE64F9FCAE47A46718D8212D620688A598D3B6AFEC54C762D4AE8AA0BA7B1AC97B8F9766BAF71EAE16D5E2B5614AC4FA5E20A0BCD622134AC7B08E00B8020D580F2C28CA1D15BDA1981CCE0E0AB5CDE942DFCC578EFF0C250B874E638705294A00724F9ED1329DA93179CAA869EE4BBAAD9F29993945745A5116840906BA4DCF9E303CE0947D4FD59C7964CC001882C001FB188697652B0A949624A983DA2099443191F6DD4EF89B705CCC825FC16C4AC5FD63D932901DE28AEEAB0DF883F44A6F0923B54A9477A3B521D8E12DD10453931E00E9F39D65FCF63
-20210510222355 2 6 100 7679 2 C260CF005EEA851908A07073F58C88D37464F6C4353E3652C60C64BB441FAB9B7FB9F6CBB9D8073D3FE935B70EA1F508B2AF0E89899E9B6FD2B0E0583386A56CDADB39C1E362175A28F278B43A478B8506B1592C5A1DB8F33CE21C43CC5763DE1218C349755906B8D975B9DA963936BC01F7D79C5928C25E602D5B838892C62FDD61FAD8D0E189A70EC5891239BF69A75C87ACF1DC8DC50B359A9DC624FF7F92627B5D29748D84549AA6A831A35742E579A206F56DB0AD497AA834B877538C8045F3EE38A189AF9FFFBFC36FA4758EF1334DA487353514C0C406DB6B38E9327895D73DA4E92042EA6880336392E7E8342A1A7526816FEC68E95C995C9388779636AF8A45F54274EBDDD439AA16EE284FAF1E5459C99372083CF1531730F0354BF7E9C0733A3E785E82D99D270870B97D303F2A968C1469041D62277A14DFA2B279991C7E3C45DFEE93192650BF89D46218932FEB1C357EFA71A7F669F42FA4417F7053AEA70D43646CFDBCF7C05A1ABF53D1B5CA701BB6281097C600F951EDDEB258722C6EBA5A663BEB51CDA38D36584D6566BA1878558A7B2D32B28675D1FB2463C8C8AA5CC9CCBD733F3D741BDDC3F0F9532AAA1BB6E039F59B3CE4E5566440DEABF306861EAC945A4DDB2BC7E1B4096D92EB6901C7B83EB8980128935FCB70E82E855BBE41A9438BE84ACC738F818E5E3EDBA0AEE97CDB1634BABB6B1928BB43EDFB053DE5B3B4F0194A4D79D2EDB949D94B197F5D9406AAD368D5EEC0212A0BCA174F2BFFAACFAF2C51AE1F39DCDD849B04C0AE98935C80E62F63755F9B740343A28A5A7B93D8F5FA63E9C322BF46F484911A3B5581F9039F0A930E77AF641EEA0D1734D59B28B13280A9641382D3E489E069F2D659491F261B5FB7B4B7C7AE823D3C426FDEFD75734AD97DC4359E30BA7E99E073D8D6FD1C6B0F01006F33C829528E46565CE86F781228E2D22D7A5AA4C9E6B53DDACF380404CD9D2B2CDE31C6ECA679AA6A997AC53F9E9A429BFF636A008488447622ACFD6754E17048D0E7F7DF03CE0DE64F9FCAE47A46718D8212D620688A598D3B6AFEC54C762D4AE8AA0BA7B1AC97B8F9766BAF71EAE16D5E2B5614AC4FA5E20A0BCD622134AC7B08E00B8020D580F2C28CA1D15BDA1981CCE0E0AB5CDE942DFCC578EFF0C250B874E638705294A00724F9ED1329DA93179CAA869EE4BBAAD9F29993945745A5116840906BA4DCF9E303CE0947D4FD59C7964CC001882C001FB188697652B0A949624A983DA2099443191F6DD4EF89B705CCC825FC16C4AC5FD63D932901DE28AEEAB0DF883F44A6F0923B54A9477A3B521D8E12DD10453931E00E9F39D8F2D76B
-20210510231559 2 6 100 7679 2 C260CF005EEA851908A07073F58C88D37464F6C4353E3652C60C64BB441FAB9B7FB9F6CBB9D8073D3FE935B70EA1F508B2AF0E89899E9B6FD2B0E0583386A56CDADB39C1E362175A28F278B43A478B8506B1592C5A1DB8F33CE21C43CC5763DE1218C349755906B8D975B9DA963936BC01F7D79C5928C25E602D5B838892C62FDD61FAD8D0E189A70EC5891239BF69A75C87ACF1DC8DC50B359A9DC624FF7F92627B5D29748D84549AA6A831A35742E579A206F56DB0AD497AA834B877538C8045F3EE38A189AF9FFFBFC36FA4758EF1334DA487353514C0C406DB6B38E9327895D73DA4E92042EA6880336392E7E8342A1A7526816FEC68E95C995C9388779636AF8A45F54274EBDDD439AA16EE284FAF1E5459C99372083CF1531730F0354BF7E9C0733A3E785E82D99D270870B97D303F2A968C1469041D62277A14DFA2B279991C7E3C45DFEE93192650BF89D46218932FEB1C357EFA71A7F669F42FA4417F7053AEA70D43646CFDBCF7C05A1ABF53D1B5CA701BB6281097C600F951EDDEB258722C6EBA5A663BEB51CDA38D36584D6566BA1878558A7B2D32B28675D1FB2463C8C8AA5CC9CCBD733F3D741BDDC3F0F9532AAA1BB6E039F59B3CE4E5566440DEABF306861EAC945A4DDB2BC7E1B4096D92EB6901C7B83EB8980128935FCB70E82E855BBE41A9438BE84ACC738F818E5E3EDBA0AEE97CDB1634BABB6B1928BB43EDFB053DE5B3B4F0194A4D79D2EDB949D94B197F5D9406AAD368D5EEC0212A0BCA174F2BFFAACFAF2C51AE1F39DCDD849B04C0AE98935C80E62F63755F9B740343A28A5A7B93D8F5FA63E9C322BF46F484911A3B5581F9039F0A930E77AF641EEA0D1734D59B28B13280A9641382D3E489E069F2D659491F261B5FB7B4B7C7AE823D3C426FDEFD75734AD97DC4359E30BA7E99E073D8D6FD1C6B0F01006F33C829528E46565CE86F781228E2D22D7A5AA4C9E6B53DDACF380404CD9D2B2CDE31C6ECA679AA6A997AC53F9E9A429BFF636A008488447622ACFD6754E17048D0E7F7DF03CE0DE64F9FCAE47A46718D8212D620688A598D3B6AFEC54C762D4AE8AA0BA7B1AC97B8F9766BAF71EAE16D5E2B5614AC4FA5E20A0BCD622134AC7B08E00B8020D580F2C28CA1D15BDA1981CCE0E0AB5CDE942DFCC578EFF0C250B874E638705294A00724F9ED1329DA93179CAA869EE4BBAAD9F29993945745A5116840906BA4DCF9E303CE0947D4FD59C7964CC001882C001FB188697652B0A949624A983DA2099443191F6DD4EF89B705CCC825FC16C4AC5FD63D932901DE28AEEAB0DF883F44A6F0923B54A9477A3B521D8E12DD10453931E00E9F39DD6E0D13
-20210510234158 2 6 100 7679 2 C260CF005EEA851908A07073F58C88D37464F6C4353E3652C60C64BB441FAB9B7FB9F6CBB9D8073D3FE935B70EA1F508B2AF0E89899E9B6FD2B0E0583386A56CDADB39C1E362175A28F278B43A478B8506B1592C5A1DB8F33CE21C43CC5763DE1218C349755906B8D975B9DA963936BC01F7D79C5928C25E602D5B838892C62FDD61FAD8D0E189A70EC5891239BF69A75C87ACF1DC8DC50B359A9DC624FF7F92627B5D29748D84549AA6A831A35742E579A206F56DB0AD497AA834B877538C8045F3EE38A189AF9FFFBFC36FA4758EF1334DA487353514C0C406DB6B38E9327895D73DA4E92042EA6880336392E7E8342A1A7526816FEC68E95C995C9388779636AF8A45F54274EBDDD439AA16EE284FAF1E5459C99372083CF1531730F0354BF7E9C0733A3E785E82D99D270870B97D303F2A968C1469041D62277A14DFA2B279991C7E3C45DFEE93192650BF89D46218932FEB1C357EFA71A7F669F42FA4417F7053AEA70D43646CFDBCF7C05A1ABF53D1B5CA701BB6281097C600F951EDDEB258722C6EBA5A663BEB51CDA38D36584D6566BA1878558A7B2D32B28675D1FB2463C8C8AA5CC9CCBD733F3D741BDDC3F0F9532AAA1BB6E039F59B3CE4E5566440DEABF306861EAC945A4DDB2BC7E1B4096D92EB6901C7B83EB8980128935FCB70E82E855BBE41A9438BE84ACC738F818E5E3EDBA0AEE97CDB1634BABB6B1928BB43EDFB053DE5B3B4F0194A4D79D2EDB949D94B197F5D9406AAD368D5EEC0212A0BCA174F2BFFAACFAF2C51AE1F39DCDD849B04C0AE98935C80E62F63755F9B740343A28A5A7B93D8F5FA63E9C322BF46F484911A3B5581F9039F0A930E77AF641EEA0D1734D59B28B13280A9641382D3E489E069F2D659491F261B5FB7B4B7C7AE823D3C426FDEFD75734AD97DC4359E30BA7E99E073D8D6FD1C6B0F01006F33C829528E46565CE86F781228E2D22D7A5AA4C9E6B53DDACF380404CD9D2B2CDE31C6ECA679AA6A997AC53F9E9A429BFF636A008488447622ACFD6754E17048D0E7F7DF03CE0DE64F9FCAE47A46718D8212D620688A598D3B6AFEC54C762D4AE8AA0BA7B1AC97B8F9766BAF71EAE16D5E2B5614AC4FA5E20A0BCD622134AC7B08E00B8020D580F2C28CA1D15BDA1981CCE0E0AB5CDE942DFCC578EFF0C250B874E638705294A00724F9ED1329DA93179CAA869EE4BBAAD9F29993945745A5116840906BA4DCF9E303CE0947D4FD59C7964CC001882C001FB188697652B0A949624A983DA2099443191F6DD4EF89B705CCC825FC16C4AC5FD63D932901DE28AEEAB0DF883F44A6F0923B54A9477A3B521D8E12DD10453931E00E9F39DFA06E23
-20210511000641 2 6 100 7679 5 C260CF005EEA851908A07073F58C88D37464F6C4353E3652C60C64BB441FAB9B7FB9F6CBB9D8073D3FE935B70EA1F508B2AF0E89899E9B6FD2B0E0583386A56CDADB39C1E362175A28F278B43A478B8506B1592C5A1DB8F33CE21C43CC5763DE1218C349755906B8D975B9DA963936BC01F7D79C5928C25E602D5B838892C62FDD61FAD8D0E189A70EC5891239BF69A75C87ACF1DC8DC50B359A9DC624FF7F92627B5D29748D84549AA6A831A35742E579A206F56DB0AD497AA834B877538C8045F3EE38A189AF9FFFBFC36FA4758EF1334DA487353514C0C406DB6B38E9327895D73DA4E92042EA6880336392E7E8342A1A7526816FEC68E95C995C9388779636AF8A45F54274EBDDD439AA16EE284FAF1E5459C99372083CF1531730F0354BF7E9C0733A3E785E82D99D270870B97D303F2A968C1469041D62277A14DFA2B279991C7E3C45DFEE93192650BF89D46218932FEB1C357EFA71A7F669F42FA4417F7053AEA70D43646CFDBCF7C05A1ABF53D1B5CA701BB6281097C600F951EDDEB258722C6EBA5A663BEB51CDA38D36584D6566BA1878558A7B2D32B28675D1FB2463C8C8AA5CC9CCBD733F3D741BDDC3F0F9532AAA1BB6E039F59B3CE4E5566440DEABF306861EAC945A4DDB2BC7E1B4096D92EB6901C7B83EB8980128935FCB70E82E855BBE41A9438BE84ACC738F818E5E3EDBA0AEE97CDB1634BABB6B1928BB43EDFB053DE5B3B4F0194A4D79D2EDB949D94B197F5D9406AAD368D5EEC0212A0BCA174F2BFFAACFAF2C51AE1F39DCDD849B04C0AE98935C80E62F63755F9B740343A28A5A7B93D8F5FA63E9C322BF46F484911A3B5581F9039F0A930E77AF641EEA0D1734D59B28B13280A9641382D3E489E069F2D659491F261B5FB7B4B7C7AE823D3C426FDEFD75734AD97DC4359E30BA7E99E073D8D6FD1C6B0F01006F33C829528E46565CE86F781228E2D22D7A5AA4C9E6B53DDACF380404CD9D2B2CDE31C6ECA679AA6A997AC53F9E9A429BFF636A008488447622ACFD6754E17048D0E7F7DF03CE0DE64F9FCAE47A46718D8212D620688A598D3B6AFEC54C762D4AE8AA0BA7B1AC97B8F9766BAF71EAE16D5E2B5614AC4FA5E20A0BCD622134AC7B08E00B8020D580F2C28CA1D15BDA1981CCE0E0AB5CDE942DFCC578EFF0C250B874E638705294A00724F9ED1329DA93179CAA869EE4BBAAD9F29993945745A5116840906BA4DCF9E303CE0947D4FD59C7964CC001882C001FB188697652B0A949624A983DA2099443191F6DD4EF89B705CCC825FC16C4AC5FD63D932901DE28AEEAB0DF883F44A6F0923B54A9477A3B521D8E12DD10453931E00E9F39E1BC772F
-20210511003255 2 6 100 7679 5 C260CF005EEA851908A07073F58C88D37464F6C4353E3652C60C64BB441FAB9B7FB9F6CBB9D8073D3FE935B70EA1F508B2AF0E89899E9B6FD2B0E0583386A56CDADB39C1E362175A28F278B43A478B8506B1592C5A1DB8F33CE21C43CC5763DE1218C349755906B8D975B9DA963936BC01F7D79C5928C25E602D5B838892C62FDD61FAD8D0E189A70EC5891239BF69A75C87ACF1DC8DC50B359A9DC624FF7F92627B5D29748D84549AA6A831A35742E579A206F56DB0AD497AA834B877538C8045F3EE38A189AF9FFFBFC36FA4758EF1334DA487353514C0C406DB6B38E9327895D73DA4E92042EA6880336392E7E8342A1A7526816FEC68E95C995C9388779636AF8A45F54274EBDDD439AA16EE284FAF1E5459C99372083CF1531730F0354BF7E9C0733A3E785E82D99D270870B97D303F2A968C1469041D62277A14DFA2B279991C7E3C45DFEE93192650BF89D46218932FEB1C357EFA71A7F669F42FA4417F7053AEA70D43646CFDBCF7C05A1ABF53D1B5CA701BB6281097C600F951EDDEB258722C6EBA5A663BEB51CDA38D36584D6566BA1878558A7B2D32B28675D1FB2463C8C8AA5CC9CCBD733F3D741BDDC3F0F9532AAA1BB6E039F59B3CE4E5566440DEABF306861EAC945A4DDB2BC7E1B4096D92EB6901C7B83EB8980128935FCB70E82E855BBE41A9438BE84ACC738F818E5E3EDBA0AEE97CDB1634BABB6B1928BB43EDFB053DE5B3B4F0194A4D79D2EDB949D94B197F5D9406AAD368D5EEC0212A0BCA174F2BFFAACFAF2C51AE1F39DCDD849B04C0AE98935C80E62F63755F9B740343A28A5A7B93D8F5FA63E9C322BF46F484911A3B5581F9039F0A930E77AF641EEA0D1734D59B28B13280A9641382D3E489E069F2D659491F261B5FB7B4B7C7AE823D3C426FDEFD75734AD97DC4359E30BA7E99E073D8D6FD1C6B0F01006F33C829528E46565CE86F781228E2D22D7A5AA4C9E6B53DDACF380404CD9D2B2CDE31C6ECA679AA6A997AC53F9E9A429BFF636A008488447622ACFD6754E17048D0E7F7DF03CE0DE64F9FCAE47A46718D8212D620688A598D3B6AFEC54C762D4AE8AA0BA7B1AC97B8F9766BAF71EAE16D5E2B5614AC4FA5E20A0BCD622134AC7B08E00B8020D580F2C28CA1D15BDA1981CCE0E0AB5CDE942DFCC578EFF0C250B874E638705294A00724F9ED1329DA93179CAA869EE4BBAAD9F29993945745A5116840906BA4DCF9E303CE0947D4FD59C7964CC001882C001FB188697652B0A949624A983DA2099443191F6DD4EF89B705CCC825FC16C4AC5FD63D932901DE28AEEAB0DF883F44A6F0923B54A9477A3B521D8E12DD10453931E00E9F39E3F4AA7F
-20210511015501 2 6 100 7679 2 C260CF005EEA851908A07073F58C88D37464F6C4353E3652C60C64BB441FAB9B7FB9F6CBB9D8073D3FE935B70EA1F508B2AF0E89899E9B6FD2B0E0583386A56CDADB39C1E362175A28F278B43A478B8506B1592C5A1DB8F33CE21C43CC5763DE1218C349755906B8D975B9DA963936BC01F7D79C5928C25E602D5B838892C62FDD61FAD8D0E189A70EC5891239BF69A75C87ACF1DC8DC50B359A9DC624FF7F92627B5D29748D84549AA6A831A35742E579A206F56DB0AD497AA834B877538C8045F3EE38A189AF9FFFBFC36FA4758EF1334DA487353514C0C406DB6B38E9327895D73DA4E92042EA6880336392E7E8342A1A7526816FEC68E95C995C9388779636AF8A45F54274EBDDD439AA16EE284FAF1E5459C99372083CF1531730F0354BF7E9C0733A3E785E82D99D270870B97D303F2A968C1469041D62277A14DFA2B279991C7E3C45DFEE93192650BF89D46218932FEB1C357EFA71A7F669F42FA4417F7053AEA70D43646CFDBCF7C05A1ABF53D1B5CA701BB6281097C600F951EDDEB258722C6EBA5A663BEB51CDA38D36584D6566BA1878558A7B2D32B28675D1FB2463C8C8AA5CC9CCBD733F3D741BDDC3F0F9532AAA1BB6E039F59B3CE4E5566440DEABF306861EAC945A4DDB2BC7E1B4096D92EB6901C7B83EB8980128935FCB70E82E855BBE41A9438BE84ACC738F818E5E3EDBA0AEE97CDB1634BABB6B1928BB43EDFB053DE5B3B4F0194A4D79D2EDB949D94B197F5D9406AAD368D5EEC0212A0BCA174F2BFFAACFAF2C51AE1F39DCDD849B04C0AE98935C80E62F63755F9B740343A28A5A7B93D8F5FA63E9C322BF46F484911A3B5581F9039F0A930E77AF641EEA0D1734D59B28B13280A9641382D3E489E069F2D659491F261B5FB7B4B7C7AE823D3C426FDEFD75734AD97DC4359E30BA7E99E073D8D6FD1C6B0F01006F33C829528E46565CE86F781228E2D22D7A5AA4C9E6B53DDACF380404CD9D2B2CDE31C6ECA679AA6A997AC53F9E9A429BFF636A008488447622ACFD6754E17048D0E7F7DF03CE0DE64F9FCAE47A46718D8212D620688A598D3B6AFEC54C762D4AE8AA0BA7B1AC97B8F9766BAF71EAE16D5E2B5614AC4FA5E20A0BCD622134AC7B08E00B8020D580F2C28CA1D15BDA1981CCE0E0AB5CDE942DFCC578EFF0C250B874E638705294A00724F9ED1329DA93179CAA869EE4BBAAD9F29993945745A5116840906BA4DCF9E303CE0947D4FD59C7964CC001882C001FB188697652B0A949624A983DA2099443191F6DD4EF89B705CCC825FC16C4AC5FD63D932901DE28AEEAB0DF883F44A6F0923B54A9477A3B521D8E12DD10453931E00E9F39EAF7F0CB
-20210511030805 2 6 100 7679 5 C260CF005EEA851908A07073F58C88D37464F6C4353E3652C60C64BB441FAB9B7FB9F6CBB9D8073D3FE935B70EA1F508B2AF0E89899E9B6FD2B0E0583386A56CDADB39C1E362175A28F278B43A478B8506B1592C5A1DB8F33CE21C43CC5763DE1218C349755906B8D975B9DA963936BC01F7D79C5928C25E602D5B838892C62FDD61FAD8D0E189A70EC5891239BF69A75C87ACF1DC8DC50B359A9DC624FF7F92627B5D29748D84549AA6A831A35742E579A206F56DB0AD497AA834B877538C8045F3EE38A189AF9FFFBFC36FA4758EF1334DA487353514C0C406DB6B38E9327895D73DA4E92042EA6880336392E7E8342A1A7526816FEC68E95C995C9388779636AF8A45F54274EBDDD439AA16EE284FAF1E5459C99372083CF1531730F0354BF7E9C0733A3E785E82D99D270870B97D303F2A968C1469041D62277A14DFA2B279991C7E3C45DFEE93192650BF89D46218932FEB1C357EFA71A7F669F42FA4417F7053AEA70D43646CFDBCF7C05A1ABF53D1B5CA701BB6281097C600F951EDDEB258722C6EBA5A663BEB51CDA38D36584D6566BA1878558A7B2D32B28675D1FB2463C8C8AA5CC9CCBD733F3D741BDDC3F0F9532AAA1BB6E039F59B3CE4E5566440DEABF306861EAC945A4DDB2BC7E1B4096D92EB6901C7B83EB8980128935FCB70E82E855BBE41A9438BE84ACC738F818E5E3EDBA0AEE97CDB1634BABB6B1928BB43EDFB053DE5B3B4F0194A4D79D2EDB949D94B197F5D9406AAD368D5EEC0212A0BCA174F2BFFAACFAF2C51AE1F39DCDD849B04C0AE98935C80E62F63755F9B740343A28A5A7B93D8F5FA63E9C322BF46F484911A3B5581F9039F0A930E77AF641EEA0D1734D59B28B13280A9641382D3E489E069F2D659491F261B5FB7B4B7C7AE823D3C426FDEFD75734AD97DC4359E30BA7E99E073D8D6FD1C6B0F01006F33C829528E46565CE86F781228E2D22D7A5AA4C9E6B53DDACF380404CD9D2B2CDE31C6ECA679AA6A997AC53F9E9A429BFF636A008488447622ACFD6754E17048D0E7F7DF03CE0DE64F9FCAE47A46718D8212D620688A598D3B6AFEC54C762D4AE8AA0BA7B1AC97B8F9766BAF71EAE16D5E2B5614AC4FA5E20A0BCD622134AC7B08E00B8020D580F2C28CA1D15BDA1981CCE0E0AB5CDE942DFCC578EFF0C250B874E638705294A00724F9ED1329DA93179CAA869EE4BBAAD9F29993945745A5116840906BA4DCF9E303CE0947D4FD59C7964CC001882C001FB188697652B0A949624A983DA2099443191F6DD4EF89B705CCC825FC16C4AC5FD63D932901DE28AEEAB0DF883F44A6F0923B54A9477A3B521D8E12DD10453931E00E9F39F104A8AF
-20210511031420 2 6 100 7679 2 C260CF005EEA851908A07073F58C88D37464F6C4353E3652C60C64BB441FAB9B7FB9F6CBB9D8073D3FE935B70EA1F508B2AF0E89899E9B6FD2B0E0583386A56CDADB39C1E362175A28F278B43A478B8506B1592C5A1DB8F33CE21C43CC5763DE1218C349755906B8D975B9DA963936BC01F7D79C5928C25E602D5B838892C62FDD61FAD8D0E189A70EC5891239BF69A75C87ACF1DC8DC50B359A9DC624FF7F92627B5D29748D84549AA6A831A35742E579A206F56DB0AD497AA834B877538C8045F3EE38A189AF9FFFBFC36FA4758EF1334DA487353514C0C406DB6B38E9327895D73DA4E92042EA6880336392E7E8342A1A7526816FEC68E95C995C9388779636AF8A45F54274EBDDD439AA16EE284FAF1E5459C99372083CF1531730F0354BF7E9C0733A3E785E82D99D270870B97D303F2A968C1469041D62277A14DFA2B279991C7E3C45DFEE93192650BF89D46218932FEB1C357EFA71A7F669F42FA4417F7053AEA70D43646CFDBCF7C05A1ABF53D1B5CA701BB6281097C600F951EDDEB258722C6EBA5A663BEB51CDA38D36584D6566BA1878558A7B2D32B28675D1FB2463C8C8AA5CC9CCBD733F3D741BDDC3F0F9532AAA1BB6E039F59B3CE4E5566440DEABF306861EAC945A4DDB2BC7E1B4096D92EB6901C7B83EB8980128935FCB70E82E855BBE41A9438BE84ACC738F818E5E3EDBA0AEE97CDB1634BABB6B1928BB43EDFB053DE5B3B4F0194A4D79D2EDB949D94B197F5D9406AAD368D5EEC0212A0BCA174F2BFFAACFAF2C51AE1F39DCDD849B04C0AE98935C80E62F63755F9B740343A28A5A7B93D8F5FA63E9C322BF46F484911A3B5581F9039F0A930E77AF641EEA0D1734D59B28B13280A9641382D3E489E069F2D659491F261B5FB7B4B7C7AE823D3C426FDEFD75734AD97DC4359E30BA7E99E073D8D6FD1C6B0F01006F33C829528E46565CE86F781228E2D22D7A5AA4C9E6B53DDACF380404CD9D2B2CDE31C6ECA679AA6A997AC53F9E9A429BFF636A008488447622ACFD6754E17048D0E7F7DF03CE0DE64F9FCAE47A46718D8212D620688A598D3B6AFEC54C762D4AE8AA0BA7B1AC97B8F9766BAF71EAE16D5E2B5614AC4FA5E20A0BCD622134AC7B08E00B8020D580F2C28CA1D15BDA1981CCE0E0AB5CDE942DFCC578EFF0C250B874E638705294A00724F9ED1329DA93179CAA869EE4BBAAD9F29993945745A5116840906BA4DCF9E303CE0947D4FD59C7964CC001882C001FB188697652B0A949624A983DA2099443191F6DD4EF89B705CCC825FC16C4AC5FD63D932901DE28AEEAB0DF883F44A6F0923B54A9477A3B521D8E12DD10453931E00E9F39F182BAA3
-20210511032555 2 6 100 7679 5 C260CF005EEA851908A07073F58C88D37464F6C4353E3652C60C64BB441FAB9B7FB9F6CBB9D8073D3FE935B70EA1F508B2AF0E89899E9B6FD2B0E0583386A56CDADB39C1E362175A28F278B43A478B8506B1592C5A1DB8F33CE21C43CC5763DE1218C349755906B8D975B9DA963936BC01F7D79C5928C25E602D5B838892C62FDD61FAD8D0E189A70EC5891239BF69A75C87ACF1DC8DC50B359A9DC624FF7F92627B5D29748D84549AA6A831A35742E579A206F56DB0AD497AA834B877538C8045F3EE38A189AF9FFFBFC36FA4758EF1334DA487353514C0C406DB6B38E9327895D73DA4E92042EA6880336392E7E8342A1A7526816FEC68E95C995C9388779636AF8A45F54274EBDDD439AA16EE284FAF1E5459C99372083CF1531730F0354BF7E9C0733A3E785E82D99D270870B97D303F2A968C1469041D62277A14DFA2B279991C7E3C45DFEE93192650BF89D46218932FEB1C357EFA71A7F669F42FA4417F7053AEA70D43646CFDBCF7C05A1ABF53D1B5CA701BB6281097C600F951EDDEB258722C6EBA5A663BEB51CDA38D36584D6566BA1878558A7B2D32B28675D1FB2463C8C8AA5CC9CCBD733F3D741BDDC3F0F9532AAA1BB6E039F59B3CE4E5566440DEABF306861EAC945A4DDB2BC7E1B4096D92EB6901C7B83EB8980128935FCB70E82E855BBE41A9438BE84ACC738F818E5E3EDBA0AEE97CDB1634BABB6B1928BB43EDFB053DE5B3B4F0194A4D79D2EDB949D94B197F5D9406AAD368D5EEC0212A0BCA174F2BFFAACFAF2C51AE1F39DCDD849B04C0AE98935C80E62F63755F9B740343A28A5A7B93D8F5FA63E9C322BF46F484911A3B5581F9039F0A930E77AF641EEA0D1734D59B28B13280A9641382D3E489E069F2D659491F261B5FB7B4B7C7AE823D3C426FDEFD75734AD97DC4359E30BA7E99E073D8D6FD1C6B0F01006F33C829528E46565CE86F781228E2D22D7A5AA4C9E6B53DDACF380404CD9D2B2CDE31C6ECA679AA6A997AC53F9E9A429BFF636A008488447622ACFD6754E17048D0E7F7DF03CE0DE64F9FCAE47A46718D8212D620688A598D3B6AFEC54C762D4AE8AA0BA7B1AC97B8F9766BAF71EAE16D5E2B5614AC4FA5E20A0BCD622134AC7B08E00B8020D580F2C28CA1D15BDA1981CCE0E0AB5CDE942DFCC578EFF0C250B874E638705294A00724F9ED1329DA93179CAA869EE4BBAAD9F29993945745A5116840906BA4DCF9E303CE0947D4FD59C7964CC001882C001FB188697652B0A949624A983DA2099443191F6DD4EF89B705CCC825FC16C4AC5FD63D932901DE28AEEAB0DF883F44A6F0923B54A9477A3B521D8E12DD10453931E00E9F39F276EC07
-20210511033918 2 6 100 7679 2 C260CF005EEA851908A07073F58C88D37464F6C4353E3652C60C64BB441FAB9B7FB9F6CBB9D8073D3FE935B70EA1F508B2AF0E89899E9B6FD2B0E0583386A56CDADB39C1E362175A28F278B43A478B8506B1592C5A1DB8F33CE21C43CC5763DE1218C349755906B8D975B9DA963936BC01F7D79C5928C25E602D5B838892C62FDD61FAD8D0E189A70EC5891239BF69A75C87ACF1DC8DC50B359A9DC624FF7F92627B5D29748D84549AA6A831A35742E579A206F56DB0AD497AA834B877538C8045F3EE38A189AF9FFFBFC36FA4758EF1334DA487353514C0C406DB6B38E9327895D73DA4E92042EA6880336392E7E8342A1A7526816FEC68E95C995C9388779636AF8A45F54274EBDDD439AA16EE284FAF1E5459C99372083CF1531730F0354BF7E9C0733A3E785E82D99D270870B97D303F2A968C1469041D62277A14DFA2B279991C7E3C45DFEE93192650BF89D46218932FEB1C357EFA71A7F669F42FA4417F7053AEA70D43646CFDBCF7C05A1ABF53D1B5CA701BB6281097C600F951EDDEB258722C6EBA5A663BEB51CDA38D36584D6566BA1878558A7B2D32B28675D1FB2463C8C8AA5CC9CCBD733F3D741BDDC3F0F9532AAA1BB6E039F59B3CE4E5566440DEABF306861EAC945A4DDB2BC7E1B4096D92EB6901C7B83EB8980128935FCB70E82E855BBE41A9438BE84ACC738F818E5E3EDBA0AEE97CDB1634BABB6B1928BB43EDFB053DE5B3B4F0194A4D79D2EDB949D94B197F5D9406AAD368D5EEC0212A0BCA174F2BFFAACFAF2C51AE1F39DCDD849B04C0AE98935C80E62F63755F9B740343A28A5A7B93D8F5FA63E9C322BF46F484911A3B5581F9039F0A930E77AF641EEA0D1734D59B28B13280A9641382D3E489E069F2D659491F261B5FB7B4B7C7AE823D3C426FDEFD75734AD97DC4359E30BA7E99E073D8D6FD1C6B0F01006F33C829528E46565CE86F781228E2D22D7A5AA4C9E6B53DDACF380404CD9D2B2CDE31C6ECA679AA6A997AC53F9E9A429BFF636A008488447622ACFD6754E17048D0E7F7DF03CE0DE64F9FCAE47A46718D8212D620688A598D3B6AFEC54C762D4AE8AA0BA7B1AC97B8F9766BAF71EAE16D5E2B5614AC4FA5E20A0BCD622134AC7B08E00B8020D580F2C28CA1D15BDA1981CCE0E0AB5CDE942DFCC578EFF0C250B874E638705294A00724F9ED1329DA93179CAA869EE4BBAAD9F29993945745A5116840906BA4DCF9E303CE0947D4FD59C7964CC001882C001FB188697652B0A949624A983DA2099443191F6DD4EF89B705CCC825FC16C4AC5FD63D932901DE28AEEAB0DF883F44A6F0923B54A9477A3B521D8E12DD10453931E00E9F39F38CC9EB
-20210511041948 2 6 100 7679 5 C260CF005EEA851908A07073F58C88D37464F6C4353E3652C60C64BB441FAB9B7FB9F6CBB9D8073D3FE935B70EA1F508B2AF0E89899E9B6FD2B0E0583386A56CDADB39C1E362175A28F278B43A478B8506B1592C5A1DB8F33CE21C43CC5763DE1218C349755906B8D975B9DA963936BC01F7D79C5928C25E602D5B838892C62FDD61FAD8D0E189A70EC5891239BF69A75C87ACF1DC8DC50B359A9DC624FF7F92627B5D29748D84549AA6A831A35742E579A206F56DB0AD497AA834B877538C8045F3EE38A189AF9FFFBFC36FA4758EF1334DA487353514C0C406DB6B38E9327895D73DA4E92042EA6880336392E7E8342A1A7526816FEC68E95C995C9388779636AF8A45F54274EBDDD439AA16EE284FAF1E5459C99372083CF1531730F0354BF7E9C0733A3E785E82D99D270870B97D303F2A968C1469041D62277A14DFA2B279991C7E3C45DFEE93192650BF89D46218932FEB1C357EFA71A7F669F42FA4417F7053AEA70D43646CFDBCF7C05A1ABF53D1B5CA701BB6281097C600F951EDDEB258722C6EBA5A663BEB51CDA38D36584D6566BA1878558A7B2D32B28675D1FB2463C8C8AA5CC9CCBD733F3D741BDDC3F0F9532AAA1BB6E039F59B3CE4E5566440DEABF306861EAC945A4DDB2BC7E1B4096D92EB6901C7B83EB8980128935FCB70E82E855BBE41A9438BE84ACC738F818E5E3EDBA0AEE97CDB1634BABB6B1928BB43EDFB053DE5B3B4F0194A4D79D2EDB949D94B197F5D9406AAD368D5EEC0212A0BCA174F2BFFAACFAF2C51AE1F39DCDD849B04C0AE98935C80E62F63755F9B740343A28A5A7B93D8F5FA63E9C322BF46F484911A3B5581F9039F0A930E77AF641EEA0D1734D59B28B13280A9641382D3E489E069F2D659491F261B5FB7B4B7C7AE823D3C426FDEFD75734AD97DC4359E30BA7E99E073D8D6FD1C6B0F01006F33C829528E46565CE86F781228E2D22D7A5AA4C9E6B53DDACF380404CD9D2B2CDE31C6ECA679AA6A997AC53F9E9A429BFF636A008488447622ACFD6754E17048D0E7F7DF03CE0DE64F9FCAE47A46718D8212D620688A598D3B6AFEC54C762D4AE8AA0BA7B1AC97B8F9766BAF71EAE16D5E2B5614AC4FA5E20A0BCD622134AC7B08E00B8020D580F2C28CA1D15BDA1981CCE0E0AB5CDE942DFCC578EFF0C250B874E638705294A00724F9ED1329DA93179CAA869EE4BBAAD9F29993945745A5116840906BA4DCF9E303CE0947D4FD59C7964CC001882C001FB188697652B0A949624A983DA2099443191F6DD4EF89B705CCC825FC16C4AC5FD63D932901DE28AEEAB0DF883F44A6F0923B54A9477A3B521D8E12DD10453931E00E9F39F6EA1CBF
-20210511044846 2 6 100 7679 5 C260CF005EEA851908A07073F58C88D37464F6C4353E3652C60C64BB441FAB9B7FB9F6CBB9D8073D3FE935B70EA1F508B2AF0E89899E9B6FD2B0E0583386A56CDADB39C1E362175A28F278B43A478B8506B1592C5A1DB8F33CE21C43CC5763DE1218C349755906B8D975B9DA963936BC01F7D79C5928C25E602D5B838892C62FDD61FAD8D0E189A70EC5891239BF69A75C87ACF1DC8DC50B359A9DC624FF7F92627B5D29748D84549AA6A831A35742E579A206F56DB0AD497AA834B877538C8045F3EE38A189AF9FFFBFC36FA4758EF1334DA487353514C0C406DB6B38E9327895D73DA4E92042EA6880336392E7E8342A1A7526816FEC68E95C995C9388779636AF8A45F54274EBDDD439AA16EE284FAF1E5459C99372083CF1531730F0354BF7E9C0733A3E785E82D99D270870B97D303F2A968C1469041D62277A14DFA2B279991C7E3C45DFEE93192650BF89D46218932FEB1C357EFA71A7F669F42FA4417F7053AEA70D43646CFDBCF7C05A1ABF53D1B5CA701BB6281097C600F951EDDEB258722C6EBA5A663BEB51CDA38D36584D6566BA1878558A7B2D32B28675D1FB2463C8C8AA5CC9CCBD733F3D741BDDC3F0F9532AAA1BB6E039F59B3CE4E5566440DEABF306861EAC945A4DDB2BC7E1B4096D92EB6901C7B83EB8980128935FCB70E82E855BBE41A9438BE84ACC738F818E5E3EDBA0AEE97CDB1634BABB6B1928BB43EDFB053DE5B3B4F0194A4D79D2EDB949D94B197F5D9406AAD368D5EEC0212A0BCA174F2BFFAACFAF2C51AE1F39DCDD849B04C0AE98935C80E62F63755F9B740343A28A5A7B93D8F5FA63E9C322BF46F484911A3B5581F9039F0A930E77AF641EEA0D1734D59B28B13280A9641382D3E489E069F2D659491F261B5FB7B4B7C7AE823D3C426FDEFD75734AD97DC4359E30BA7E99E073D8D6FD1C6B0F01006F33C829528E46565CE86F781228E2D22D7A5AA4C9E6B53DDACF380404CD9D2B2CDE31C6ECA679AA6A997AC53F9E9A429BFF636A008488447622ACFD6754E17048D0E7F7DF03CE0DE64F9FCAE47A46718D8212D620688A598D3B6AFEC54C762D4AE8AA0BA7B1AC97B8F9766BAF71EAE16D5E2B5614AC4FA5E20A0BCD622134AC7B08E00B8020D580F2C28CA1D15BDA1981CCE0E0AB5CDE942DFCC578EFF0C250B874E638705294A00724F9ED1329DA93179CAA869EE4BBAAD9F29993945745A5116840906BA4DCF9E303CE0947D4FD59C7964CC001882C001FB188697652B0A949624A983DA2099443191F6DD4EF89B705CCC825FC16C4AC5FD63D932901DE28AEEAB0DF883F44A6F0923B54A9477A3B521D8E12DD10453931E00E9F39F9459AA7
-20210511045936 2 6 100 7679 5 C260CF005EEA851908A07073F58C88D37464F6C4353E3652C60C64BB441FAB9B7FB9F6CBB9D8073D3FE935B70EA1F508B2AF0E89899E9B6FD2B0E0583386A56CDADB39C1E362175A28F278B43A478B8506B1592C5A1DB8F33CE21C43CC5763DE1218C349755906B8D975B9DA963936BC01F7D79C5928C25E602D5B838892C62FDD61FAD8D0E189A70EC5891239BF69A75C87ACF1DC8DC50B359A9DC624FF7F92627B5D29748D84549AA6A831A35742E579A206F56DB0AD497AA834B877538C8045F3EE38A189AF9FFFBFC36FA4758EF1334DA487353514C0C406DB6B38E9327895D73DA4E92042EA6880336392E7E8342A1A7526816FEC68E95C995C9388779636AF8A45F54274EBDDD439AA16EE284FAF1E5459C99372083CF1531730F0354BF7E9C0733A3E785E82D99D270870B97D303F2A968C1469041D62277A14DFA2B279991C7E3C45DFEE93192650BF89D46218932FEB1C357EFA71A7F669F42FA4417F7053AEA70D43646CFDBCF7C05A1ABF53D1B5CA701BB6281097C600F951EDDEB258722C6EBA5A663BEB51CDA38D36584D6566BA1878558A7B2D32B28675D1FB2463C8C8AA5CC9CCBD733F3D741BDDC3F0F9532AAA1BB6E039F59B3CE4E5566440DEABF306861EAC945A4DDB2BC7E1B4096D92EB6901C7B83EB8980128935FCB70E82E855BBE41A9438BE84ACC738F818E5E3EDBA0AEE97CDB1634BABB6B1928BB43EDFB053DE5B3B4F0194A4D79D2EDB949D94B197F5D9406AAD368D5EEC0212A0BCA174F2BFFAACFAF2C51AE1F39DCDD849B04C0AE98935C80E62F63755F9B740343A28A5A7B93D8F5FA63E9C322BF46F484911A3B5581F9039F0A930E77AF641EEA0D1734D59B28B13280A9641382D3E489E069F2D659491F261B5FB7B4B7C7AE823D3C426FDEFD75734AD97DC4359E30BA7E99E073D8D6FD1C6B0F01006F33C829528E46565CE86F781228E2D22D7A5AA4C9E6B53DDACF380404CD9D2B2CDE31C6ECA679AA6A997AC53F9E9A429BFF636A008488447622ACFD6754E17048D0E7F7DF03CE0DE64F9FCAE47A46718D8212D620688A598D3B6AFEC54C762D4AE8AA0BA7B1AC97B8F9766BAF71EAE16D5E2B5614AC4FA5E20A0BCD622134AC7B08E00B8020D580F2C28CA1D15BDA1981CCE0E0AB5CDE942DFCC578EFF0C250B874E638705294A00724F9ED1329DA93179CAA869EE4BBAAD9F29993945745A5116840906BA4DCF9E303CE0947D4FD59C7964CC001882C001FB188697652B0A949624A983DA2099443191F6DD4EF89B705CCC825FC16C4AC5FD63D932901DE28AEEAB0DF883F44A6F0923B54A9477A3B521D8E12DD10453931E00E9F39FA227747
-20210511061456 2 6 100 7679 2 C260CF005EEA851908A07073F58C88D37464F6C4353E3652C60C64BB441FAB9B7FB9F6CBB9D8073D3FE935B70EA1F508B2AF0E89899E9B6FD2B0E0583386A56CDADB39C1E362175A28F278B43A478B8506B1592C5A1DB8F33CE21C43CC5763DE1218C349755906B8D975B9DA963936BC01F7D79C5928C25E602D5B838892C62FDD61FAD8D0E189A70EC5891239BF69A75C87ACF1DC8DC50B359A9DC624FF7F92627B5D29748D84549AA6A831A35742E579A206F56DB0AD497AA834B877538C8045F3EE38A189AF9FFFBFC36FA4758EF1334DA487353514C0C406DB6B38E9327895D73DA4E92042EA6880336392E7E8342A1A7526816FEC68E95C995C9388779636AF8A45F54274EBDDD439AA16EE284FAF1E5459C99372083CF1531730F0354BF7E9C0733A3E785E82D99D270870B97D303F2A968C1469041D62277A14DFA2B279991C7E3C45DFEE93192650BF89D46218932FEB1C357EFA71A7F669F42FA4417F7053AEA70D43646CFDBCF7C05A1ABF53D1B5CA701BB6281097C600F951EDDEB258722C6EBA5A663BEB51CDA38D36584D6566BA1878558A7B2D32B28675D1FB2463C8C8AA5CC9CCBD733F3D741BDDC3F0F9532AAA1BB6E039F59B3CE4E5566440DEABF306861EAC945A4DDB2BC7E1B4096D92EB6901C7B83EB8980128935FCB70E82E855BBE41A9438BE84ACC738F818E5E3EDBA0AEE97CDB1634BABB6B1928BB43EDFB053DE5B3B4F0194A4D79D2EDB949D94B197F5D9406AAD368D5EEC0212A0BCA174F2BFFAACFAF2C51AE1F39DCDD849B04C0AE98935C80E62F63755F9B740343A28A5A7B93D8F5FA63E9C322BF46F484911A3B5581F9039F0A930E77AF641EEA0D1734D59B28B13280A9641382D3E489E069F2D659491F261B5FB7B4B7C7AE823D3C426FDEFD75734AD97DC4359E30BA7E99E073D8D6FD1C6B0F01006F33C829528E46565CE86F781228E2D22D7A5AA4C9E6B53DDACF380404CD9D2B2CDE31C6ECA679AA6A997AC53F9E9A429BFF636A008488447622ACFD6754E17048D0E7F7DF03CE0DE64F9FCAE47A46718D8212D620688A598D3B6AFEC54C762D4AE8AA0BA7B1AC97B8F9766BAF71EAE16D5E2B5614AC4FA5E20A0BCD622134AC7B08E00B8020D580F2C28CA1D15BDA1981CCE0E0AB5CDE942DFCC578EFF0C250B874E638705294A00724F9ED1329DA93179CAA869EE4BBAAD9F29993945745A5116840906BA4DCF9E303CE0947D4FD59C7964CC001882C001FB188697652B0A949624A983DA2099443191F6DD4EF89B705CCC825FC16C4AC5FD63D932901DE28AEEAB0DF883F44A6F0923B54A9477A3B521D8E12DD10453931E00E9F3A0049A573
-20210511070958 2 6 100 7679 2 C260CF005EEA851908A07073F58C88D37464F6C4353E3652C60C64BB441FAB9B7FB9F6CBB9D8073D3FE935B70EA1F508B2AF0E89899E9B6FD2B0E0583386A56CDADB39C1E362175A28F278B43A478B8506B1592C5A1DB8F33CE21C43CC5763DE1218C349755906B8D975B9DA963936BC01F7D79C5928C25E602D5B838892C62FDD61FAD8D0E189A70EC5891239BF69A75C87ACF1DC8DC50B359A9DC624FF7F92627B5D29748D84549AA6A831A35742E579A206F56DB0AD497AA834B877538C8045F3EE38A189AF9FFFBFC36FA4758EF1334DA487353514C0C406DB6B38E9327895D73DA4E92042EA6880336392E7E8342A1A7526816FEC68E95C995C9388779636AF8A45F54274EBDDD439AA16EE284FAF1E5459C99372083CF1531730F0354BF7E9C0733A3E785E82D99D270870B97D303F2A968C1469041D62277A14DFA2B279991C7E3C45DFEE93192650BF89D46218932FEB1C357EFA71A7F669F42FA4417F7053AEA70D43646CFDBCF7C05A1ABF53D1B5CA701BB6281097C600F951EDDEB258722C6EBA5A663BEB51CDA38D36584D6566BA1878558A7B2D32B28675D1FB2463C8C8AA5CC9CCBD733F3D741BDDC3F0F9532AAA1BB6E039F59B3CE4E5566440DEABF306861EAC945A4DDB2BC7E1B4096D92EB6901C7B83EB8980128935FCB70E82E855BBE41A9438BE84ACC738F818E5E3EDBA0AEE97CDB1634BABB6B1928BB43EDFB053DE5B3B4F0194A4D79D2EDB949D94B197F5D9406AAD368D5EEC0212A0BCA174F2BFFAACFAF2C51AE1F39DCDD849B04C0AE98935C80E62F63755F9B740343A28A5A7B93D8F5FA63E9C322BF46F484911A3B5581F9039F0A930E77AF641EEA0D1734D59B28B13280A9641382D3E489E069F2D659491F261B5FB7B4B7C7AE823D3C426FDEFD75734AD97DC4359E30BA7E99E073D8D6FD1C6B0F01006F33C829528E46565CE86F781228E2D22D7A5AA4C9E6B53DDACF380404CD9D2B2CDE31C6ECA679AA6A997AC53F9E9A429BFF636A008488447622ACFD6754E17048D0E7F7DF03CE0DE64F9FCAE47A46718D8212D620688A598D3B6AFEC54C762D4AE8AA0BA7B1AC97B8F9766BAF71EAE16D5E2B5614AC4FA5E20A0BCD622134AC7B08E00B8020D580F2C28CA1D15BDA1981CCE0E0AB5CDE942DFCC578EFF0C250B874E638705294A00724F9ED1329DA93179CAA869EE4BBAAD9F29993945745A5116840906BA4DCF9E303CE0947D4FD59C7964CC001882C001FB188697652B0A949624A983DA2099443191F6DD4EF89B705CCC825FC16C4AC5FD63D932901DE28AEEAB0DF883F44A6F0923B54A9477A3B521D8E12DD10453931E00E9F3A04A6FA53
-20210511071633 2 6 100 7679 2 C260CF005EEA851908A07073F58C88D37464F6C4353E3652C60C64BB441FAB9B7FB9F6CBB9D8073D3FE935B70EA1F508B2AF0E89899E9B6FD2B0E0583386A56CDADB39C1E362175A28F278B43A478B8506B1592C5A1DB8F33CE21C43CC5763DE1218C349755906B8D975B9DA963936BC01F7D79C5928C25E602D5B838892C62FDD61FAD8D0E189A70EC5891239BF69A75C87ACF1DC8DC50B359A9DC624FF7F92627B5D29748D84549AA6A831A35742E579A206F56DB0AD497AA834B877538C8045F3EE38A189AF9FFFBFC36FA4758EF1334DA487353514C0C406DB6B38E9327895D73DA4E92042EA6880336392E7E8342A1A7526816FEC68E95C995C9388779636AF8A45F54274EBDDD439AA16EE284FAF1E5459C99372083CF1531730F0354BF7E9C0733A3E785E82D99D270870B97D303F2A968C1469041D62277A14DFA2B279991C7E3C45DFEE93192650BF89D46218932FEB1C357EFA71A7F669F42FA4417F7053AEA70D43646CFDBCF7C05A1ABF53D1B5CA701BB6281097C600F951EDDEB258722C6EBA5A663BEB51CDA38D36584D6566BA1878558A7B2D32B28675D1FB2463C8C8AA5CC9CCBD733F3D741BDDC3F0F9532AAA1BB6E039F59B3CE4E5566440DEABF306861EAC945A4DDB2BC7E1B4096D92EB6901C7B83EB8980128935FCB70E82E855BBE41A9438BE84ACC738F818E5E3EDBA0AEE97CDB1634BABB6B1928BB43EDFB053DE5B3B4F0194A4D79D2EDB949D94B197F5D9406AAD368D5EEC0212A0BCA174F2BFFAACFAF2C51AE1F39DCDD849B04C0AE98935C80E62F63755F9B740343A28A5A7B93D8F5FA63E9C322BF46F484911A3B5581F9039F0A930E77AF641EEA0D1734D59B28B13280A9641382D3E489E069F2D659491F261B5FB7B4B7C7AE823D3C426FDEFD75734AD97DC4359E30BA7E99E073D8D6FD1C6B0F01006F33C829528E46565CE86F781228E2D22D7A5AA4C9E6B53DDACF380404CD9D2B2CDE31C6ECA679AA6A997AC53F9E9A429BFF636A008488447622ACFD6754E17048D0E7F7DF03CE0DE64F9FCAE47A46718D8212D620688A598D3B6AFEC54C762D4AE8AA0BA7B1AC97B8F9766BAF71EAE16D5E2B5614AC4FA5E20A0BCD622134AC7B08E00B8020D580F2C28CA1D15BDA1981CCE0E0AB5CDE942DFCC578EFF0C250B874E638705294A00724F9ED1329DA93179CAA869EE4BBAAD9F29993945745A5116840906BA4DCF9E303CE0947D4FD59C7964CC001882C001FB188697652B0A949624A983DA2099443191F6DD4EF89B705CCC825FC16C4AC5FD63D932901DE28AEEAB0DF883F44A6F0923B54A9477A3B521D8E12DD10453931E00E9F3A0529E6FB
-20210511090443 2 6 100 7679 2 C260CF005EEA851908A07073F58C88D37464F6C4353E3652C60C64BB441FAB9B7FB9F6CBB9D8073D3FE935B70EA1F508B2AF0E89899E9B6FD2B0E0583386A56CDADB39C1E362175A28F278B43A478B8506B1592C5A1DB8F33CE21C43CC5763DE1218C349755906B8D975B9DA963936BC01F7D79C5928C25E602D5B838892C62FDD61FAD8D0E189A70EC5891239BF69A75C87ACF1DC8DC50B359A9DC624FF7F92627B5D29748D84549AA6A831A35742E579A206F56DB0AD497AA834B877538C8045F3EE38A189AF9FFFBFC36FA4758EF1334DA487353514C0C406DB6B38E9327895D73DA4E92042EA6880336392E7E8342A1A7526816FEC68E95C995C9388779636AF8A45F54274EBDDD439AA16EE284FAF1E5459C99372083CF1531730F0354BF7E9C0733A3E785E82D99D270870B97D303F2A968C1469041D62277A14DFA2B279991C7E3C45DFEE93192650BF89D46218932FEB1C357EFA71A7F669F42FA4417F7053AEA70D43646CFDBCF7C05A1ABF53D1B5CA701BB6281097C600F951EDDEB258722C6EBA5A663BEB51CDA38D36584D6566BA1878558A7B2D32B28675D1FB2463C8C8AA5CC9CCBD733F3D741BDDC3F0F9532AAA1BB6E039F59B3CE4E5566440DEABF306861EAC945A4DDB2BC7E1B4096D92EB6901C7B83EB8980128935FCB70E82E855BBE41A9438BE84ACC738F818E5E3EDBA0AEE97CDB1634BABB6B1928BB43EDFB053DE5B3B4F0194A4D79D2EDB949D94B197F5D9406AAD368D5EEC0212A0BCA174F2BFFAACFAF2C51AE1F39DCDD849B04C0AE98935C80E62F63755F9B740343A28A5A7B93D8F5FA63E9C322BF46F484911A3B5581F9039F0A930E77AF641EEA0D1734D59B28B13280A9641382D3E489E069F2D659491F261B5FB7B4B7C7AE823D3C426FDEFD75734AD97DC4359E30BA7E99E073D8D6FD1C6B0F01006F33C829528E46565CE86F781228E2D22D7A5AA4C9E6B53DDACF380404CD9D2B2CDE31C6ECA679AA6A997AC53F9E9A429BFF636A008488447622ACFD6754E17048D0E7F7DF03CE0DE64F9FCAE47A46718D8212D620688A598D3B6AFEC54C762D4AE8AA0BA7B1AC97B8F9766BAF71EAE16D5E2B5614AC4FA5E20A0BCD622134AC7B08E00B8020D580F2C28CA1D15BDA1981CCE0E0AB5CDE942DFCC578EFF0C250B874E638705294A00724F9ED1329DA93179CAA869EE4BBAAD9F29993945745A5116840906BA4DCF9E303CE0947D4FD59C7964CC001882C001FB188697652B0A949624A983DA2099443191F6DD4EF89B705CCC825FC16C4AC5FD63D932901DE28AEEAB0DF883F44A6F0923B54A9477A3B521D8E12DD10453931E00E9F3A0DE2A39B
-20210511091529 2 6 100 7679 2 C260CF005EEA851908A07073F58C88D37464F6C4353E3652C60C64BB441FAB9B7FB9F6CBB9D8073D3FE935B70EA1F508B2AF0E89899E9B6FD2B0E0583386A56CDADB39C1E362175A28F278B43A478B8506B1592C5A1DB8F33CE21C43CC5763DE1218C349755906B8D975B9DA963936BC01F7D79C5928C25E602D5B838892C62FDD61FAD8D0E189A70EC5891239BF69A75C87ACF1DC8DC50B359A9DC624FF7F92627B5D29748D84549AA6A831A35742E579A206F56DB0AD497AA834B877538C8045F3EE38A189AF9FFFBFC36FA4758EF1334DA487353514C0C406DB6B38E9327895D73DA4E92042EA6880336392E7E8342A1A7526816FEC68E95C995C9388779636AF8A45F54274EBDDD439AA16EE284FAF1E5459C99372083CF1531730F0354BF7E9C0733A3E785E82D99D270870B97D303F2A968C1469041D62277A14DFA2B279991C7E3C45DFEE93192650BF89D46218932FEB1C357EFA71A7F669F42FA4417F7053AEA70D43646CFDBCF7C05A1ABF53D1B5CA701BB6281097C600F951EDDEB258722C6EBA5A663BEB51CDA38D36584D6566BA1878558A7B2D32B28675D1FB2463C8C8AA5CC9CCBD733F3D741BDDC3F0F9532AAA1BB6E039F59B3CE4E5566440DEABF306861EAC945A4DDB2BC7E1B4096D92EB6901C7B83EB8980128935FCB70E82E855BBE41A9438BE84ACC738F818E5E3EDBA0AEE97CDB1634BABB6B1928BB43EDFB053DE5B3B4F0194A4D79D2EDB949D94B197F5D9406AAD368D5EEC0212A0BCA174F2BFFAACFAF2C51AE1F39DCDD849B04C0AE98935C80E62F63755F9B740343A28A5A7B93D8F5FA63E9C322BF46F484911A3B5581F9039F0A930E77AF641EEA0D1734D59B28B13280A9641382D3E489E069F2D659491F261B5FB7B4B7C7AE823D3C426FDEFD75734AD97DC4359E30BA7E99E073D8D6FD1C6B0F01006F33C829528E46565CE86F781228E2D22D7A5AA4C9E6B53DDACF380404CD9D2B2CDE31C6ECA679AA6A997AC53F9E9A429BFF636A008488447622ACFD6754E17048D0E7F7DF03CE0DE64F9FCAE47A46718D8212D620688A598D3B6AFEC54C762D4AE8AA0BA7B1AC97B8F9766BAF71EAE16D5E2B5614AC4FA5E20A0BCD622134AC7B08E00B8020D580F2C28CA1D15BDA1981CCE0E0AB5CDE942DFCC578EFF0C250B874E638705294A00724F9ED1329DA93179CAA869EE4BBAAD9F29993945745A5116840906BA4DCF9E303CE0947D4FD59C7964CC001882C001FB188697652B0A949624A983DA2099443191F6DD4EF89B705CCC825FC16C4AC5FD63D932901DE28AEEAB0DF883F44A6F0923B54A9477A3B521D8E12DD10453931E00E9F3A0EBA9D9B
-20210511092043 2 6 100 7679 2 C260CF005EEA851908A07073F58C88D37464F6C4353E3652C60C64BB441FAB9B7FB9F6CBB9D8073D3FE935B70EA1F508B2AF0E89899E9B6FD2B0E0583386A56CDADB39C1E362175A28F278B43A478B8506B1592C5A1DB8F33CE21C43CC5763DE1218C349755906B8D975B9DA963936BC01F7D79C5928C25E602D5B838892C62FDD61FAD8D0E189A70EC5891239BF69A75C87ACF1DC8DC50B359A9DC624FF7F92627B5D29748D84549AA6A831A35742E579A206F56DB0AD497AA834B877538C8045F3EE38A189AF9FFFBFC36FA4758EF1334DA487353514C0C406DB6B38E9327895D73DA4E92042EA6880336392E7E8342A1A7526816FEC68E95C995C9388779636AF8A45F54274EBDDD439AA16EE284FAF1E5459C99372083CF1531730F0354BF7E9C0733A3E785E82D99D270870B97D303F2A968C1469041D62277A14DFA2B279991C7E3C45DFEE93192650BF89D46218932FEB1C357EFA71A7F669F42FA4417F7053AEA70D43646CFDBCF7C05A1ABF53D1B5CA701BB6281097C600F951EDDEB258722C6EBA5A663BEB51CDA38D36584D6566BA1878558A7B2D32B28675D1FB2463C8C8AA5CC9CCBD733F3D741BDDC3F0F9532AAA1BB6E039F59B3CE4E5566440DEABF306861EAC945A4DDB2BC7E1B4096D92EB6901C7B83EB8980128935FCB70E82E855BBE41A9438BE84ACC738F818E5E3EDBA0AEE97CDB1634BABB6B1928BB43EDFB053DE5B3B4F0194A4D79D2EDB949D94B197F5D9406AAD368D5EEC0212A0BCA174F2BFFAACFAF2C51AE1F39DCDD849B04C0AE98935C80E62F63755F9B740343A28A5A7B93D8F5FA63E9C322BF46F484911A3B5581F9039F0A930E77AF641EEA0D1734D59B28B13280A9641382D3E489E069F2D659491F261B5FB7B4B7C7AE823D3C426FDEFD75734AD97DC4359E30BA7E99E073D8D6FD1C6B0F01006F33C829528E46565CE86F781228E2D22D7A5AA4C9E6B53DDACF380404CD9D2B2CDE31C6ECA679AA6A997AC53F9E9A429BFF636A008488447622ACFD6754E17048D0E7F7DF03CE0DE64F9FCAE47A46718D8212D620688A598D3B6AFEC54C762D4AE8AA0BA7B1AC97B8F9766BAF71EAE16D5E2B5614AC4FA5E20A0BCD622134AC7B08E00B8020D580F2C28CA1D15BDA1981CCE0E0AB5CDE942DFCC578EFF0C250B874E638705294A00724F9ED1329DA93179CAA869EE4BBAAD9F29993945745A5116840906BA4DCF9E303CE0947D4FD59C7964CC001882C001FB188697652B0A949624A983DA2099443191F6DD4EF89B705CCC825FC16C4AC5FD63D932901DE28AEEAB0DF883F44A6F0923B54A9477A3B521D8E12DD10453931E00E9F3A0F1F1753
-20210512033258 2 6 100 7679 2 C260CF005EEA851908A07073F58C88D37464F6C4353E3652C60C64BB441FAB9B7FB9F6CBB9D8073D3FE935B70EA1F508B2AF0E89899E9B6FD2B0E0583386A56CDADB39C1E362175A28F278B43A478B8506B1592C5A1DB8F33CE21C43CC5763DE1218C349755906B8D975B9DA963936BC01F7D79C5928C25E602D5B838892C62FDD61FAD8D0E189A70EC5891239BF69A75C87ACF1DC8DC50B359A9DC624FF7F92627B5D29748D84549AA6A831A35742E579A206F56DB0AD497AA834B877538C8045F3EE38A189AF9FFFBFC36FA4758EF1334DA487353514C0C406DB6B38E9327895D73DA4E92042EA6880336392E7E8342A1A7526816FEC68E95C995C9388779636AF8A45F54274EBDDD439AA16EE284FAF1E5459C99372083CF1531730F0354BF7E9C0733A3E785E82D99D270870B97D303F2A968C1469041D62277A14DFA2B279991C7E3C45DFEE93192650BF89D46218932FEB1C357EFA71A7F669F42FA4417F7053AEA70D43646CFDBCF7C05A1ABF53D1B5CA701BB6281097C600F951EDDEB258722C6EBA5A663BEB51CDA38D36584D6566BA1878558A7B2D32B28675D1FB2463C8C8AA5CC9CCBD733F3D741BDDC3F0F9532AAA1BB6E039F59B3CE4E5566440DEABF306861EAC945A4DDB2BC7E1B4096D92EB6901C7B83EB8980128935FCB70E82E855BBE41A9438BE84ACC738F818E5E3EDBA0AEE97CDB1634BABB6B1928BB43EDFB053DE5B3B4F0194A4D79D2EDB949D94B197F5D9406AAD368D5EEC0212A0BCA174F2BFFAACFAF2C51AE1F39DCDD849B04C0AE98935C80E62F63755F9B740343A28A5A7B93D8F5FA63E9C322BF46F484911A3B5581F9039F0A930E77AF641EEA0D1734D59B28B13280A9641382D3E489E069F2D659491F261B5FB7B4B7C7AE823D3C426FDEFD75734AD97DC4359E30BA7E99E073D8D6FD1C6B0F01006F33C829528E46565CE86F781228E2D22D7A5AA4C9E6B53DDACF380404CD9D2B2CDE31C6ECA679AA6A997AC53F9E9A429BFF636A008488447622ACFD6754E17048D0E7F7DF03CE0DE64F9FCAE47A46718D8212D620688A598D3B6AFEC54C762D4AE8AA0BA7B1AC97B8F9766BAF71EAE16D5E2B5614AC4FA5E20A0BCD622134AC7B08E00B8020D580F2C28CA1D15BDA1981CCE0E0AB5CDE942DFCC578EFF0C250B874E638705294A00724F9ED1329DA93179CAA869EE4BBAAD9F29993945745A5116840906BA4DCF9E303CE0947D4FD59C7964CC001882C001FB188697652B0A949624A983DA2099443191F6DD4EF89B705CCC825FC16C4AC5FD63D932901DE28AEEAB0DF883F44A6F0923B54A9477A3B521D8E12DD10453931E00E9F3A16919EA3
-20210512055407 2 6 100 7679 2 C260CF005EEA851908A07073F58C88D37464F6C4353E3652C60C64BB441FAB9B7FB9F6CBB9D8073D3FE935B70EA1F508B2AF0E89899E9B6FD2B0E0583386A56CDADB39C1E362175A28F278B43A478B8506B1592C5A1DB8F33CE21C43CC5763DE1218C349755906B8D975B9DA963936BC01F7D79C5928C25E602D5B838892C62FDD61FAD8D0E189A70EC5891239BF69A75C87ACF1DC8DC50B359A9DC624FF7F92627B5D29748D84549AA6A831A35742E579A206F56DB0AD497AA834B877538C8045F3EE38A189AF9FFFBFC36FA4758EF1334DA487353514C0C406DB6B38E9327895D73DA4E92042EA6880336392E7E8342A1A7526816FEC68E95C995C9388779636AF8A45F54274EBDDD439AA16EE284FAF1E5459C99372083CF1531730F0354BF7E9C0733A3E785E82D99D270870B97D303F2A968C1469041D62277A14DFA2B279991C7E3C45DFEE93192650BF89D46218932FEB1C357EFA71A7F669F42FA4417F7053AEA70D43646CFDBCF7C05A1ABF53D1B5CA701BB6281097C600F951EDDEB258722C6EBA5A663BEB51CDA38D36584D6566BA1878558A7B2D32B28675D1FB2463C8C8AA5CC9CCBD733F3D741BDDC3F0F9532AAA1BB6E039F59B3CE4E5566440DEABF306861EAC945A4DDB2BC7E1B4096D92EB6901C7B83EB8980128935FCB70E82E855BBE41A9438BE84ACC738F818E5E3EDBA0AEE97CDB1634BABB6B1928BB43EDFB053DE5B3B4F0194A4D79D2EDB949D94B197F5D9406AAD368D5EEC0212A0BCA174F2BFFAACFAF2C51AE1F39DCDD849B04C0AE98935C80E62F63755F9B740343A28A5A7B93D8F5FA63E9C322BF46F484911A3B5581F9039F0A930E77AF641EEA0D1734D59B28B13280A9641382D3E489E069F2D659491F261B5FB7B4B7C7AE823D3C426FDEFD75734AD97DC4359E30BA7E99E073D8D6FD1C6B0F01006F33C829528E46565CE86F781228E2D22D7A5AA4C9E6B53DDACF380404CD9D2B2CDE31C6ECA679AA6A997AC53F9E9A429BFF636A008488447622ACFD6754E17048D0E7F7DF03CE0DE64F9FCAE47A46718D8212D620688A598D3B6AFEC54C762D4AE8AA0BA7B1AC97B8F9766BAF71EAE16D5E2B5614AC4FA5E20A0BCD622134AC7B08E00B8020D580F2C28CA1D15BDA1981CCE0E0AB5CDE942DFCC578EFF0C250B874E638705294A00724F9ED1329DA93179CAA869EE4BBAAD9F29993945745A5116840906BA4DCF9E303CE0947D4FD59C7964CC001882C001FB188697652B0A949624A983DA2099443191F6DD4EF89B705CCC825FC16C4AC5FD63D932901DE28AEEAB0DF883F44A6F0923B54A9477A3B521D8E12DD10453931E00E9F3A217F863B
-20210512065219 2 6 100 7679 2 C260CF005EEA851908A07073F58C88D37464F6C4353E3652C60C64BB441FAB9B7FB9F6CBB9D8073D3FE935B70EA1F508B2AF0E89899E9B6FD2B0E0583386A56CDADB39C1E362175A28F278B43A478B8506B1592C5A1DB8F33CE21C43CC5763DE1218C349755906B8D975B9DA963936BC01F7D79C5928C25E602D5B838892C62FDD61FAD8D0E189A70EC5891239BF69A75C87ACF1DC8DC50B359A9DC624FF7F92627B5D29748D84549AA6A831A35742E579A206F56DB0AD497AA834B877538C8045F3EE38A189AF9FFFBFC36FA4758EF1334DA487353514C0C406DB6B38E9327895D73DA4E92042EA6880336392E7E8342A1A7526816FEC68E95C995C9388779636AF8A45F54274EBDDD439AA16EE284FAF1E5459C99372083CF1531730F0354BF7E9C0733A3E785E82D99D270870B97D303F2A968C1469041D62277A14DFA2B279991C7E3C45DFEE93192650BF89D46218932FEB1C357EFA71A7F669F42FA4417F7053AEA70D43646CFDBCF7C05A1ABF53D1B5CA701BB6281097C600F951EDDEB258722C6EBA5A663BEB51CDA38D36584D6566BA1878558A7B2D32B28675D1FB2463C8C8AA5CC9CCBD733F3D741BDDC3F0F9532AAA1BB6E039F59B3CE4E5566440DEABF306861EAC945A4DDB2BC7E1B4096D92EB6901C7B83EB8980128935FCB70E82E855BBE41A9438BE84ACC738F818E5E3EDBA0AEE97CDB1634BABB6B1928BB43EDFB053DE5B3B4F0194A4D79D2EDB949D94B197F5D9406AAD368D5EEC0212A0BCA174F2BFFAACFAF2C51AE1F39DCDD849B04C0AE98935C80E62F63755F9B740343A28A5A7B93D8F5FA63E9C322BF46F484911A3B5581F9039F0A930E77AF641EEA0D1734D59B28B13280A9641382D3E489E069F2D659491F261B5FB7B4B7C7AE823D3C426FDEFD75734AD97DC4359E30BA7E99E073D8D6FD1C6B0F01006F33C829528E46565CE86F781228E2D22D7A5AA4C9E6B53DDACF380404CD9D2B2CDE31C6ECA679AA6A997AC53F9E9A429BFF636A008488447622ACFD6754E17048D0E7F7DF03CE0DE64F9FCAE47A46718D8212D620688A598D3B6AFEC54C762D4AE8AA0BA7B1AC97B8F9766BAF71EAE16D5E2B5614AC4FA5E20A0BCD622134AC7B08E00B8020D580F2C28CA1D15BDA1981CCE0E0AB5CDE942DFCC578EFF0C250B874E638705294A00724F9ED1329DA93179CAA869EE4BBAAD9F29993945745A5116840906BA4DCF9E303CE0947D4FD59C7964CC001882C001FB188697652B0A949624A983DA2099443191F6DD4EF89B705CCC825FC16C4AC5FD63D932901DE28AEEAB0DF883F44A6F0923B54A9477A3B521D8E12DD10453931E00E9F3A2603970B
-20210512071046 2 6 100 7679 5 C260CF005EEA851908A07073F58C88D37464F6C4353E3652C60C64BB441FAB9B7FB9F6CBB9D8073D3FE935B70EA1F508B2AF0E89899E9B6FD2B0E0583386A56CDADB39C1E362175A28F278B43A478B8506B1592C5A1DB8F33CE21C43CC5763DE1218C349755906B8D975B9DA963936BC01F7D79C5928C25E602D5B838892C62FDD61FAD8D0E189A70EC5891239BF69A75C87ACF1DC8DC50B359A9DC624FF7F92627B5D29748D84549AA6A831A35742E579A206F56DB0AD497AA834B877538C8045F3EE38A189AF9FFFBFC36FA4758EF1334DA487353514C0C406DB6B38E9327895D73DA4E92042EA6880336392E7E8342A1A7526816FEC68E95C995C9388779636AF8A45F54274EBDDD439AA16EE284FAF1E5459C99372083CF1531730F0354BF7E9C0733A3E785E82D99D270870B97D303F2A968C1469041D62277A14DFA2B279991C7E3C45DFEE93192650BF89D46218932FEB1C357EFA71A7F669F42FA4417F7053AEA70D43646CFDBCF7C05A1ABF53D1B5CA701BB6281097C600F951EDDEB258722C6EBA5A663BEB51CDA38D36584D6566BA1878558A7B2D32B28675D1FB2463C8C8AA5CC9CCBD733F3D741BDDC3F0F9532AAA1BB6E039F59B3CE4E5566440DEABF306861EAC945A4DDB2BC7E1B4096D92EB6901C7B83EB8980128935FCB70E82E855BBE41A9438BE84ACC738F818E5E3EDBA0AEE97CDB1634BABB6B1928BB43EDFB053DE5B3B4F0194A4D79D2EDB949D94B197F5D9406AAD368D5EEC0212A0BCA174F2BFFAACFAF2C51AE1F39DCDD849B04C0AE98935C80E62F63755F9B740343A28A5A7B93D8F5FA63E9C322BF46F484911A3B5581F9039F0A930E77AF641EEA0D1734D59B28B13280A9641382D3E489E069F2D659491F261B5FB7B4B7C7AE823D3C426FDEFD75734AD97DC4359E30BA7E99E073D8D6FD1C6B0F01006F33C829528E46565CE86F781228E2D22D7A5AA4C9E6B53DDACF380404CD9D2B2CDE31C6ECA679AA6A997AC53F9E9A429BFF636A008488447622ACFD6754E17048D0E7F7DF03CE0DE64F9FCAE47A46718D8212D620688A598D3B6AFEC54C762D4AE8AA0BA7B1AC97B8F9766BAF71EAE16D5E2B5614AC4FA5E20A0BCD622134AC7B08E00B8020D580F2C28CA1D15BDA1981CCE0E0AB5CDE942DFCC578EFF0C250B874E638705294A00724F9ED1329DA93179CAA869EE4BBAAD9F29993945745A5116840906BA4DCF9E303CE0947D4FD59C7964CC001882C001FB188697652B0A949624A983DA2099443191F6DD4EF89B705CCC825FC16C4AC5FD63D932901DE28AEEAB0DF883F44A6F0923B54A9477A3B521D8E12DD10453931E00E9F3A27671DBF
-20210512080928 2 6 100 7679 2 C260CF005EEA851908A07073F58C88D37464F6C4353E3652C60C64BB441FAB9B7FB9F6CBB9D8073D3FE935B70EA1F508B2AF0E89899E9B6FD2B0E0583386A56CDADB39C1E362175A28F278B43A478B8506B1592C5A1DB8F33CE21C43CC5763DE1218C349755906B8D975B9DA963936BC01F7D79C5928C25E602D5B838892C62FDD61FAD8D0E189A70EC5891239BF69A75C87ACF1DC8DC50B359A9DC624FF7F92627B5D29748D84549AA6A831A35742E579A206F56DB0AD497AA834B877538C8045F3EE38A189AF9FFFBFC36FA4758EF1334DA487353514C0C406DB6B38E9327895D73DA4E92042EA6880336392E7E8342A1A7526816FEC68E95C995C9388779636AF8A45F54274EBDDD439AA16EE284FAF1E5459C99372083CF1531730F0354BF7E9C0733A3E785E82D99D270870B97D303F2A968C1469041D62277A14DFA2B279991C7E3C45DFEE93192650BF89D46218932FEB1C357EFA71A7F669F42FA4417F7053AEA70D43646CFDBCF7C05A1ABF53D1B5CA701BB6281097C600F951EDDEB258722C6EBA5A663BEB51CDA38D36584D6566BA1878558A7B2D32B28675D1FB2463C8C8AA5CC9CCBD733F3D741BDDC3F0F9532AAA1BB6E039F59B3CE4E5566440DEABF306861EAC945A4DDB2BC7E1B4096D92EB6901C7B83EB8980128935FCB70E82E855BBE41A9438BE84ACC738F818E5E3EDBA0AEE97CDB1634BABB6B1928BB43EDFB053DE5B3B4F0194A4D79D2EDB949D94B197F5D9406AAD368D5EEC0212A0BCA174F2BFFAACFAF2C51AE1F39DCDD849B04C0AE98935C80E62F63755F9B740343A28A5A7B93D8F5FA63E9C322BF46F484911A3B5581F9039F0A930E77AF641EEA0D1734D59B28B13280A9641382D3E489E069F2D659491F261B5FB7B4B7C7AE823D3C426FDEFD75734AD97DC4359E30BA7E99E073D8D6FD1C6B0F01006F33C829528E46565CE86F781228E2D22D7A5AA4C9E6B53DDACF380404CD9D2B2CDE31C6ECA679AA6A997AC53F9E9A429BFF636A008488447622ACFD6754E17048D0E7F7DF03CE0DE64F9FCAE47A46718D8212D620688A598D3B6AFEC54C762D4AE8AA0BA7B1AC97B8F9766BAF71EAE16D5E2B5614AC4FA5E20A0BCD622134AC7B08E00B8020D580F2C28CA1D15BDA1981CCE0E0AB5CDE942DFCC578EFF0C250B874E638705294A00724F9ED1329DA93179CAA869EE4BBAAD9F29993945745A5116840906BA4DCF9E303CE0947D4FD59C7964CC001882C001FB188697652B0A949624A983DA2099443191F6DD4EF89B705CCC825FC16C4AC5FD63D932901DE28AEEAB0DF883F44A6F0923B54A9477A3B521D8E12DD10453931E00E9F3A2BE5B26B
-20210512082250 2 6 100 7679 5 C260CF005EEA851908A07073F58C88D37464F6C4353E3652C60C64BB441FAB9B7FB9F6CBB9D8073D3FE935B70EA1F508B2AF0E89899E9B6FD2B0E0583386A56CDADB39C1E362175A28F278B43A478B8506B1592C5A1DB8F33CE21C43CC5763DE1218C349755906B8D975B9DA963936BC01F7D79C5928C25E602D5B838892C62FDD61FAD8D0E189A70EC5891239BF69A75C87ACF1DC8DC50B359A9DC624FF7F92627B5D29748D84549AA6A831A35742E579A206F56DB0AD497AA834B877538C8045F3EE38A189AF9FFFBFC36FA4758EF1334DA487353514C0C406DB6B38E9327895D73DA4E92042EA6880336392E7E8342A1A7526816FEC68E95C995C9388779636AF8A45F54274EBDDD439AA16EE284FAF1E5459C99372083CF1531730F0354BF7E9C0733A3E785E82D99D270870B97D303F2A968C1469041D62277A14DFA2B279991C7E3C45DFEE93192650BF89D46218932FEB1C357EFA71A7F669F42FA4417F7053AEA70D43646CFDBCF7C05A1ABF53D1B5CA701BB6281097C600F951EDDEB258722C6EBA5A663BEB51CDA38D36584D6566BA1878558A7B2D32B28675D1FB2463C8C8AA5CC9CCBD733F3D741BDDC3F0F9532AAA1BB6E039F59B3CE4E5566440DEABF306861EAC945A4DDB2BC7E1B4096D92EB6901C7B83EB8980128935FCB70E82E855BBE41A9438BE84ACC738F818E5E3EDBA0AEE97CDB1634BABB6B1928BB43EDFB053DE5B3B4F0194A4D79D2EDB949D94B197F5D9406AAD368D5EEC0212A0BCA174F2BFFAACFAF2C51AE1F39DCDD849B04C0AE98935C80E62F63755F9B740343A28A5A7B93D8F5FA63E9C322BF46F484911A3B5581F9039F0A930E77AF641EEA0D1734D59B28B13280A9641382D3E489E069F2D659491F261B5FB7B4B7C7AE823D3C426FDEFD75734AD97DC4359E30BA7E99E073D8D6FD1C6B0F01006F33C829528E46565CE86F781228E2D22D7A5AA4C9E6B53DDACF380404CD9D2B2CDE31C6ECA679AA6A997AC53F9E9A429BFF636A008488447622ACFD6754E17048D0E7F7DF03CE0DE64F9FCAE47A46718D8212D620688A598D3B6AFEC54C762D4AE8AA0BA7B1AC97B8F9766BAF71EAE16D5E2B5614AC4FA5E20A0BCD622134AC7B08E00B8020D580F2C28CA1D15BDA1981CCE0E0AB5CDE942DFCC578EFF0C250B874E638705294A00724F9ED1329DA93179CAA869EE4BBAAD9F29993945745A5116840906BA4DCF9E303CE0947D4FD59C7964CC001882C001FB188697652B0A949624A983DA2099443191F6DD4EF89B705CCC825FC16C4AC5FD63D932901DE28AEEAB0DF883F44A6F0923B54A9477A3B521D8E12DD10453931E00E9F3A2CE9961F
-20210512093942 2 6 100 7679 2 C260CF005EEA851908A07073F58C88D37464F6C4353E3652C60C64BB441FAB9B7FB9F6CBB9D8073D3FE935B70EA1F508B2AF0E89899E9B6FD2B0E0583386A56CDADB39C1E362175A28F278B43A478B8506B1592C5A1DB8F33CE21C43CC5763DE1218C349755906B8D975B9DA963936BC01F7D79C5928C25E602D5B838892C62FDD61FAD8D0E189A70EC5891239BF69A75C87ACF1DC8DC50B359A9DC624FF7F92627B5D29748D84549AA6A831A35742E579A206F56DB0AD497AA834B877538C8045F3EE38A189AF9FFFBFC36FA4758EF1334DA487353514C0C406DB6B38E9327895D73DA4E92042EA6880336392E7E8342A1A7526816FEC68E95C995C9388779636AF8A45F54274EBDDD439AA16EE284FAF1E5459C99372083CF1531730F0354BF7E9C0733A3E785E82D99D270870B97D303F2A968C1469041D62277A14DFA2B279991C7E3C45DFEE93192650BF89D46218932FEB1C357EFA71A7F669F42FA4417F7053AEA70D43646CFDBCF7C05A1ABF53D1B5CA701BB6281097C600F951EDDEB258722C6EBA5A663BEB51CDA38D36584D6566BA1878558A7B2D32B28675D1FB2463C8C8AA5CC9CCBD733F3D741BDDC3F0F9532AAA1BB6E039F59B3CE4E5566440DEABF306861EAC945A4DDB2BC7E1B4096D92EB6901C7B83EB8980128935FCB70E82E855BBE41A9438BE84ACC738F818E5E3EDBA0AEE97CDB1634BABB6B1928BB43EDFB053DE5B3B4F0194A4D79D2EDB949D94B197F5D9406AAD368D5EEC0212A0BCA174F2BFFAACFAF2C51AE1F39DCDD849B04C0AE98935C80E62F63755F9B740343A28A5A7B93D8F5FA63E9C322BF46F484911A3B5581F9039F0A930E77AF641EEA0D1734D59B28B13280A9641382D3E489E069F2D659491F261B5FB7B4B7C7AE823D3C426FDEFD75734AD97DC4359E30BA7E99E073D8D6FD1C6B0F01006F33C829528E46565CE86F781228E2D22D7A5AA4C9E6B53DDACF380404CD9D2B2CDE31C6ECA679AA6A997AC53F9E9A429BFF636A008488447622ACFD6754E17048D0E7F7DF03CE0DE64F9FCAE47A46718D8212D620688A598D3B6AFEC54C762D4AE8AA0BA7B1AC97B8F9766BAF71EAE16D5E2B5614AC4FA5E20A0BCD622134AC7B08E00B8020D580F2C28CA1D15BDA1981CCE0E0AB5CDE942DFCC578EFF0C250B874E638705294A00724F9ED1329DA93179CAA869EE4BBAAD9F29993945745A5116840906BA4DCF9E303CE0947D4FD59C7964CC001882C001FB188697652B0A949624A983DA2099443191F6DD4EF89B705CCC825FC16C4AC5FD63D932901DE28AEEAB0DF883F44A6F0923B54A9477A3B521D8E12DD10453931E00E9F3A32BF8C6B
-20210512101658 2 6 100 7679 2 C260CF005EEA851908A07073F58C88D37464F6C4353E3652C60C64BB441FAB9B7FB9F6CBB9D8073D3FE935B70EA1F508B2AF0E89899E9B6FD2B0E0583386A56CDADB39C1E362175A28F278B43A478B8506B1592C5A1DB8F33CE21C43CC5763DE1218C349755906B8D975B9DA963936BC01F7D79C5928C25E602D5B838892C62FDD61FAD8D0E189A70EC5891239BF69A75C87ACF1DC8DC50B359A9DC624FF7F92627B5D29748D84549AA6A831A35742E579A206F56DB0AD497AA834B877538C8045F3EE38A189AF9FFFBFC36FA4758EF1334DA487353514C0C406DB6B38E9327895D73DA4E92042EA6880336392E7E8342A1A7526816FEC68E95C995C9388779636AF8A45F54274EBDDD439AA16EE284FAF1E5459C99372083CF1531730F0354BF7E9C0733A3E785E82D99D270870B97D303F2A968C1469041D62277A14DFA2B279991C7E3C45DFEE93192650BF89D46218932FEB1C357EFA71A7F669F42FA4417F7053AEA70D43646CFDBCF7C05A1ABF53D1B5CA701BB6281097C600F951EDDEB258722C6EBA5A663BEB51CDA38D36584D6566BA1878558A7B2D32B28675D1FB2463C8C8AA5CC9CCBD733F3D741BDDC3F0F9532AAA1BB6E039F59B3CE4E5566440DEABF306861EAC945A4DDB2BC7E1B4096D92EB6901C7B83EB8980128935FCB70E82E855BBE41A9438BE84ACC738F818E5E3EDBA0AEE97CDB1634BABB6B1928BB43EDFB053DE5B3B4F0194A4D79D2EDB949D94B197F5D9406AAD368D5EEC0212A0BCA174F2BFFAACFAF2C51AE1F39DCDD849B04C0AE98935C80E62F63755F9B740343A28A5A7B93D8F5FA63E9C322BF46F484911A3B5581F9039F0A930E77AF641EEA0D1734D59B28B13280A9641382D3E489E069F2D659491F261B5FB7B4B7C7AE823D3C426FDEFD75734AD97DC4359E30BA7E99E073D8D6FD1C6B0F01006F33C829528E46565CE86F781228E2D22D7A5AA4C9E6B53DDACF380404CD9D2B2CDE31C6ECA679AA6A997AC53F9E9A429BFF636A008488447622ACFD6754E17048D0E7F7DF03CE0DE64F9FCAE47A46718D8212D620688A598D3B6AFEC54C762D4AE8AA0BA7B1AC97B8F9766BAF71EAE16D5E2B5614AC4FA5E20A0BCD622134AC7B08E00B8020D580F2C28CA1D15BDA1981CCE0E0AB5CDE942DFCC578EFF0C250B874E638705294A00724F9ED1329DA93179CAA869EE4BBAAD9F29993945745A5116840906BA4DCF9E303CE0947D4FD59C7964CC001882C001FB188697652B0A949624A983DA2099443191F6DD4EF89B705CCC825FC16C4AC5FD63D932901DE28AEEAB0DF883F44A6F0923B54A9477A3B521D8E12DD10453931E00E9F3A358BA32B
-20210512111206 2 6 100 7679 2 C260CF005EEA851908A07073F58C88D37464F6C4353E3652C60C64BB441FAB9B7FB9F6CBB9D8073D3FE935B70EA1F508B2AF0E89899E9B6FD2B0E0583386A56CDADB39C1E362175A28F278B43A478B8506B1592C5A1DB8F33CE21C43CC5763DE1218C349755906B8D975B9DA963936BC01F7D79C5928C25E602D5B838892C62FDD61FAD8D0E189A70EC5891239BF69A75C87ACF1DC8DC50B359A9DC624FF7F92627B5D29748D84549AA6A831A35742E579A206F56DB0AD497AA834B877538C8045F3EE38A189AF9FFFBFC36FA4758EF1334DA487353514C0C406DB6B38E9327895D73DA4E92042EA6880336392E7E8342A1A7526816FEC68E95C995C9388779636AF8A45F54274EBDDD439AA16EE284FAF1E5459C99372083CF1531730F0354BF7E9C0733A3E785E82D99D270870B97D303F2A968C1469041D62277A14DFA2B279991C7E3C45DFEE93192650BF89D46218932FEB1C357EFA71A7F669F42FA4417F7053AEA70D43646CFDBCF7C05A1ABF53D1B5CA701BB6281097C600F951EDDEB258722C6EBA5A663BEB51CDA38D36584D6566BA1878558A7B2D32B28675D1FB2463C8C8AA5CC9CCBD733F3D741BDDC3F0F9532AAA1BB6E039F59B3CE4E5566440DEABF306861EAC945A4DDB2BC7E1B4096D92EB6901C7B83EB8980128935FCB70E82E855BBE41A9438BE84ACC738F818E5E3EDBA0AEE97CDB1634BABB6B1928BB43EDFB053DE5B3B4F0194A4D79D2EDB949D94B197F5D9406AAD368D5EEC0212A0BCA174F2BFFAACFAF2C51AE1F39DCDD849B04C0AE98935C80E62F63755F9B740343A28A5A7B93D8F5FA63E9C322BF46F484911A3B5581F9039F0A930E77AF641EEA0D1734D59B28B13280A9641382D3E489E069F2D659491F261B5FB7B4B7C7AE823D3C426FDEFD75734AD97DC4359E30BA7E99E073D8D6FD1C6B0F01006F33C829528E46565CE86F781228E2D22D7A5AA4C9E6B53DDACF380404CD9D2B2CDE31C6ECA679AA6A997AC53F9E9A429BFF636A008488447622ACFD6754E17048D0E7F7DF03CE0DE64F9FCAE47A46718D8212D620688A598D3B6AFEC54C762D4AE8AA0BA7B1AC97B8F9766BAF71EAE16D5E2B5614AC4FA5E20A0BCD622134AC7B08E00B8020D580F2C28CA1D15BDA1981CCE0E0AB5CDE942DFCC578EFF0C250B874E638705294A00724F9ED1329DA93179CAA869EE4BBAAD9F29993945745A5116840906BA4DCF9E303CE0947D4FD59C7964CC001882C001FB188697652B0A949624A983DA2099443191F6DD4EF89B705CCC825FC16C4AC5FD63D932901DE28AEEAB0DF883F44A6F0923B54A9477A3B521D8E12DD10453931E00E9F3A39AF5083
-20210512111445 2 6 100 7679 5 C260CF005EEA851908A07073F58C88D37464F6C4353E3652C60C64BB441FAB9B7FB9F6CBB9D8073D3FE935B70EA1F508B2AF0E89899E9B6FD2B0E0583386A56CDADB39C1E362175A28F278B43A478B8506B1592C5A1DB8F33CE21C43CC5763DE1218C349755906B8D975B9DA963936BC01F7D79C5928C25E602D5B838892C62FDD61FAD8D0E189A70EC5891239BF69A75C87ACF1DC8DC50B359A9DC624FF7F92627B5D29748D84549AA6A831A35742E579A206F56DB0AD497AA834B877538C8045F3EE38A189AF9FFFBFC36FA4758EF1334DA487353514C0C406DB6B38E9327895D73DA4E92042EA6880336392E7E8342A1A7526816FEC68E95C995C9388779636AF8A45F54274EBDDD439AA16EE284FAF1E5459C99372083CF1531730F0354BF7E9C0733A3E785E82D99D270870B97D303F2A968C1469041D62277A14DFA2B279991C7E3C45DFEE93192650BF89D46218932FEB1C357EFA71A7F669F42FA4417F7053AEA70D43646CFDBCF7C05A1ABF53D1B5CA701BB6281097C600F951EDDEB258722C6EBA5A663BEB51CDA38D36584D6566BA1878558A7B2D32B28675D1FB2463C8C8AA5CC9CCBD733F3D741BDDC3F0F9532AAA1BB6E039F59B3CE4E5566440DEABF306861EAC945A4DDB2BC7E1B4096D92EB6901C7B83EB8980128935FCB70E82E855BBE41A9438BE84ACC738F818E5E3EDBA0AEE97CDB1634BABB6B1928BB43EDFB053DE5B3B4F0194A4D79D2EDB949D94B197F5D9406AAD368D5EEC0212A0BCA174F2BFFAACFAF2C51AE1F39DCDD849B04C0AE98935C80E62F63755F9B740343A28A5A7B93D8F5FA63E9C322BF46F484911A3B5581F9039F0A930E77AF641EEA0D1734D59B28B13280A9641382D3E489E069F2D659491F261B5FB7B4B7C7AE823D3C426FDEFD75734AD97DC4359E30BA7E99E073D8D6FD1C6B0F01006F33C829528E46565CE86F781228E2D22D7A5AA4C9E6B53DDACF380404CD9D2B2CDE31C6ECA679AA6A997AC53F9E9A429BFF636A008488447622ACFD6754E17048D0E7F7DF03CE0DE64F9FCAE47A46718D8212D620688A598D3B6AFEC54C762D4AE8AA0BA7B1AC97B8F9766BAF71EAE16D5E2B5614AC4FA5E20A0BCD622134AC7B08E00B8020D580F2C28CA1D15BDA1981CCE0E0AB5CDE942DFCC578EFF0C250B874E638705294A00724F9ED1329DA93179CAA869EE4BBAAD9F29993945745A5116840906BA4DCF9E303CE0947D4FD59C7964CC001882C001FB188697652B0A949624A983DA2099443191F6DD4EF89B705CCC825FC16C4AC5FD63D932901DE28AEEAB0DF883F44A6F0923B54A9477A3B521D8E12DD10453931E00E9F3A39D9B197
-20210512111520 2 6 100 7679 2 C260CF005EEA851908A07073F58C88D37464F6C4353E3652C60C64BB441FAB9B7FB9F6CBB9D8073D3FE935B70EA1F508B2AF0E89899E9B6FD2B0E0583386A56CDADB39C1E362175A28F278B43A478B8506B1592C5A1DB8F33CE21C43CC5763DE1218C349755906B8D975B9DA963936BC01F7D79C5928C25E602D5B838892C62FDD61FAD8D0E189A70EC5891239BF69A75C87ACF1DC8DC50B359A9DC624FF7F92627B5D29748D84549AA6A831A35742E579A206F56DB0AD497AA834B877538C8045F3EE38A189AF9FFFBFC36FA4758EF1334DA487353514C0C406DB6B38E9327895D73DA4E92042EA6880336392E7E8342A1A7526816FEC68E95C995C9388779636AF8A45F54274EBDDD439AA16EE284FAF1E5459C99372083CF1531730F0354BF7E9C0733A3E785E82D99D270870B97D303F2A968C1469041D62277A14DFA2B279991C7E3C45DFEE93192650BF89D46218932FEB1C357EFA71A7F669F42FA4417F7053AEA70D43646CFDBCF7C05A1ABF53D1B5CA701BB6281097C600F951EDDEB258722C6EBA5A663BEB51CDA38D36584D6566BA1878558A7B2D32B28675D1FB2463C8C8AA5CC9CCBD733F3D741BDDC3F0F9532AAA1BB6E039F59B3CE4E5566440DEABF306861EAC945A4DDB2BC7E1B4096D92EB6901C7B83EB8980128935FCB70E82E855BBE41A9438BE84ACC738F818E5E3EDBA0AEE97CDB1634BABB6B1928BB43EDFB053DE5B3B4F0194A4D79D2EDB949D94B197F5D9406AAD368D5EEC0212A0BCA174F2BFFAACFAF2C51AE1F39DCDD849B04C0AE98935C80E62F63755F9B740343A28A5A7B93D8F5FA63E9C322BF46F484911A3B5581F9039F0A930E77AF641EEA0D1734D59B28B13280A9641382D3E489E069F2D659491F261B5FB7B4B7C7AE823D3C426FDEFD75734AD97DC4359E30BA7E99E073D8D6FD1C6B0F01006F33C829528E46565CE86F781228E2D22D7A5AA4C9E6B53DDACF380404CD9D2B2CDE31C6ECA679AA6A997AC53F9E9A429BFF636A008488447622ACFD6754E17048D0E7F7DF03CE0DE64F9FCAE47A46718D8212D620688A598D3B6AFEC54C762D4AE8AA0BA7B1AC97B8F9766BAF71EAE16D5E2B5614AC4FA5E20A0BCD622134AC7B08E00B8020D580F2C28CA1D15BDA1981CCE0E0AB5CDE942DFCC578EFF0C250B874E638705294A00724F9ED1329DA93179CAA869EE4BBAAD9F29993945745A5116840906BA4DCF9E303CE0947D4FD59C7964CC001882C001FB188697652B0A949624A983DA2099443191F6DD4EF89B705CCC825FC16C4AC5FD63D932901DE28AEEAB0DF883F44A6F0923B54A9477A3B521D8E12DD10453931E00E9F3A39DC61F3
-20210512120145 2 6 100 7679 5 C260CF005EEA851908A07073F58C88D37464F6C4353E3652C60C64BB441FAB9B7FB9F6CBB9D8073D3FE935B70EA1F508B2AF0E89899E9B6FD2B0E0583386A56CDADB39C1E362175A28F278B43A478B8506B1592C5A1DB8F33CE21C43CC5763DE1218C349755906B8D975B9DA963936BC01F7D79C5928C25E602D5B838892C62FDD61FAD8D0E189A70EC5891239BF69A75C87ACF1DC8DC50B359A9DC624FF7F92627B5D29748D84549AA6A831A35742E579A206F56DB0AD497AA834B877538C8045F3EE38A189AF9FFFBFC36FA4758EF1334DA487353514C0C406DB6B38E9327895D73DA4E92042EA6880336392E7E8342A1A7526816FEC68E95C995C9388779636AF8A45F54274EBDDD439AA16EE284FAF1E5459C99372083CF1531730F0354BF7E9C0733A3E785E82D99D270870B97D303F2A968C1469041D62277A14DFA2B279991C7E3C45DFEE93192650BF89D46218932FEB1C357EFA71A7F669F42FA4417F7053AEA70D43646CFDBCF7C05A1ABF53D1B5CA701BB6281097C600F951EDDEB258722C6EBA5A663BEB51CDA38D36584D6566BA1878558A7B2D32B28675D1FB2463C8C8AA5CC9CCBD733F3D741BDDC3F0F9532AAA1BB6E039F59B3CE4E5566440DEABF306861EAC945A4DDB2BC7E1B4096D92EB6901C7B83EB8980128935FCB70E82E855BBE41A9438BE84ACC738F818E5E3EDBA0AEE97CDB1634BABB6B1928BB43EDFB053DE5B3B4F0194A4D79D2EDB949D94B197F5D9406AAD368D5EEC0212A0BCA174F2BFFAACFAF2C51AE1F39DCDD849B04C0AE98935C80E62F63755F9B740343A28A5A7B93D8F5FA63E9C322BF46F484911A3B5581F9039F0A930E77AF641EEA0D1734D59B28B13280A9641382D3E489E069F2D659491F261B5FB7B4B7C7AE823D3C426FDEFD75734AD97DC4359E30BA7E99E073D8D6FD1C6B0F01006F33C829528E46565CE86F781228E2D22D7A5AA4C9E6B53DDACF380404CD9D2B2CDE31C6ECA679AA6A997AC53F9E9A429BFF636A008488447622ACFD6754E17048D0E7F7DF03CE0DE64F9FCAE47A46718D8212D620688A598D3B6AFEC54C762D4AE8AA0BA7B1AC97B8F9766BAF71EAE16D5E2B5614AC4FA5E20A0BCD622134AC7B08E00B8020D580F2C28CA1D15BDA1981CCE0E0AB5CDE942DFCC578EFF0C250B874E638705294A00724F9ED1329DA93179CAA869EE4BBAAD9F29993945745A5116840906BA4DCF9E303CE0947D4FD59C7964CC001882C001FB188697652B0A949624A983DA2099443191F6DD4EF89B705CCC825FC16C4AC5FD63D932901DE28AEEAB0DF883F44A6F0923B54A9477A3B521D8E12DD10453931E00E9F3A3D4F7B0F
-20210512135337 2 6 100 7679 2 C260CF005EEA851908A07073F58C88D37464F6C4353E3652C60C64BB441FAB9B7FB9F6CBB9D8073D3FE935B70EA1F508B2AF0E89899E9B6FD2B0E0583386A56CDADB39C1E362175A28F278B43A478B8506B1592C5A1DB8F33CE21C43CC5763DE1218C349755906B8D975B9DA963936BC01F7D79C5928C25E602D5B838892C62FDD61FAD8D0E189A70EC5891239BF69A75C87ACF1DC8DC50B359A9DC624FF7F92627B5D29748D84549AA6A831A35742E579A206F56DB0AD497AA834B877538C8045F3EE38A189AF9FFFBFC36FA4758EF1334DA487353514C0C406DB6B38E9327895D73DA4E92042EA6880336392E7E8342A1A7526816FEC68E95C995C9388779636AF8A45F54274EBDDD439AA16EE284FAF1E5459C99372083CF1531730F0354BF7E9C0733A3E785E82D99D270870B97D303F2A968C1469041D62277A14DFA2B279991C7E3C45DFEE93192650BF89D46218932FEB1C357EFA71A7F669F42FA4417F7053AEA70D43646CFDBCF7C05A1ABF53D1B5CA701BB6281097C600F951EDDEB258722C6EBA5A663BEB51CDA38D36584D6566BA1878558A7B2D32B28675D1FB2463C8C8AA5CC9CCBD733F3D741BDDC3F0F9532AAA1BB6E039F59B3CE4E5566440DEABF306861EAC945A4DDB2BC7E1B4096D92EB6901C7B83EB8980128935FCB70E82E855BBE41A9438BE84ACC738F818E5E3EDBA0AEE97CDB1634BABB6B1928BB43EDFB053DE5B3B4F0194A4D79D2EDB949D94B197F5D9406AAD368D5EEC0212A0BCA174F2BFFAACFAF2C51AE1F39DCDD849B04C0AE98935C80E62F63755F9B740343A28A5A7B93D8F5FA63E9C322BF46F484911A3B5581F9039F0A930E77AF641EEA0D1734D59B28B13280A9641382D3E489E069F2D659491F261B5FB7B4B7C7AE823D3C426FDEFD75734AD97DC4359E30BA7E99E073D8D6FD1C6B0F01006F33C829528E46565CE86F781228E2D22D7A5AA4C9E6B53DDACF380404CD9D2B2CDE31C6ECA679AA6A997AC53F9E9A429BFF636A008488447622ACFD6754E17048D0E7F7DF03CE0DE64F9FCAE47A46718D8212D620688A598D3B6AFEC54C762D4AE8AA0BA7B1AC97B8F9766BAF71EAE16D5E2B5614AC4FA5E20A0BCD622134AC7B08E00B8020D580F2C28CA1D15BDA1981CCE0E0AB5CDE942DFCC578EFF0C250B874E638705294A00724F9ED1329DA93179CAA869EE4BBAAD9F29993945745A5116840906BA4DCF9E303CE0947D4FD59C7964CC001882C001FB188697652B0A949624A983DA2099443191F6DD4EF89B705CCC825FC16C4AC5FD63D932901DE28AEEAB0DF883F44A6F0923B54A9477A3B521D8E12DD10453931E00E9F3A45A535C3
-20210512141816 2 6 100 7679 5 FAFDEC5D38380C2FFBEDCDA1262E4817F274B6544BB0A1904CF571375327EDF0105410A3F584F9A15982937EB5A64E30206DA90D66B89BF48EC74E7F40FB957673193875E02B88101A4FE81C47EBCB8451386AAEC6EA69F967310C79D8CC71BE07F669C3094E5F2CD314FF0FDD08256EFDFC03EF43C4704684CEEBBBFC48D48C920B2AC3CC15010D7EE49049D52B12E6E9228BF0482C174747EA40E558D88CACA9F143A496236C120DE560FDD7B2A1175407D333103C025E8EAE424AC5BADA1A354428B451F594BE605000CA3B2773B2D91FEDBBAF2E58DE2F03461A9F8D90B84209F66D7203E92774AB5B83809BAFFCC8D32ACB1B0AD4D1C2D37CED00654FB7517A56FE35CD364967D541D336C0E2CF96303B3BD1FBBC12D5DCF3D8F343BD2DD0EA3B5FA0062DC9A426A36DD27FD9C8E76DBB7FFE97BA3B27BDE53B017D7C9DFA6A4354FC95F3DAD99172290423EB507B574D6CEAF38A4AE227FD44541A29560020EA2EC10C5213E1EBC7A686AFA770A09C28E0D1EFB46AD409D2C58B8A4EF2E740957BCE903FF63D0B5E6BCF7E8C2B8F85DB93FC96E78BE2002603FF9AC2ACF368269FE034D6A5F8BFC6249FD140E85E9435C8B03D9390F1D0FD44519C21D174F7901BAB95DE7C91A1BFB9EB1079C584A71392A72768B2C2748145835AE7A5509B3C59539F46B5E0DF6955B84687C454679C9D87198605D78D1B551F502A5ACD915F55C919763C2F1206A0ADD5F651031A76EA0D102D064CBE24F919D3CF333D1EA0E89C1CA9E7D115802FC38757A50C97849D41E03C5F1EB8485CDDB55464E44172B0DE3D4F94A5AD01ECE4D70E17181225418F4205ABA526FA1D8C493749243D626C1D6A3170AD9D7DA551F3642229428803E81782D49355CB6CCEE08AB7583CA3A73354F2942BC6225E07788E542B1E2A9B46724D8A8EE0BE6F79CCDF78B10FC78FF3E15FFBC2EF1FFF4F53A328C7850BC0DAF358823712FF3609B981377D64FD274C578FFE92A6AE74F6F6A37907BD6B71FDA8C492C15BF9F820360709CFE9C5DFB03196120DF85D7D730DBA4CDFC36F2760227A5EAA27AA255935616A3833609B890B2445FC82D7A70B798DCB71E7C5B868AF06577FDDD034B63FF8A5CEEE3A1BBCD4CC61AF7A21D812E5987B35EF262FCCDFE85FF02E21E95C20C66357D8C813C672AFF03D9B4023E94E4397596BEA7F642D14DDA48D455EE0EBC7979D7AAD8994DC9A0DB84F1EE247C71E3D3A5626455CABC9C91BBAA98E2DD96EDA9EC0CDE2130236907A41D227CC515E1B139D278BC9F1DC231BDBDD76C400564D3200B2F61980B679BE9D8BF9D37BA5C0CB681E5054431A61CBF3979EBF1F48AF
-20210512151944 2 6 100 7679 5 FAFDEC5D38380C2FFBEDCDA1262E4817F274B6544BB0A1904CF571375327EDF0105410A3F584F9A15982937EB5A64E30206DA90D66B89BF48EC74E7F40FB957673193875E02B88101A4FE81C47EBCB8451386AAEC6EA69F967310C79D8CC71BE07F669C3094E5F2CD314FF0FDD08256EFDFC03EF43C4704684CEEBBBFC48D48C920B2AC3CC15010D7EE49049D52B12E6E9228BF0482C174747EA40E558D88CACA9F143A496236C120DE560FDD7B2A1175407D333103C025E8EAE424AC5BADA1A354428B451F594BE605000CA3B2773B2D91FEDBBAF2E58DE2F03461A9F8D90B84209F66D7203E92774AB5B83809BAFFCC8D32ACB1B0AD4D1C2D37CED00654FB7517A56FE35CD364967D541D336C0E2CF96303B3BD1FBBC12D5DCF3D8F343BD2DD0EA3B5FA0062DC9A426A36DD27FD9C8E76DBB7FFE97BA3B27BDE53B017D7C9DFA6A4354FC95F3DAD99172290423EB507B574D6CEAF38A4AE227FD44541A29560020EA2EC10C5213E1EBC7A686AFA770A09C28E0D1EFB46AD409D2C58B8A4EF2E740957BCE903FF63D0B5E6BCF7E8C2B8F85DB93FC96E78BE2002603FF9AC2ACF368269FE034D6A5F8BFC6249FD140E85E9435C8B03D9390F1D0FD44519C21D174F7901BAB95DE7C91A1BFB9EB1079C584A71392A72768B2C2748145835AE7A5509B3C59539F46B5E0DF6955B84687C454679C9D87198605D78D1B551F502A5ACD915F55C919763C2F1206A0ADD5F651031A76EA0D102D064CBE24F919D3CF333D1EA0E89C1CA9E7D115802FC38757A50C97849D41E03C5F1EB8485CDDB55464E44172B0DE3D4F94A5AD01ECE4D70E17181225418F4205ABA526FA1D8C493749243D626C1D6A3170AD9D7DA551F3642229428803E81782D49355CB6CCEE08AB7583CA3A73354F2942BC6225E07788E542B1E2A9B46724D8A8EE0BE6F79CCDF78B10FC78FF3E15FFBC2EF1FFF4F53A328C7850BC0DAF358823712FF3609B981377D64FD274C578FFE92A6AE74F6F6A37907BD6B71FDA8C492C15BF9F820360709CFE9C5DFB03196120DF85D7D730DBA4CDFC36F2760227A5EAA27AA255935616A3833609B890B2445FC82D7A70B798DCB71E7C5B868AF06577FDDD034B63FF8A5CEEE3A1BBCD4CC61AF7A21D812E5987B35EF262FCCDFE85FF02E21E95C20C66357D8C813C672AFF03D9B4023E94E4397596BEA7F642D14DDA48D455EE0EBC7979D7AAD8994DC9A0DB84F1EE247C71E3D3A5626455CABC9C91BBAA98E2DD96EDA9EC0CDE2130236907A41D227CC515E1B139D278BC9F1DC231BDBDD76C400564D3200B2F61980B679BE9D8BF9D37BA5C0CB681E5054431A61CBF3979EC46EAC57
-20210512152457 2 6 100 7679 5 FAFDEC5D38380C2FFBEDCDA1262E4817F274B6544BB0A1904CF571375327EDF0105410A3F584F9A15982937EB5A64E30206DA90D66B89BF48EC74E7F40FB957673193875E02B88101A4FE81C47EBCB8451386AAEC6EA69F967310C79D8CC71BE07F669C3094E5F2CD314FF0FDD08256EFDFC03EF43C4704684CEEBBBFC48D48C920B2AC3CC15010D7EE49049D52B12E6E9228BF0482C174747EA40E558D88CACA9F143A496236C120DE560FDD7B2A1175407D333103C025E8EAE424AC5BADA1A354428B451F594BE605000CA3B2773B2D91FEDBBAF2E58DE2F03461A9F8D90B84209F66D7203E92774AB5B83809BAFFCC8D32ACB1B0AD4D1C2D37CED00654FB7517A56FE35CD364967D541D336C0E2CF96303B3BD1FBBC12D5DCF3D8F343BD2DD0EA3B5FA0062DC9A426A36DD27FD9C8E76DBB7FFE97BA3B27BDE53B017D7C9DFA6A4354FC95F3DAD99172290423EB507B574D6CEAF38A4AE227FD44541A29560020EA2EC10C5213E1EBC7A686AFA770A09C28E0D1EFB46AD409D2C58B8A4EF2E740957BCE903FF63D0B5E6BCF7E8C2B8F85DB93FC96E78BE2002603FF9AC2ACF368269FE034D6A5F8BFC6249FD140E85E9435C8B03D9390F1D0FD44519C21D174F7901BAB95DE7C91A1BFB9EB1079C584A71392A72768B2C2748145835AE7A5509B3C59539F46B5E0DF6955B84687C454679C9D87198605D78D1B551F502A5ACD915F55C919763C2F1206A0ADD5F651031A76EA0D102D064CBE24F919D3CF333D1EA0E89C1CA9E7D115802FC38757A50C97849D41E03C5F1EB8485CDDB55464E44172B0DE3D4F94A5AD01ECE4D70E17181225418F4205ABA526FA1D8C493749243D626C1D6A3170AD9D7DA551F3642229428803E81782D49355CB6CCEE08AB7583CA3A73354F2942BC6225E07788E542B1E2A9B46724D8A8EE0BE6F79CCDF78B10FC78FF3E15FFBC2EF1FFF4F53A328C7850BC0DAF358823712FF3609B981377D64FD274C578FFE92A6AE74F6F6A37907BD6B71FDA8C492C15BF9F820360709CFE9C5DFB03196120DF85D7D730DBA4CDFC36F2760227A5EAA27AA255935616A3833609B890B2445FC82D7A70B798DCB71E7C5B868AF06577FDDD034B63FF8A5CEEE3A1BBCD4CC61AF7A21D812E5987B35EF262FCCDFE85FF02E21E95C20C66357D8C813C672AFF03D9B4023E94E4397596BEA7F642D14DDA48D455EE0EBC7979D7AAD8994DC9A0DB84F1EE247C71E3D3A5626455CABC9C91BBAA98E2DD96EDA9EC0CDE2130236907A41D227CC515E1B139D278BC9F1DC231BDBDD76C400564D3200B2F61980B679BE9D8BF9D37BA5C0CB681E5054431A61CBF3979EC4D2E37F
-20210512160220 2 6 100 7679 5 FAFDEC5D38380C2FFBEDCDA1262E4817F274B6544BB0A1904CF571375327EDF0105410A3F584F9A15982937EB5A64E30206DA90D66B89BF48EC74E7F40FB957673193875E02B88101A4FE81C47EBCB8451386AAEC6EA69F967310C79D8CC71BE07F669C3094E5F2CD314FF0FDD08256EFDFC03EF43C4704684CEEBBBFC48D48C920B2AC3CC15010D7EE49049D52B12E6E9228BF0482C174747EA40E558D88CACA9F143A496236C120DE560FDD7B2A1175407D333103C025E8EAE424AC5BADA1A354428B451F594BE605000CA3B2773B2D91FEDBBAF2E58DE2F03461A9F8D90B84209F66D7203E92774AB5B83809BAFFCC8D32ACB1B0AD4D1C2D37CED00654FB7517A56FE35CD364967D541D336C0E2CF96303B3BD1FBBC12D5DCF3D8F343BD2DD0EA3B5FA0062DC9A426A36DD27FD9C8E76DBB7FFE97BA3B27BDE53B017D7C9DFA6A4354FC95F3DAD99172290423EB507B574D6CEAF38A4AE227FD44541A29560020EA2EC10C5213E1EBC7A686AFA770A09C28E0D1EFB46AD409D2C58B8A4EF2E740957BCE903FF63D0B5E6BCF7E8C2B8F85DB93FC96E78BE2002603FF9AC2ACF368269FE034D6A5F8BFC6249FD140E85E9435C8B03D9390F1D0FD44519C21D174F7901BAB95DE7C91A1BFB9EB1079C584A71392A72768B2C2748145835AE7A5509B3C59539F46B5E0DF6955B84687C454679C9D87198605D78D1B551F502A5ACD915F55C919763C2F1206A0ADD5F651031A76EA0D102D064CBE24F919D3CF333D1EA0E89C1CA9E7D115802FC38757A50C97849D41E03C5F1EB8485CDDB55464E44172B0DE3D4F94A5AD01ECE4D70E17181225418F4205ABA526FA1D8C493749243D626C1D6A3170AD9D7DA551F3642229428803E81782D49355CB6CCEE08AB7583CA3A73354F2942BC6225E07788E542B1E2A9B46724D8A8EE0BE6F79CCDF78B10FC78FF3E15FFBC2EF1FFF4F53A328C7850BC0DAF358823712FF3609B981377D64FD274C578FFE92A6AE74F6F6A37907BD6B71FDA8C492C15BF9F820360709CFE9C5DFB03196120DF85D7D730DBA4CDFC36F2760227A5EAA27AA255935616A3833609B890B2445FC82D7A70B798DCB71E7C5B868AF06577FDDD034B63FF8A5CEEE3A1BBCD4CC61AF7A21D812E5987B35EF262FCCDFE85FF02E21E95C20C66357D8C813C672AFF03D9B4023E94E4397596BEA7F642D14DDA48D455EE0EBC7979D7AAD8994DC9A0DB84F1EE247C71E3D3A5626455CABC9C91BBAA98E2DD96EDA9EC0CDE2130236907A41D227CC515E1B139D278BC9F1DC231BDBDD76C400564D3200B2F61980B679BE9D8BF9D37BA5C0CB681E5054431A61CBF3979EC805627F
-20210512161859 2 6 100 7679 2 FAFDEC5D38380C2FFBEDCDA1262E4817F274B6544BB0A1904CF571375327EDF0105410A3F584F9A15982937EB5A64E30206DA90D66B89BF48EC74E7F40FB957673193875E02B88101A4FE81C47EBCB8451386AAEC6EA69F967310C79D8CC71BE07F669C3094E5F2CD314FF0FDD08256EFDFC03EF43C4704684CEEBBBFC48D48C920B2AC3CC15010D7EE49049D52B12E6E9228BF0482C174747EA40E558D88CACA9F143A496236C120DE560FDD7B2A1175407D333103C025E8EAE424AC5BADA1A354428B451F594BE605000CA3B2773B2D91FEDBBAF2E58DE2F03461A9F8D90B84209F66D7203E92774AB5B83809BAFFCC8D32ACB1B0AD4D1C2D37CED00654FB7517A56FE35CD364967D541D336C0E2CF96303B3BD1FBBC12D5DCF3D8F343BD2DD0EA3B5FA0062DC9A426A36DD27FD9C8E76DBB7FFE97BA3B27BDE53B017D7C9DFA6A4354FC95F3DAD99172290423EB507B574D6CEAF38A4AE227FD44541A29560020EA2EC10C5213E1EBC7A686AFA770A09C28E0D1EFB46AD409D2C58B8A4EF2E740957BCE903FF63D0B5E6BCF7E8C2B8F85DB93FC96E78BE2002603FF9AC2ACF368269FE034D6A5F8BFC6249FD140E85E9435C8B03D9390F1D0FD44519C21D174F7901BAB95DE7C91A1BFB9EB1079C584A71392A72768B2C2748145835AE7A5509B3C59539F46B5E0DF6955B84687C454679C9D87198605D78D1B551F502A5ACD915F55C919763C2F1206A0ADD5F651031A76EA0D102D064CBE24F919D3CF333D1EA0E89C1CA9E7D115802FC38757A50C97849D41E03C5F1EB8485CDDB55464E44172B0DE3D4F94A5AD01ECE4D70E17181225418F4205ABA526FA1D8C493749243D626C1D6A3170AD9D7DA551F3642229428803E81782D49355CB6CCEE08AB7583CA3A73354F2942BC6225E07788E542B1E2A9B46724D8A8EE0BE6F79CCDF78B10FC78FF3E15FFBC2EF1FFF4F53A328C7850BC0DAF358823712FF3609B981377D64FD274C578FFE92A6AE74F6F6A37907BD6B71FDA8C492C15BF9F820360709CFE9C5DFB03196120DF85D7D730DBA4CDFC36F2760227A5EAA27AA255935616A3833609B890B2445FC82D7A70B798DCB71E7C5B868AF06577FDDD034B63FF8A5CEEE3A1BBCD4CC61AF7A21D812E5987B35EF262FCCDFE85FF02E21E95C20C66357D8C813C672AFF03D9B4023E94E4397596BEA7F642D14DDA48D455EE0EBC7979D7AAD8994DC9A0DB84F1EE247C71E3D3A5626455CABC9C91BBAA98E2DD96EDA9EC0CDE2130236907A41D227CC515E1B139D278BC9F1DC231BDBDD76C400564D3200B2F61980B679BE9D8BF9D37BA5C0CB681E5054431A61CBF3979EC96E198B
-20210512165622 2 6 100 7679 5 FAFDEC5D38380C2FFBEDCDA1262E4817F274B6544BB0A1904CF571375327EDF0105410A3F584F9A15982937EB5A64E30206DA90D66B89BF48EC74E7F40FB957673193875E02B88101A4FE81C47EBCB8451386AAEC6EA69F967310C79D8CC71BE07F669C3094E5F2CD314FF0FDD08256EFDFC03EF43C4704684CEEBBBFC48D48C920B2AC3CC15010D7EE49049D52B12E6E9228BF0482C174747EA40E558D88CACA9F143A496236C120DE560FDD7B2A1175407D333103C025E8EAE424AC5BADA1A354428B451F594BE605000CA3B2773B2D91FEDBBAF2E58DE2F03461A9F8D90B84209F66D7203E92774AB5B83809BAFFCC8D32ACB1B0AD4D1C2D37CED00654FB7517A56FE35CD364967D541D336C0E2CF96303B3BD1FBBC12D5DCF3D8F343BD2DD0EA3B5FA0062DC9A426A36DD27FD9C8E76DBB7FFE97BA3B27BDE53B017D7C9DFA6A4354FC95F3DAD99172290423EB507B574D6CEAF38A4AE227FD44541A29560020EA2EC10C5213E1EBC7A686AFA770A09C28E0D1EFB46AD409D2C58B8A4EF2E740957BCE903FF63D0B5E6BCF7E8C2B8F85DB93FC96E78BE2002603FF9AC2ACF368269FE034D6A5F8BFC6249FD140E85E9435C8B03D9390F1D0FD44519C21D174F7901BAB95DE7C91A1BFB9EB1079C584A71392A72768B2C2748145835AE7A5509B3C59539F46B5E0DF6955B84687C454679C9D87198605D78D1B551F502A5ACD915F55C919763C2F1206A0ADD5F651031A76EA0D102D064CBE24F919D3CF333D1EA0E89C1CA9E7D115802FC38757A50C97849D41E03C5F1EB8485CDDB55464E44172B0DE3D4F94A5AD01ECE4D70E17181225418F4205ABA526FA1D8C493749243D626C1D6A3170AD9D7DA551F3642229428803E81782D49355CB6CCEE08AB7583CA3A73354F2942BC6225E07788E542B1E2A9B46724D8A8EE0BE6F79CCDF78B10FC78FF3E15FFBC2EF1FFF4F53A328C7850BC0DAF358823712FF3609B981377D64FD274C578FFE92A6AE74F6F6A37907BD6B71FDA8C492C15BF9F820360709CFE9C5DFB03196120DF85D7D730DBA4CDFC36F2760227A5EAA27AA255935616A3833609B890B2445FC82D7A70B798DCB71E7C5B868AF06577FDDD034B63FF8A5CEEE3A1BBCD4CC61AF7A21D812E5987B35EF262FCCDFE85FF02E21E95C20C66357D8C813C672AFF03D9B4023E94E4397596BEA7F642D14DDA48D455EE0EBC7979D7AAD8994DC9A0DB84F1EE247C71E3D3A5626455CABC9C91BBAA98E2DD96EDA9EC0CDE2130236907A41D227CC515E1B139D278BC9F1DC231BDBDD76C400564D3200B2F61980B679BE9D8BF9D37BA5C0CB681E5054431A61CBF3979ECC946B97
-20210512182636 2 6 100 7679 2 FAFDEC5D38380C2FFBEDCDA1262E4817F274B6544BB0A1904CF571375327EDF0105410A3F584F9A15982937EB5A64E30206DA90D66B89BF48EC74E7F40FB957673193875E02B88101A4FE81C47EBCB8451386AAEC6EA69F967310C79D8CC71BE07F669C3094E5F2CD314FF0FDD08256EFDFC03EF43C4704684CEEBBBFC48D48C920B2AC3CC15010D7EE49049D52B12E6E9228BF0482C174747EA40E558D88CACA9F143A496236C120DE560FDD7B2A1175407D333103C025E8EAE424AC5BADA1A354428B451F594BE605000CA3B2773B2D91FEDBBAF2E58DE2F03461A9F8D90B84209F66D7203E92774AB5B83809BAFFCC8D32ACB1B0AD4D1C2D37CED00654FB7517A56FE35CD364967D541D336C0E2CF96303B3BD1FBBC12D5DCF3D8F343BD2DD0EA3B5FA0062DC9A426A36DD27FD9C8E76DBB7FFE97BA3B27BDE53B017D7C9DFA6A4354FC95F3DAD99172290423EB507B574D6CEAF38A4AE227FD44541A29560020EA2EC10C5213E1EBC7A686AFA770A09C28E0D1EFB46AD409D2C58B8A4EF2E740957BCE903FF63D0B5E6BCF7E8C2B8F85DB93FC96E78BE2002603FF9AC2ACF368269FE034D6A5F8BFC6249FD140E85E9435C8B03D9390F1D0FD44519C21D174F7901BAB95DE7C91A1BFB9EB1079C584A71392A72768B2C2748145835AE7A5509B3C59539F46B5E0DF6955B84687C454679C9D87198605D78D1B551F502A5ACD915F55C919763C2F1206A0ADD5F651031A76EA0D102D064CBE24F919D3CF333D1EA0E89C1CA9E7D115802FC38757A50C97849D41E03C5F1EB8485CDDB55464E44172B0DE3D4F94A5AD01ECE4D70E17181225418F4205ABA526FA1D8C493749243D626C1D6A3170AD9D7DA551F3642229428803E81782D49355CB6CCEE08AB7583CA3A73354F2942BC6225E07788E542B1E2A9B46724D8A8EE0BE6F79CCDF78B10FC78FF3E15FFBC2EF1FFF4F53A328C7850BC0DAF358823712FF3609B981377D64FD274C578FFE92A6AE74F6F6A37907BD6B71FDA8C492C15BF9F820360709CFE9C5DFB03196120DF85D7D730DBA4CDFC36F2760227A5EAA27AA255935616A3833609B890B2445FC82D7A70B798DCB71E7C5B868AF06577FDDD034B63FF8A5CEEE3A1BBCD4CC61AF7A21D812E5987B35EF262FCCDFE85FF02E21E95C20C66357D8C813C672AFF03D9B4023E94E4397596BEA7F642D14DDA48D455EE0EBC7979D7AAD8994DC9A0DB84F1EE247C71E3D3A5626455CABC9C91BBAA98E2DD96EDA9EC0CDE2130236907A41D227CC515E1B139D278BC9F1DC231BDBDD76C400564D3200B2F61980B679BE9D8BF9D37BA5C0CB681E5054431A61CBF3979ED42A027B
-20210512183805 2 6 100 7679 2 FAFDEC5D38380C2FFBEDCDA1262E4817F274B6544BB0A1904CF571375327EDF0105410A3F584F9A15982937EB5A64E30206DA90D66B89BF48EC74E7F40FB957673193875E02B88101A4FE81C47EBCB8451386AAEC6EA69F967310C79D8CC71BE07F669C3094E5F2CD314FF0FDD08256EFDFC03EF43C4704684CEEBBBFC48D48C920B2AC3CC15010D7EE49049D52B12E6E9228BF0482C174747EA40E558D88CACA9F143A496236C120DE560FDD7B2A1175407D333103C025E8EAE424AC5BADA1A354428B451F594BE605000CA3B2773B2D91FEDBBAF2E58DE2F03461A9F8D90B84209F66D7203E92774AB5B83809BAFFCC8D32ACB1B0AD4D1C2D37CED00654FB7517A56FE35CD364967D541D336C0E2CF96303B3BD1FBBC12D5DCF3D8F343BD2DD0EA3B5FA0062DC9A426A36DD27FD9C8E76DBB7FFE97BA3B27BDE53B017D7C9DFA6A4354FC95F3DAD99172290423EB507B574D6CEAF38A4AE227FD44541A29560020EA2EC10C5213E1EBC7A686AFA770A09C28E0D1EFB46AD409D2C58B8A4EF2E740957BCE903FF63D0B5E6BCF7E8C2B8F85DB93FC96E78BE2002603FF9AC2ACF368269FE034D6A5F8BFC6249FD140E85E9435C8B03D9390F1D0FD44519C21D174F7901BAB95DE7C91A1BFB9EB1079C584A71392A72768B2C2748145835AE7A5509B3C59539F46B5E0DF6955B84687C454679C9D87198605D78D1B551F502A5ACD915F55C919763C2F1206A0ADD5F651031A76EA0D102D064CBE24F919D3CF333D1EA0E89C1CA9E7D115802FC38757A50C97849D41E03C5F1EB8485CDDB55464E44172B0DE3D4F94A5AD01ECE4D70E17181225418F4205ABA526FA1D8C493749243D626C1D6A3170AD9D7DA551F3642229428803E81782D49355CB6CCEE08AB7583CA3A73354F2942BC6225E07788E542B1E2A9B46724D8A8EE0BE6F79CCDF78B10FC78FF3E15FFBC2EF1FFF4F53A328C7850BC0DAF358823712FF3609B981377D64FD274C578FFE92A6AE74F6F6A37907BD6B71FDA8C492C15BF9F820360709CFE9C5DFB03196120DF85D7D730DBA4CDFC36F2760227A5EAA27AA255935616A3833609B890B2445FC82D7A70B798DCB71E7C5B868AF06577FDDD034B63FF8A5CEEE3A1BBCD4CC61AF7A21D812E5987B35EF262FCCDFE85FF02E21E95C20C66357D8C813C672AFF03D9B4023E94E4397596BEA7F642D14DDA48D455EE0EBC7979D7AAD8994DC9A0DB84F1EE247C71E3D3A5626455CABC9C91BBAA98E2DD96EDA9EC0CDE2130236907A41D227CC515E1B139D278BC9F1DC231BDBDD76C400564D3200B2F61980B679BE9D8BF9D37BA5C0CB681E5054431A61CBF3979ED519CAFB
-20210512184521 2 6 100 7679 5 FAFDEC5D38380C2FFBEDCDA1262E4817F274B6544BB0A1904CF571375327EDF0105410A3F584F9A15982937EB5A64E30206DA90D66B89BF48EC74E7F40FB957673193875E02B88101A4FE81C47EBCB8451386AAEC6EA69F967310C79D8CC71BE07F669C3094E5F2CD314FF0FDD08256EFDFC03EF43C4704684CEEBBBFC48D48C920B2AC3CC15010D7EE49049D52B12E6E9228BF0482C174747EA40E558D88CACA9F143A496236C120DE560FDD7B2A1175407D333103C025E8EAE424AC5BADA1A354428B451F594BE605000CA3B2773B2D91FEDBBAF2E58DE2F03461A9F8D90B84209F66D7203E92774AB5B83809BAFFCC8D32ACB1B0AD4D1C2D37CED00654FB7517A56FE35CD364967D541D336C0E2CF96303B3BD1FBBC12D5DCF3D8F343BD2DD0EA3B5FA0062DC9A426A36DD27FD9C8E76DBB7FFE97BA3B27BDE53B017D7C9DFA6A4354FC95F3DAD99172290423EB507B574D6CEAF38A4AE227FD44541A29560020EA2EC10C5213E1EBC7A686AFA770A09C28E0D1EFB46AD409D2C58B8A4EF2E740957BCE903FF63D0B5E6BCF7E8C2B8F85DB93FC96E78BE2002603FF9AC2ACF368269FE034D6A5F8BFC6249FD140E85E9435C8B03D9390F1D0FD44519C21D174F7901BAB95DE7C91A1BFB9EB1079C584A71392A72768B2C2748145835AE7A5509B3C59539F46B5E0DF6955B84687C454679C9D87198605D78D1B551F502A5ACD915F55C919763C2F1206A0ADD5F651031A76EA0D102D064CBE24F919D3CF333D1EA0E89C1CA9E7D115802FC38757A50C97849D41E03C5F1EB8485CDDB55464E44172B0DE3D4F94A5AD01ECE4D70E17181225418F4205ABA526FA1D8C493749243D626C1D6A3170AD9D7DA551F3642229428803E81782D49355CB6CCEE08AB7583CA3A73354F2942BC6225E07788E542B1E2A9B46724D8A8EE0BE6F79CCDF78B10FC78FF3E15FFBC2EF1FFF4F53A328C7850BC0DAF358823712FF3609B981377D64FD274C578FFE92A6AE74F6F6A37907BD6B71FDA8C492C15BF9F820360709CFE9C5DFB03196120DF85D7D730DBA4CDFC36F2760227A5EAA27AA255935616A3833609B890B2445FC82D7A70B798DCB71E7C5B868AF06577FDDD034B63FF8A5CEEE3A1BBCD4CC61AF7A21D812E5987B35EF262FCCDFE85FF02E21E95C20C66357D8C813C672AFF03D9B4023E94E4397596BEA7F642D14DDA48D455EE0EBC7979D7AAD8994DC9A0DB84F1EE247C71E3D3A5626455CABC9C91BBAA98E2DD96EDA9EC0CDE2130236907A41D227CC515E1B139D278BC9F1DC231BDBDD76C400564D3200B2F61980B679BE9D8BF9D37BA5C0CB681E5054431A61CBF3979ED5AD365F
-20210512185310 2 6 100 7679 2 FAFDEC5D38380C2FFBEDCDA1262E4817F274B6544BB0A1904CF571375327EDF0105410A3F584F9A15982937EB5A64E30206DA90D66B89BF48EC74E7F40FB957673193875E02B88101A4FE81C47EBCB8451386AAEC6EA69F967310C79D8CC71BE07F669C3094E5F2CD314FF0FDD08256EFDFC03EF43C4704684CEEBBBFC48D48C920B2AC3CC15010D7EE49049D52B12E6E9228BF0482C174747EA40E558D88CACA9F143A496236C120DE560FDD7B2A1175407D333103C025E8EAE424AC5BADA1A354428B451F594BE605000CA3B2773B2D91FEDBBAF2E58DE2F03461A9F8D90B84209F66D7203E92774AB5B83809BAFFCC8D32ACB1B0AD4D1C2D37CED00654FB7517A56FE35CD364967D541D336C0E2CF96303B3BD1FBBC12D5DCF3D8F343BD2DD0EA3B5FA0062DC9A426A36DD27FD9C8E76DBB7FFE97BA3B27BDE53B017D7C9DFA6A4354FC95F3DAD99172290423EB507B574D6CEAF38A4AE227FD44541A29560020EA2EC10C5213E1EBC7A686AFA770A09C28E0D1EFB46AD409D2C58B8A4EF2E740957BCE903FF63D0B5E6BCF7E8C2B8F85DB93FC96E78BE2002603FF9AC2ACF368269FE034D6A5F8BFC6249FD140E85E9435C8B03D9390F1D0FD44519C21D174F7901BAB95DE7C91A1BFB9EB1079C584A71392A72768B2C2748145835AE7A5509B3C59539F46B5E0DF6955B84687C454679C9D87198605D78D1B551F502A5ACD915F55C919763C2F1206A0ADD5F651031A76EA0D102D064CBE24F919D3CF333D1EA0E89C1CA9E7D115802FC38757A50C97849D41E03C5F1EB8485CDDB55464E44172B0DE3D4F94A5AD01ECE4D70E17181225418F4205ABA526FA1D8C493749243D626C1D6A3170AD9D7DA551F3642229428803E81782D49355CB6CCEE08AB7583CA3A73354F2942BC6225E07788E542B1E2A9B46724D8A8EE0BE6F79CCDF78B10FC78FF3E15FFBC2EF1FFF4F53A328C7850BC0DAF358823712FF3609B981377D64FD274C578FFE92A6AE74F6F6A37907BD6B71FDA8C492C15BF9F820360709CFE9C5DFB03196120DF85D7D730DBA4CDFC36F2760227A5EAA27AA255935616A3833609B890B2445FC82D7A70B798DCB71E7C5B868AF06577FDDD034B63FF8A5CEEE3A1BBCD4CC61AF7A21D812E5987B35EF262FCCDFE85FF02E21E95C20C66357D8C813C672AFF03D9B4023E94E4397596BEA7F642D14DDA48D455EE0EBC7979D7AAD8994DC9A0DB84F1EE247C71E3D3A5626455CABC9C91BBAA98E2DD96EDA9EC0CDE2130236907A41D227CC515E1B139D278BC9F1DC231BDBDD76C400564D3200B2F61980B679BE9D8BF9D37BA5C0CB681E5054431A61CBF3979ED648AE4B
-20210512204010 2 6 100 7679 5 FAFDEC5D38380C2FFBEDCDA1262E4817F274B6544BB0A1904CF571375327EDF0105410A3F584F9A15982937EB5A64E30206DA90D66B89BF48EC74E7F40FB957673193875E02B88101A4FE81C47EBCB8451386AAEC6EA69F967310C79D8CC71BE07F669C3094E5F2CD314FF0FDD08256EFDFC03EF43C4704684CEEBBBFC48D48C920B2AC3CC15010D7EE49049D52B12E6E9228BF0482C174747EA40E558D88CACA9F143A496236C120DE560FDD7B2A1175407D333103C025E8EAE424AC5BADA1A354428B451F594BE605000CA3B2773B2D91FEDBBAF2E58DE2F03461A9F8D90B84209F66D7203E92774AB5B83809BAFFCC8D32ACB1B0AD4D1C2D37CED00654FB7517A56FE35CD364967D541D336C0E2CF96303B3BD1FBBC12D5DCF3D8F343BD2DD0EA3B5FA0062DC9A426A36DD27FD9C8E76DBB7FFE97BA3B27BDE53B017D7C9DFA6A4354FC95F3DAD99172290423EB507B574D6CEAF38A4AE227FD44541A29560020EA2EC10C5213E1EBC7A686AFA770A09C28E0D1EFB46AD409D2C58B8A4EF2E740957BCE903FF63D0B5E6BCF7E8C2B8F85DB93FC96E78BE2002603FF9AC2ACF368269FE034D6A5F8BFC6249FD140E85E9435C8B03D9390F1D0FD44519C21D174F7901BAB95DE7C91A1BFB9EB1079C584A71392A72768B2C2748145835AE7A5509B3C59539F46B5E0DF6955B84687C454679C9D87198605D78D1B551F502A5ACD915F55C919763C2F1206A0ADD5F651031A76EA0D102D064CBE24F919D3CF333D1EA0E89C1CA9E7D115802FC38757A50C97849D41E03C5F1EB8485CDDB55464E44172B0DE3D4F94A5AD01ECE4D70E17181225418F4205ABA526FA1D8C493749243D626C1D6A3170AD9D7DA551F3642229428803E81782D49355CB6CCEE08AB7583CA3A73354F2942BC6225E07788E542B1E2A9B46724D8A8EE0BE6F79CCDF78B10FC78FF3E15FFBC2EF1FFF4F53A328C7850BC0DAF358823712FF3609B981377D64FD274C578FFE92A6AE74F6F6A37907BD6B71FDA8C492C15BF9F820360709CFE9C5DFB03196120DF85D7D730DBA4CDFC36F2760227A5EAA27AA255935616A3833609B890B2445FC82D7A70B798DCB71E7C5B868AF06577FDDD034B63FF8A5CEEE3A1BBCD4CC61AF7A21D812E5987B35EF262FCCDFE85FF02E21E95C20C66357D8C813C672AFF03D9B4023E94E4397596BEA7F642D14DDA48D455EE0EBC7979D7AAD8994DC9A0DB84F1EE247C71E3D3A5626455CABC9C91BBAA98E2DD96EDA9EC0CDE2130236907A41D227CC515E1B139D278BC9F1DC231BDBDD76C400564D3200B2F61980B679BE9D8BF9D37BA5C0CB681E5054431A61CBF3979EDF2ADBE7
-20210512204459 2 6 100 7679 2 FAFDEC5D38380C2FFBEDCDA1262E4817F274B6544BB0A1904CF571375327EDF0105410A3F584F9A15982937EB5A64E30206DA90D66B89BF48EC74E7F40FB957673193875E02B88101A4FE81C47EBCB8451386AAEC6EA69F967310C79D8CC71BE07F669C3094E5F2CD314FF0FDD08256EFDFC03EF43C4704684CEEBBBFC48D48C920B2AC3CC15010D7EE49049D52B12E6E9228BF0482C174747EA40E558D88CACA9F143A496236C120DE560FDD7B2A1175407D333103C025E8EAE424AC5BADA1A354428B451F594BE605000CA3B2773B2D91FEDBBAF2E58DE2F03461A9F8D90B84209F66D7203E92774AB5B83809BAFFCC8D32ACB1B0AD4D1C2D37CED00654FB7517A56FE35CD364967D541D336C0E2CF96303B3BD1FBBC12D5DCF3D8F343BD2DD0EA3B5FA0062DC9A426A36DD27FD9C8E76DBB7FFE97BA3B27BDE53B017D7C9DFA6A4354FC95F3DAD99172290423EB507B574D6CEAF38A4AE227FD44541A29560020EA2EC10C5213E1EBC7A686AFA770A09C28E0D1EFB46AD409D2C58B8A4EF2E740957BCE903FF63D0B5E6BCF7E8C2B8F85DB93FC96E78BE2002603FF9AC2ACF368269FE034D6A5F8BFC6249FD140E85E9435C8B03D9390F1D0FD44519C21D174F7901BAB95DE7C91A1BFB9EB1079C584A71392A72768B2C2748145835AE7A5509B3C59539F46B5E0DF6955B84687C454679C9D87198605D78D1B551F502A5ACD915F55C919763C2F1206A0ADD5F651031A76EA0D102D064CBE24F919D3CF333D1EA0E89C1CA9E7D115802FC38757A50C97849D41E03C5F1EB8485CDDB55464E44172B0DE3D4F94A5AD01ECE4D70E17181225418F4205ABA526FA1D8C493749243D626C1D6A3170AD9D7DA551F3642229428803E81782D49355CB6CCEE08AB7583CA3A73354F2942BC6225E07788E542B1E2A9B46724D8A8EE0BE6F79CCDF78B10FC78FF3E15FFBC2EF1FFF4F53A328C7850BC0DAF358823712FF3609B981377D64FD274C578FFE92A6AE74F6F6A37907BD6B71FDA8C492C15BF9F820360709CFE9C5DFB03196120DF85D7D730DBA4CDFC36F2760227A5EAA27AA255935616A3833609B890B2445FC82D7A70B798DCB71E7C5B868AF06577FDDD034B63FF8A5CEEE3A1BBCD4CC61AF7A21D812E5987B35EF262FCCDFE85FF02E21E95C20C66357D8C813C672AFF03D9B4023E94E4397596BEA7F642D14DDA48D455EE0EBC7979D7AAD8994DC9A0DB84F1EE247C71E3D3A5626455CABC9C91BBAA98E2DD96EDA9EC0CDE2130236907A41D227CC515E1B139D278BC9F1DC231BDBDD76C400564D3200B2F61980B679BE9D8BF9D37BA5C0CB681E5054431A61CBF3979EDF86656B
-20210512215034 2 6 100 7679 5 FAFDEC5D38380C2FFBEDCDA1262E4817F274B6544BB0A1904CF571375327EDF0105410A3F584F9A15982937EB5A64E30206DA90D66B89BF48EC74E7F40FB957673193875E02B88101A4FE81C47EBCB8451386AAEC6EA69F967310C79D8CC71BE07F669C3094E5F2CD314FF0FDD08256EFDFC03EF43C4704684CEEBBBFC48D48C920B2AC3CC15010D7EE49049D52B12E6E9228BF0482C174747EA40E558D88CACA9F143A496236C120DE560FDD7B2A1175407D333103C025E8EAE424AC5BADA1A354428B451F594BE605000CA3B2773B2D91FEDBBAF2E58DE2F03461A9F8D90B84209F66D7203E92774AB5B83809BAFFCC8D32ACB1B0AD4D1C2D37CED00654FB7517A56FE35CD364967D541D336C0E2CF96303B3BD1FBBC12D5DCF3D8F343BD2DD0EA3B5FA0062DC9A426A36DD27FD9C8E76DBB7FFE97BA3B27BDE53B017D7C9DFA6A4354FC95F3DAD99172290423EB507B574D6CEAF38A4AE227FD44541A29560020EA2EC10C5213E1EBC7A686AFA770A09C28E0D1EFB46AD409D2C58B8A4EF2E740957BCE903FF63D0B5E6BCF7E8C2B8F85DB93FC96E78BE2002603FF9AC2ACF368269FE034D6A5F8BFC6249FD140E85E9435C8B03D9390F1D0FD44519C21D174F7901BAB95DE7C91A1BFB9EB1079C584A71392A72768B2C2748145835AE7A5509B3C59539F46B5E0DF6955B84687C454679C9D87198605D78D1B551F502A5ACD915F55C919763C2F1206A0ADD5F651031A76EA0D102D064CBE24F919D3CF333D1EA0E89C1CA9E7D115802FC38757A50C97849D41E03C5F1EB8485CDDB55464E44172B0DE3D4F94A5AD01ECE4D70E17181225418F4205ABA526FA1D8C493749243D626C1D6A3170AD9D7DA551F3642229428803E81782D49355CB6CCEE08AB7583CA3A73354F2942BC6225E07788E542B1E2A9B46724D8A8EE0BE6F79CCDF78B10FC78FF3E15FFBC2EF1FFF4F53A328C7850BC0DAF358823712FF3609B981377D64FD274C578FFE92A6AE74F6F6A37907BD6B71FDA8C492C15BF9F820360709CFE9C5DFB03196120DF85D7D730DBA4CDFC36F2760227A5EAA27AA255935616A3833609B890B2445FC82D7A70B798DCB71E7C5B868AF06577FDDD034B63FF8A5CEEE3A1BBCD4CC61AF7A21D812E5987B35EF262FCCDFE85FF02E21E95C20C66357D8C813C672AFF03D9B4023E94E4397596BEA7F642D14DDA48D455EE0EBC7979D7AAD8994DC9A0DB84F1EE247C71E3D3A5626455CABC9C91BBAA98E2DD96EDA9EC0CDE2130236907A41D227CC515E1B139D278BC9F1DC231BDBDD76C400564D3200B2F61980B679BE9D8BF9D37BA5C0CB681E5054431A61CBF3979EE4F3F8BF
-20210512215957 2 6 100 7679 2 FAFDEC5D38380C2FFBEDCDA1262E4817F274B6544BB0A1904CF571375327EDF0105410A3F584F9A15982937EB5A64E30206DA90D66B89BF48EC74E7F40FB957673193875E02B88101A4FE81C47EBCB8451386AAEC6EA69F967310C79D8CC71BE07F669C3094E5F2CD314FF0FDD08256EFDFC03EF43C4704684CEEBBBFC48D48C920B2AC3CC15010D7EE49049D52B12E6E9228BF0482C174747EA40E558D88CACA9F143A496236C120DE560FDD7B2A1175407D333103C025E8EAE424AC5BADA1A354428B451F594BE605000CA3B2773B2D91FEDBBAF2E58DE2F03461A9F8D90B84209F66D7203E92774AB5B83809BAFFCC8D32ACB1B0AD4D1C2D37CED00654FB7517A56FE35CD364967D541D336C0E2CF96303B3BD1FBBC12D5DCF3D8F343BD2DD0EA3B5FA0062DC9A426A36DD27FD9C8E76DBB7FFE97BA3B27BDE53B017D7C9DFA6A4354FC95F3DAD99172290423EB507B574D6CEAF38A4AE227FD44541A29560020EA2EC10C5213E1EBC7A686AFA770A09C28E0D1EFB46AD409D2C58B8A4EF2E740957BCE903FF63D0B5E6BCF7E8C2B8F85DB93FC96E78BE2002603FF9AC2ACF368269FE034D6A5F8BFC6249FD140E85E9435C8B03D9390F1D0FD44519C21D174F7901BAB95DE7C91A1BFB9EB1079C584A71392A72768B2C2748145835AE7A5509B3C59539F46B5E0DF6955B84687C454679C9D87198605D78D1B551F502A5ACD915F55C919763C2F1206A0ADD5F651031A76EA0D102D064CBE24F919D3CF333D1EA0E89C1CA9E7D115802FC38757A50C97849D41E03C5F1EB8485CDDB55464E44172B0DE3D4F94A5AD01ECE4D70E17181225418F4205ABA526FA1D8C493749243D626C1D6A3170AD9D7DA551F3642229428803E81782D49355CB6CCEE08AB7583CA3A73354F2942BC6225E07788E542B1E2A9B46724D8A8EE0BE6F79CCDF78B10FC78FF3E15FFBC2EF1FFF4F53A328C7850BC0DAF358823712FF3609B981377D64FD274C578FFE92A6AE74F6F6A37907BD6B71FDA8C492C15BF9F820360709CFE9C5DFB03196120DF85D7D730DBA4CDFC36F2760227A5EAA27AA255935616A3833609B890B2445FC82D7A70B798DCB71E7C5B868AF06577FDDD034B63FF8A5CEEE3A1BBCD4CC61AF7A21D812E5987B35EF262FCCDFE85FF02E21E95C20C66357D8C813C672AFF03D9B4023E94E4397596BEA7F642D14DDA48D455EE0EBC7979D7AAD8994DC9A0DB84F1EE247C71E3D3A5626455CABC9C91BBAA98E2DD96EDA9EC0CDE2130236907A41D227CC515E1B139D278BC9F1DC231BDBDD76C400564D3200B2F61980B679BE9D8BF9D37BA5C0CB681E5054431A61CBF3979EE5AFAD1B
-20210512232130 2 6 100 7679 2 FAFDEC5D38380C2FFBEDCDA1262E4817F274B6544BB0A1904CF571375327EDF0105410A3F584F9A15982937EB5A64E30206DA90D66B89BF48EC74E7F40FB957673193875E02B88101A4FE81C47EBCB8451386AAEC6EA69F967310C79D8CC71BE07F669C3094E5F2CD314FF0FDD08256EFDFC03EF43C4704684CEEBBBFC48D48C920B2AC3CC15010D7EE49049D52B12E6E9228BF0482C174747EA40E558D88CACA9F143A496236C120DE560FDD7B2A1175407D333103C025E8EAE424AC5BADA1A354428B451F594BE605000CA3B2773B2D91FEDBBAF2E58DE2F03461A9F8D90B84209F66D7203E92774AB5B83809BAFFCC8D32ACB1B0AD4D1C2D37CED00654FB7517A56FE35CD364967D541D336C0E2CF96303B3BD1FBBC12D5DCF3D8F343BD2DD0EA3B5FA0062DC9A426A36DD27FD9C8E76DBB7FFE97BA3B27BDE53B017D7C9DFA6A4354FC95F3DAD99172290423EB507B574D6CEAF38A4AE227FD44541A29560020EA2EC10C5213E1EBC7A686AFA770A09C28E0D1EFB46AD409D2C58B8A4EF2E740957BCE903FF63D0B5E6BCF7E8C2B8F85DB93FC96E78BE2002603FF9AC2ACF368269FE034D6A5F8BFC6249FD140E85E9435C8B03D9390F1D0FD44519C21D174F7901BAB95DE7C91A1BFB9EB1079C584A71392A72768B2C2748145835AE7A5509B3C59539F46B5E0DF6955B84687C454679C9D87198605D78D1B551F502A5ACD915F55C919763C2F1206A0ADD5F651031A76EA0D102D064CBE24F919D3CF333D1EA0E89C1CA9E7D115802FC38757A50C97849D41E03C5F1EB8485CDDB55464E44172B0DE3D4F94A5AD01ECE4D70E17181225418F4205ABA526FA1D8C493749243D626C1D6A3170AD9D7DA551F3642229428803E81782D49355CB6CCEE08AB7583CA3A73354F2942BC6225E07788E542B1E2A9B46724D8A8EE0BE6F79CCDF78B10FC78FF3E15FFBC2EF1FFF4F53A328C7850BC0DAF358823712FF3609B981377D64FD274C578FFE92A6AE74F6F6A37907BD6B71FDA8C492C15BF9F820360709CFE9C5DFB03196120DF85D7D730DBA4CDFC36F2760227A5EAA27AA255935616A3833609B890B2445FC82D7A70B798DCB71E7C5B868AF06577FDDD034B63FF8A5CEEE3A1BBCD4CC61AF7A21D812E5987B35EF262FCCDFE85FF02E21E95C20C66357D8C813C672AFF03D9B4023E94E4397596BEA7F642D14DDA48D455EE0EBC7979D7AAD8994DC9A0DB84F1EE247C71E3D3A5626455CABC9C91BBAA98E2DD96EDA9EC0CDE2130236907A41D227CC515E1B139D278BC9F1DC231BDBDD76C400564D3200B2F61980B679BE9D8BF9D37BA5C0CB681E5054431A61CBF3979EEC537383
-20210513002903 2 6 100 7679 2 FAFDEC5D38380C2FFBEDCDA1262E4817F274B6544BB0A1904CF571375327EDF0105410A3F584F9A15982937EB5A64E30206DA90D66B89BF48EC74E7F40FB957673193875E02B88101A4FE81C47EBCB8451386AAEC6EA69F967310C79D8CC71BE07F669C3094E5F2CD314FF0FDD08256EFDFC03EF43C4704684CEEBBBFC48D48C920B2AC3CC15010D7EE49049D52B12E6E9228BF0482C174747EA40E558D88CACA9F143A496236C120DE560FDD7B2A1175407D333103C025E8EAE424AC5BADA1A354428B451F594BE605000CA3B2773B2D91FEDBBAF2E58DE2F03461A9F8D90B84209F66D7203E92774AB5B83809BAFFCC8D32ACB1B0AD4D1C2D37CED00654FB7517A56FE35CD364967D541D336C0E2CF96303B3BD1FBBC12D5DCF3D8F343BD2DD0EA3B5FA0062DC9A426A36DD27FD9C8E76DBB7FFE97BA3B27BDE53B017D7C9DFA6A4354FC95F3DAD99172290423EB507B574D6CEAF38A4AE227FD44541A29560020EA2EC10C5213E1EBC7A686AFA770A09C28E0D1EFB46AD409D2C58B8A4EF2E740957BCE903FF63D0B5E6BCF7E8C2B8F85DB93FC96E78BE2002603FF9AC2ACF368269FE034D6A5F8BFC6249FD140E85E9435C8B03D9390F1D0FD44519C21D174F7901BAB95DE7C91A1BFB9EB1079C584A71392A72768B2C2748145835AE7A5509B3C59539F46B5E0DF6955B84687C454679C9D87198605D78D1B551F502A5ACD915F55C919763C2F1206A0ADD5F651031A76EA0D102D064CBE24F919D3CF333D1EA0E89C1CA9E7D115802FC38757A50C97849D41E03C5F1EB8485CDDB55464E44172B0DE3D4F94A5AD01ECE4D70E17181225418F4205ABA526FA1D8C493749243D626C1D6A3170AD9D7DA551F3642229428803E81782D49355CB6CCEE08AB7583CA3A73354F2942BC6225E07788E542B1E2A9B46724D8A8EE0BE6F79CCDF78B10FC78FF3E15FFBC2EF1FFF4F53A328C7850BC0DAF358823712FF3609B981377D64FD274C578FFE92A6AE74F6F6A37907BD6B71FDA8C492C15BF9F820360709CFE9C5DFB03196120DF85D7D730DBA4CDFC36F2760227A5EAA27AA255935616A3833609B890B2445FC82D7A70B798DCB71E7C5B868AF06577FDDD034B63FF8A5CEEE3A1BBCD4CC61AF7A21D812E5987B35EF262FCCDFE85FF02E21E95C20C66357D8C813C672AFF03D9B4023E94E4397596BEA7F642D14DDA48D455EE0EBC7979D7AAD8994DC9A0DB84F1EE247C71E3D3A5626455CABC9C91BBAA98E2DD96EDA9EC0CDE2130236907A41D227CC515E1B139D278BC9F1DC231BDBDD76C400564D3200B2F61980B679BE9D8BF9D37BA5C0CB681E5054431A61CBF3979EF1CC9B5B
-20210513010529 2 6 100 7679 5 FAFDEC5D38380C2FFBEDCDA1262E4817F274B6544BB0A1904CF571375327EDF0105410A3F584F9A15982937EB5A64E30206DA90D66B89BF48EC74E7F40FB957673193875E02B88101A4FE81C47EBCB8451386AAEC6EA69F967310C79D8CC71BE07F669C3094E5F2CD314FF0FDD08256EFDFC03EF43C4704684CEEBBBFC48D48C920B2AC3CC15010D7EE49049D52B12E6E9228BF0482C174747EA40E558D88CACA9F143A496236C120DE560FDD7B2A1175407D333103C025E8EAE424AC5BADA1A354428B451F594BE605000CA3B2773B2D91FEDBBAF2E58DE2F03461A9F8D90B84209F66D7203E92774AB5B83809BAFFCC8D32ACB1B0AD4D1C2D37CED00654FB7517A56FE35CD364967D541D336C0E2CF96303B3BD1FBBC12D5DCF3D8F343BD2DD0EA3B5FA0062DC9A426A36DD27FD9C8E76DBB7FFE97BA3B27BDE53B017D7C9DFA6A4354FC95F3DAD99172290423EB507B574D6CEAF38A4AE227FD44541A29560020EA2EC10C5213E1EBC7A686AFA770A09C28E0D1EFB46AD409D2C58B8A4EF2E740957BCE903FF63D0B5E6BCF7E8C2B8F85DB93FC96E78BE2002603FF9AC2ACF368269FE034D6A5F8BFC6249FD140E85E9435C8B03D9390F1D0FD44519C21D174F7901BAB95DE7C91A1BFB9EB1079C584A71392A72768B2C2748145835AE7A5509B3C59539F46B5E0DF6955B84687C454679C9D87198605D78D1B551F502A5ACD915F55C919763C2F1206A0ADD5F651031A76EA0D102D064CBE24F919D3CF333D1EA0E89C1CA9E7D115802FC38757A50C97849D41E03C5F1EB8485CDDB55464E44172B0DE3D4F94A5AD01ECE4D70E17181225418F4205ABA526FA1D8C493749243D626C1D6A3170AD9D7DA551F3642229428803E81782D49355CB6CCEE08AB7583CA3A73354F2942BC6225E07788E542B1E2A9B46724D8A8EE0BE6F79CCDF78B10FC78FF3E15FFBC2EF1FFF4F53A328C7850BC0DAF358823712FF3609B981377D64FD274C578FFE92A6AE74F6F6A37907BD6B71FDA8C492C15BF9F820360709CFE9C5DFB03196120DF85D7D730DBA4CDFC36F2760227A5EAA27AA255935616A3833609B890B2445FC82D7A70B798DCB71E7C5B868AF06577FDDD034B63FF8A5CEEE3A1BBCD4CC61AF7A21D812E5987B35EF262FCCDFE85FF02E21E95C20C66357D8C813C672AFF03D9B4023E94E4397596BEA7F642D14DDA48D455EE0EBC7979D7AAD8994DC9A0DB84F1EE247C71E3D3A5626455CABC9C91BBAA98E2DD96EDA9EC0CDE2130236907A41D227CC515E1B139D278BC9F1DC231BDBDD76C400564D3200B2F61980B679BE9D8BF9D37BA5C0CB681E5054431A61CBF3979EF4AF06D7
-20210513024603 2 6 100 7679 2 FAFDEC5D38380C2FFBEDCDA1262E4817F274B6544BB0A1904CF571375327EDF0105410A3F584F9A15982937EB5A64E30206DA90D66B89BF48EC74E7F40FB957673193875E02B88101A4FE81C47EBCB8451386AAEC6EA69F967310C79D8CC71BE07F669C3094E5F2CD314FF0FDD08256EFDFC03EF43C4704684CEEBBBFC48D48C920B2AC3CC15010D7EE49049D52B12E6E9228BF0482C174747EA40E558D88CACA9F143A496236C120DE560FDD7B2A1175407D333103C025E8EAE424AC5BADA1A354428B451F594BE605000CA3B2773B2D91FEDBBAF2E58DE2F03461A9F8D90B84209F66D7203E92774AB5B83809BAFFCC8D32ACB1B0AD4D1C2D37CED00654FB7517A56FE35CD364967D541D336C0E2CF96303B3BD1FBBC12D5DCF3D8F343BD2DD0EA3B5FA0062DC9A426A36DD27FD9C8E76DBB7FFE97BA3B27BDE53B017D7C9DFA6A4354FC95F3DAD99172290423EB507B574D6CEAF38A4AE227FD44541A29560020EA2EC10C5213E1EBC7A686AFA770A09C28E0D1EFB46AD409D2C58B8A4EF2E740957BCE903FF63D0B5E6BCF7E8C2B8F85DB93FC96E78BE2002603FF9AC2ACF368269FE034D6A5F8BFC6249FD140E85E9435C8B03D9390F1D0FD44519C21D174F7901BAB95DE7C91A1BFB9EB1079C584A71392A72768B2C2748145835AE7A5509B3C59539F46B5E0DF6955B84687C454679C9D87198605D78D1B551F502A5ACD915F55C919763C2F1206A0ADD5F651031A76EA0D102D064CBE24F919D3CF333D1EA0E89C1CA9E7D115802FC38757A50C97849D41E03C5F1EB8485CDDB55464E44172B0DE3D4F94A5AD01ECE4D70E17181225418F4205ABA526FA1D8C493749243D626C1D6A3170AD9D7DA551F3642229428803E81782D49355CB6CCEE08AB7583CA3A73354F2942BC6225E07788E542B1E2A9B46724D8A8EE0BE6F79CCDF78B10FC78FF3E15FFBC2EF1FFF4F53A328C7850BC0DAF358823712FF3609B981377D64FD274C578FFE92A6AE74F6F6A37907BD6B71FDA8C492C15BF9F820360709CFE9C5DFB03196120DF85D7D730DBA4CDFC36F2760227A5EAA27AA255935616A3833609B890B2445FC82D7A70B798DCB71E7C5B868AF06577FDDD034B63FF8A5CEEE3A1BBCD4CC61AF7A21D812E5987B35EF262FCCDFE85FF02E21E95C20C66357D8C813C672AFF03D9B4023E94E4397596BEA7F642D14DDA48D455EE0EBC7979D7AAD8994DC9A0DB84F1EE247C71E3D3A5626455CABC9C91BBAA98E2DD96EDA9EC0CDE2130236907A41D227CC515E1B139D278BC9F1DC231BDBDD76C400564D3200B2F61980B679BE9D8BF9D37BA5C0CB681E5054431A61CBF3979EFC954793
-20210513024649 2 6 100 7679 2 FAFDEC5D38380C2FFBEDCDA1262E4817F274B6544BB0A1904CF571375327EDF0105410A3F584F9A15982937EB5A64E30206DA90D66B89BF48EC74E7F40FB957673193875E02B88101A4FE81C47EBCB8451386AAEC6EA69F967310C79D8CC71BE07F669C3094E5F2CD314FF0FDD08256EFDFC03EF43C4704684CEEBBBFC48D48C920B2AC3CC15010D7EE49049D52B12E6E9228BF0482C174747EA40E558D88CACA9F143A496236C120DE560FDD7B2A1175407D333103C025E8EAE424AC5BADA1A354428B451F594BE605000CA3B2773B2D91FEDBBAF2E58DE2F03461A9F8D90B84209F66D7203E92774AB5B83809BAFFCC8D32ACB1B0AD4D1C2D37CED00654FB7517A56FE35CD364967D541D336C0E2CF96303B3BD1FBBC12D5DCF3D8F343BD2DD0EA3B5FA0062DC9A426A36DD27FD9C8E76DBB7FFE97BA3B27BDE53B017D7C9DFA6A4354FC95F3DAD99172290423EB507B574D6CEAF38A4AE227FD44541A29560020EA2EC10C5213E1EBC7A686AFA770A09C28E0D1EFB46AD409D2C58B8A4EF2E740957BCE903FF63D0B5E6BCF7E8C2B8F85DB93FC96E78BE2002603FF9AC2ACF368269FE034D6A5F8BFC6249FD140E85E9435C8B03D9390F1D0FD44519C21D174F7901BAB95DE7C91A1BFB9EB1079C584A71392A72768B2C2748145835AE7A5509B3C59539F46B5E0DF6955B84687C454679C9D87198605D78D1B551F502A5ACD915F55C919763C2F1206A0ADD5F651031A76EA0D102D064CBE24F919D3CF333D1EA0E89C1CA9E7D115802FC38757A50C97849D41E03C5F1EB8485CDDB55464E44172B0DE3D4F94A5AD01ECE4D70E17181225418F4205ABA526FA1D8C493749243D626C1D6A3170AD9D7DA551F3642229428803E81782D49355CB6CCEE08AB7583CA3A73354F2942BC6225E07788E542B1E2A9B46724D8A8EE0BE6F79CCDF78B10FC78FF3E15FFBC2EF1FFF4F53A328C7850BC0DAF358823712FF3609B981377D64FD274C578FFE92A6AE74F6F6A37907BD6B71FDA8C492C15BF9F820360709CFE9C5DFB03196120DF85D7D730DBA4CDFC36F2760227A5EAA27AA255935616A3833609B890B2445FC82D7A70B798DCB71E7C5B868AF06577FDDD034B63FF8A5CEEE3A1BBCD4CC61AF7A21D812E5987B35EF262FCCDFE85FF02E21E95C20C66357D8C813C672AFF03D9B4023E94E4397596BEA7F642D14DDA48D455EE0EBC7979D7AAD8994DC9A0DB84F1EE247C71E3D3A5626455CABC9C91BBAA98E2DD96EDA9EC0CDE2130236907A41D227CC515E1B139D278BC9F1DC231BDBDD76C400564D3200B2F61980B679BE9D8BF9D37BA5C0CB681E5054431A61CBF3979EFC9C854B
-20210513034549 2 6 100 7679 2 FAFDEC5D38380C2FFBEDCDA1262E4817F274B6544BB0A1904CF571375327EDF0105410A3F584F9A15982937EB5A64E30206DA90D66B89BF48EC74E7F40FB957673193875E02B88101A4FE81C47EBCB8451386AAEC6EA69F967310C79D8CC71BE07F669C3094E5F2CD314FF0FDD08256EFDFC03EF43C4704684CEEBBBFC48D48C920B2AC3CC15010D7EE49049D52B12E6E9228BF0482C174747EA40E558D88CACA9F143A496236C120DE560FDD7B2A1175407D333103C025E8EAE424AC5BADA1A354428B451F594BE605000CA3B2773B2D91FEDBBAF2E58DE2F03461A9F8D90B84209F66D7203E92774AB5B83809BAFFCC8D32ACB1B0AD4D1C2D37CED00654FB7517A56FE35CD364967D541D336C0E2CF96303B3BD1FBBC12D5DCF3D8F343BD2DD0EA3B5FA0062DC9A426A36DD27FD9C8E76DBB7FFE97BA3B27BDE53B017D7C9DFA6A4354FC95F3DAD99172290423EB507B574D6CEAF38A4AE227FD44541A29560020EA2EC10C5213E1EBC7A686AFA770A09C28E0D1EFB46AD409D2C58B8A4EF2E740957BCE903FF63D0B5E6BCF7E8C2B8F85DB93FC96E78BE2002603FF9AC2ACF368269FE034D6A5F8BFC6249FD140E85E9435C8B03D9390F1D0FD44519C21D174F7901BAB95DE7C91A1BFB9EB1079C584A71392A72768B2C2748145835AE7A5509B3C59539F46B5E0DF6955B84687C454679C9D87198605D78D1B551F502A5ACD915F55C919763C2F1206A0ADD5F651031A76EA0D102D064CBE24F919D3CF333D1EA0E89C1CA9E7D115802FC38757A50C97849D41E03C5F1EB8485CDDB55464E44172B0DE3D4F94A5AD01ECE4D70E17181225418F4205ABA526FA1D8C493749243D626C1D6A3170AD9D7DA551F3642229428803E81782D49355CB6CCEE08AB7583CA3A73354F2942BC6225E07788E542B1E2A9B46724D8A8EE0BE6F79CCDF78B10FC78FF3E15FFBC2EF1FFF4F53A328C7850BC0DAF358823712FF3609B981377D64FD274C578FFE92A6AE74F6F6A37907BD6B71FDA8C492C15BF9F820360709CFE9C5DFB03196120DF85D7D730DBA4CDFC36F2760227A5EAA27AA255935616A3833609B890B2445FC82D7A70B798DCB71E7C5B868AF06577FDDD034B63FF8A5CEEE3A1BBCD4CC61AF7A21D812E5987B35EF262FCCDFE85FF02E21E95C20C66357D8C813C672AFF03D9B4023E94E4397596BEA7F642D14DDA48D455EE0EBC7979D7AAD8994DC9A0DB84F1EE247C71E3D3A5626455CABC9C91BBAA98E2DD96EDA9EC0CDE2130236907A41D227CC515E1B139D278BC9F1DC231BDBDD76C400564D3200B2F61980B679BE9D8BF9D37BA5C0CB681E5054431A61CBF3979F013F0FB3
-20210513035644 2 6 100 7679 2 FAFDEC5D38380C2FFBEDCDA1262E4817F274B6544BB0A1904CF571375327EDF0105410A3F584F9A15982937EB5A64E30206DA90D66B89BF48EC74E7F40FB957673193875E02B88101A4FE81C47EBCB8451386AAEC6EA69F967310C79D8CC71BE07F669C3094E5F2CD314FF0FDD08256EFDFC03EF43C4704684CEEBBBFC48D48C920B2AC3CC15010D7EE49049D52B12E6E9228BF0482C174747EA40E558D88CACA9F143A496236C120DE560FDD7B2A1175407D333103C025E8EAE424AC5BADA1A354428B451F594BE605000CA3B2773B2D91FEDBBAF2E58DE2F03461A9F8D90B84209F66D7203E92774AB5B83809BAFFCC8D32ACB1B0AD4D1C2D37CED00654FB7517A56FE35CD364967D541D336C0E2CF96303B3BD1FBBC12D5DCF3D8F343BD2DD0EA3B5FA0062DC9A426A36DD27FD9C8E76DBB7FFE97BA3B27BDE53B017D7C9DFA6A4354FC95F3DAD99172290423EB507B574D6CEAF38A4AE227FD44541A29560020EA2EC10C5213E1EBC7A686AFA770A09C28E0D1EFB46AD409D2C58B8A4EF2E740957BCE903FF63D0B5E6BCF7E8C2B8F85DB93FC96E78BE2002603FF9AC2ACF368269FE034D6A5F8BFC6249FD140E85E9435C8B03D9390F1D0FD44519C21D174F7901BAB95DE7C91A1BFB9EB1079C584A71392A72768B2C2748145835AE7A5509B3C59539F46B5E0DF6955B84687C454679C9D87198605D78D1B551F502A5ACD915F55C919763C2F1206A0ADD5F651031A76EA0D102D064CBE24F919D3CF333D1EA0E89C1CA9E7D115802FC38757A50C97849D41E03C5F1EB8485CDDB55464E44172B0DE3D4F94A5AD01ECE4D70E17181225418F4205ABA526FA1D8C493749243D626C1D6A3170AD9D7DA551F3642229428803E81782D49355CB6CCEE08AB7583CA3A73354F2942BC6225E07788E542B1E2A9B46724D8A8EE0BE6F79CCDF78B10FC78FF3E15FFBC2EF1FFF4F53A328C7850BC0DAF358823712FF3609B981377D64FD274C578FFE92A6AE74F6F6A37907BD6B71FDA8C492C15BF9F820360709CFE9C5DFB03196120DF85D7D730DBA4CDFC36F2760227A5EAA27AA255935616A3833609B890B2445FC82D7A70B798DCB71E7C5B868AF06577FDDD034B63FF8A5CEEE3A1BBCD4CC61AF7A21D812E5987B35EF262FCCDFE85FF02E21E95C20C66357D8C813C672AFF03D9B4023E94E4397596BEA7F642D14DDA48D455EE0EBC7979D7AAD8994DC9A0DB84F1EE247C71E3D3A5626455CABC9C91BBAA98E2DD96EDA9EC0CDE2130236907A41D227CC515E1B139D278BC9F1DC231BDBDD76C400564D3200B2F61980B679BE9D8BF9D37BA5C0CB681E5054431A61CBF3979F02144FBB
-20210513040521 2 6 100 7679 2 FAFDEC5D38380C2FFBEDCDA1262E4817F274B6544BB0A1904CF571375327EDF0105410A3F584F9A15982937EB5A64E30206DA90D66B89BF48EC74E7F40FB957673193875E02B88101A4FE81C47EBCB8451386AAEC6EA69F967310C79D8CC71BE07F669C3094E5F2CD314FF0FDD08256EFDFC03EF43C4704684CEEBBBFC48D48C920B2AC3CC15010D7EE49049D52B12E6E9228BF0482C174747EA40E558D88CACA9F143A496236C120DE560FDD7B2A1175407D333103C025E8EAE424AC5BADA1A354428B451F594BE605000CA3B2773B2D91FEDBBAF2E58DE2F03461A9F8D90B84209F66D7203E92774AB5B83809BAFFCC8D32ACB1B0AD4D1C2D37CED00654FB7517A56FE35CD364967D541D336C0E2CF96303B3BD1FBBC12D5DCF3D8F343BD2DD0EA3B5FA0062DC9A426A36DD27FD9C8E76DBB7FFE97BA3B27BDE53B017D7C9DFA6A4354FC95F3DAD99172290423EB507B574D6CEAF38A4AE227FD44541A29560020EA2EC10C5213E1EBC7A686AFA770A09C28E0D1EFB46AD409D2C58B8A4EF2E740957BCE903FF63D0B5E6BCF7E8C2B8F85DB93FC96E78BE2002603FF9AC2ACF368269FE034D6A5F8BFC6249FD140E85E9435C8B03D9390F1D0FD44519C21D174F7901BAB95DE7C91A1BFB9EB1079C584A71392A72768B2C2748145835AE7A5509B3C59539F46B5E0DF6955B84687C454679C9D87198605D78D1B551F502A5ACD915F55C919763C2F1206A0ADD5F651031A76EA0D102D064CBE24F919D3CF333D1EA0E89C1CA9E7D115802FC38757A50C97849D41E03C5F1EB8485CDDB55464E44172B0DE3D4F94A5AD01ECE4D70E17181225418F4205ABA526FA1D8C493749243D626C1D6A3170AD9D7DA551F3642229428803E81782D49355CB6CCEE08AB7583CA3A73354F2942BC6225E07788E542B1E2A9B46724D8A8EE0BE6F79CCDF78B10FC78FF3E15FFBC2EF1FFF4F53A328C7850BC0DAF358823712FF3609B981377D64FD274C578FFE92A6AE74F6F6A37907BD6B71FDA8C492C15BF9F820360709CFE9C5DFB03196120DF85D7D730DBA4CDFC36F2760227A5EAA27AA255935616A3833609B890B2445FC82D7A70B798DCB71E7C5B868AF06577FDDD034B63FF8A5CEEE3A1BBCD4CC61AF7A21D812E5987B35EF262FCCDFE85FF02E21E95C20C66357D8C813C672AFF03D9B4023E94E4397596BEA7F642D14DDA48D455EE0EBC7979D7AAD8994DC9A0DB84F1EE247C71E3D3A5626455CABC9C91BBAA98E2DD96EDA9EC0CDE2130236907A41D227CC515E1B139D278BC9F1DC231BDBDD76C400564D3200B2F61980B679BE9D8BF9D37BA5C0CB681E5054431A61CBF3979F02B7D0AB
-20210513041837 2 6 100 7679 2 FAFDEC5D38380C2FFBEDCDA1262E4817F274B6544BB0A1904CF571375327EDF0105410A3F584F9A15982937EB5A64E30206DA90D66B89BF48EC74E7F40FB957673193875E02B88101A4FE81C47EBCB8451386AAEC6EA69F967310C79D8CC71BE07F669C3094E5F2CD314FF0FDD08256EFDFC03EF43C4704684CEEBBBFC48D48C920B2AC3CC15010D7EE49049D52B12E6E9228BF0482C174747EA40E558D88CACA9F143A496236C120DE560FDD7B2A1175407D333103C025E8EAE424AC5BADA1A354428B451F594BE605000CA3B2773B2D91FEDBBAF2E58DE2F03461A9F8D90B84209F66D7203E92774AB5B83809BAFFCC8D32ACB1B0AD4D1C2D37CED00654FB7517A56FE35CD364967D541D336C0E2CF96303B3BD1FBBC12D5DCF3D8F343BD2DD0EA3B5FA0062DC9A426A36DD27FD9C8E76DBB7FFE97BA3B27BDE53B017D7C9DFA6A4354FC95F3DAD99172290423EB507B574D6CEAF38A4AE227FD44541A29560020EA2EC10C5213E1EBC7A686AFA770A09C28E0D1EFB46AD409D2C58B8A4EF2E740957BCE903FF63D0B5E6BCF7E8C2B8F85DB93FC96E78BE2002603FF9AC2ACF368269FE034D6A5F8BFC6249FD140E85E9435C8B03D9390F1D0FD44519C21D174F7901BAB95DE7C91A1BFB9EB1079C584A71392A72768B2C2748145835AE7A5509B3C59539F46B5E0DF6955B84687C454679C9D87198605D78D1B551F502A5ACD915F55C919763C2F1206A0ADD5F651031A76EA0D102D064CBE24F919D3CF333D1EA0E89C1CA9E7D115802FC38757A50C97849D41E03C5F1EB8485CDDB55464E44172B0DE3D4F94A5AD01ECE4D70E17181225418F4205ABA526FA1D8C493749243D626C1D6A3170AD9D7DA551F3642229428803E81782D49355CB6CCEE08AB7583CA3A73354F2942BC6225E07788E542B1E2A9B46724D8A8EE0BE6F79CCDF78B10FC78FF3E15FFBC2EF1FFF4F53A328C7850BC0DAF358823712FF3609B981377D64FD274C578FFE92A6AE74F6F6A37907BD6B71FDA8C492C15BF9F820360709CFE9C5DFB03196120DF85D7D730DBA4CDFC36F2760227A5EAA27AA255935616A3833609B890B2445FC82D7A70B798DCB71E7C5B868AF06577FDDD034B63FF8A5CEEE3A1BBCD4CC61AF7A21D812E5987B35EF262FCCDFE85FF02E21E95C20C66357D8C813C672AFF03D9B4023E94E4397596BEA7F642D14DDA48D455EE0EBC7979D7AAD8994DC9A0DB84F1EE247C71E3D3A5626455CABC9C91BBAA98E2DD96EDA9EC0CDE2130236907A41D227CC515E1B139D278BC9F1DC231BDBDD76C400564D3200B2F61980B679BE9D8BF9D37BA5C0CB681E5054431A61CBF3979F03B639A3
-20210513051930 2 6 100 7679 2 FAFDEC5D38380C2FFBEDCDA1262E4817F274B6544BB0A1904CF571375327EDF0105410A3F584F9A15982937EB5A64E30206DA90D66B89BF48EC74E7F40FB957673193875E02B88101A4FE81C47EBCB8451386AAEC6EA69F967310C79D8CC71BE07F669C3094E5F2CD314FF0FDD08256EFDFC03EF43C4704684CEEBBBFC48D48C920B2AC3CC15010D7EE49049D52B12E6E9228BF0482C174747EA40E558D88CACA9F143A496236C120DE560FDD7B2A1175407D333103C025E8EAE424AC5BADA1A354428B451F594BE605000CA3B2773B2D91FEDBBAF2E58DE2F03461A9F8D90B84209F66D7203E92774AB5B83809BAFFCC8D32ACB1B0AD4D1C2D37CED00654FB7517A56FE35CD364967D541D336C0E2CF96303B3BD1FBBC12D5DCF3D8F343BD2DD0EA3B5FA0062DC9A426A36DD27FD9C8E76DBB7FFE97BA3B27BDE53B017D7C9DFA6A4354FC95F3DAD99172290423EB507B574D6CEAF38A4AE227FD44541A29560020EA2EC10C5213E1EBC7A686AFA770A09C28E0D1EFB46AD409D2C58B8A4EF2E740957BCE903FF63D0B5E6BCF7E8C2B8F85DB93FC96E78BE2002603FF9AC2ACF368269FE034D6A5F8BFC6249FD140E85E9435C8B03D9390F1D0FD44519C21D174F7901BAB95DE7C91A1BFB9EB1079C584A71392A72768B2C2748145835AE7A5509B3C59539F46B5E0DF6955B84687C454679C9D87198605D78D1B551F502A5ACD915F55C919763C2F1206A0ADD5F651031A76EA0D102D064CBE24F919D3CF333D1EA0E89C1CA9E7D115802FC38757A50C97849D41E03C5F1EB8485CDDB55464E44172B0DE3D4F94A5AD01ECE4D70E17181225418F4205ABA526FA1D8C493749243D626C1D6A3170AD9D7DA551F3642229428803E81782D49355CB6CCEE08AB7583CA3A73354F2942BC6225E07788E542B1E2A9B46724D8A8EE0BE6F79CCDF78B10FC78FF3E15FFBC2EF1FFF4F53A328C7850BC0DAF358823712FF3609B981377D64FD274C578FFE92A6AE74F6F6A37907BD6B71FDA8C492C15BF9F820360709CFE9C5DFB03196120DF85D7D730DBA4CDFC36F2760227A5EAA27AA255935616A3833609B890B2445FC82D7A70B798DCB71E7C5B868AF06577FDDD034B63FF8A5CEEE3A1BBCD4CC61AF7A21D812E5987B35EF262FCCDFE85FF02E21E95C20C66357D8C813C672AFF03D9B4023E94E4397596BEA7F642D14DDA48D455EE0EBC7979D7AAD8994DC9A0DB84F1EE247C71E3D3A5626455CABC9C91BBAA98E2DD96EDA9EC0CDE2130236907A41D227CC515E1B139D278BC9F1DC231BDBDD76C400564D3200B2F61980B679BE9D8BF9D37BA5C0CB681E5054431A61CBF3979F08737F53
-20210513054050 2 6 100 7679 5 FAFDEC5D38380C2FFBEDCDA1262E4817F274B6544BB0A1904CF571375327EDF0105410A3F584F9A15982937EB5A64E30206DA90D66B89BF48EC74E7F40FB957673193875E02B88101A4FE81C47EBCB8451386AAEC6EA69F967310C79D8CC71BE07F669C3094E5F2CD314FF0FDD08256EFDFC03EF43C4704684CEEBBBFC48D48C920B2AC3CC15010D7EE49049D52B12E6E9228BF0482C174747EA40E558D88CACA9F143A496236C120DE560FDD7B2A1175407D333103C025E8EAE424AC5BADA1A354428B451F594BE605000CA3B2773B2D91FEDBBAF2E58DE2F03461A9F8D90B84209F66D7203E92774AB5B83809BAFFCC8D32ACB1B0AD4D1C2D37CED00654FB7517A56FE35CD364967D541D336C0E2CF96303B3BD1FBBC12D5DCF3D8F343BD2DD0EA3B5FA0062DC9A426A36DD27FD9C8E76DBB7FFE97BA3B27BDE53B017D7C9DFA6A4354FC95F3DAD99172290423EB507B574D6CEAF38A4AE227FD44541A29560020EA2EC10C5213E1EBC7A686AFA770A09C28E0D1EFB46AD409D2C58B8A4EF2E740957BCE903FF63D0B5E6BCF7E8C2B8F85DB93FC96E78BE2002603FF9AC2ACF368269FE034D6A5F8BFC6249FD140E85E9435C8B03D9390F1D0FD44519C21D174F7901BAB95DE7C91A1BFB9EB1079C584A71392A72768B2C2748145835AE7A5509B3C59539F46B5E0DF6955B84687C454679C9D87198605D78D1B551F502A5ACD915F55C919763C2F1206A0ADD5F651031A76EA0D102D064CBE24F919D3CF333D1EA0E89C1CA9E7D115802FC38757A50C97849D41E03C5F1EB8485CDDB55464E44172B0DE3D4F94A5AD01ECE4D70E17181225418F4205ABA526FA1D8C493749243D626C1D6A3170AD9D7DA551F3642229428803E81782D49355CB6CCEE08AB7583CA3A73354F2942BC6225E07788E542B1E2A9B46724D8A8EE0BE6F79CCDF78B10FC78FF3E15FFBC2EF1FFF4F53A328C7850BC0DAF358823712FF3609B981377D64FD274C578FFE92A6AE74F6F6A37907BD6B71FDA8C492C15BF9F820360709CFE9C5DFB03196120DF85D7D730DBA4CDFC36F2760227A5EAA27AA255935616A3833609B890B2445FC82D7A70B798DCB71E7C5B868AF06577FDDD034B63FF8A5CEEE3A1BBCD4CC61AF7A21D812E5987B35EF262FCCDFE85FF02E21E95C20C66357D8C813C672AFF03D9B4023E94E4397596BEA7F642D14DDA48D455EE0EBC7979D7AAD8994DC9A0DB84F1EE247C71E3D3A5626455CABC9C91BBAA98E2DD96EDA9EC0CDE2130236907A41D227CC515E1B139D278BC9F1DC231BDBDD76C400564D3200B2F61980B679BE9D8BF9D37BA5C0CB681E5054431A61CBF3979F0A117EFF
-20210513061420 2 6 100 7679 2 FAFDEC5D38380C2FFBEDCDA1262E4817F274B6544BB0A1904CF571375327EDF0105410A3F584F9A15982937EB5A64E30206DA90D66B89BF48EC74E7F40FB957673193875E02B88101A4FE81C47EBCB8451386AAEC6EA69F967310C79D8CC71BE07F669C3094E5F2CD314FF0FDD08256EFDFC03EF43C4704684CEEBBBFC48D48C920B2AC3CC15010D7EE49049D52B12E6E9228BF0482C174747EA40E558D88CACA9F143A496236C120DE560FDD7B2A1175407D333103C025E8EAE424AC5BADA1A354428B451F594BE605000CA3B2773B2D91FEDBBAF2E58DE2F03461A9F8D90B84209F66D7203E92774AB5B83809BAFFCC8D32ACB1B0AD4D1C2D37CED00654FB7517A56FE35CD364967D541D336C0E2CF96303B3BD1FBBC12D5DCF3D8F343BD2DD0EA3B5FA0062DC9A426A36DD27FD9C8E76DBB7FFE97BA3B27BDE53B017D7C9DFA6A4354FC95F3DAD99172290423EB507B574D6CEAF38A4AE227FD44541A29560020EA2EC10C5213E1EBC7A686AFA770A09C28E0D1EFB46AD409D2C58B8A4EF2E740957BCE903FF63D0B5E6BCF7E8C2B8F85DB93FC96E78BE2002603FF9AC2ACF368269FE034D6A5F8BFC6249FD140E85E9435C8B03D9390F1D0FD44519C21D174F7901BAB95DE7C91A1BFB9EB1079C584A71392A72768B2C2748145835AE7A5509B3C59539F46B5E0DF6955B84687C454679C9D87198605D78D1B551F502A5ACD915F55C919763C2F1206A0ADD5F651031A76EA0D102D064CBE24F919D3CF333D1EA0E89C1CA9E7D115802FC38757A50C97849D41E03C5F1EB8485CDDB55464E44172B0DE3D4F94A5AD01ECE4D70E17181225418F4205ABA526FA1D8C493749243D626C1D6A3170AD9D7DA551F3642229428803E81782D49355CB6CCEE08AB7583CA3A73354F2942BC6225E07788E542B1E2A9B46724D8A8EE0BE6F79CCDF78B10FC78FF3E15FFBC2EF1FFF4F53A328C7850BC0DAF358823712FF3609B981377D64FD274C578FFE92A6AE74F6F6A37907BD6B71FDA8C492C15BF9F820360709CFE9C5DFB03196120DF85D7D730DBA4CDFC36F2760227A5EAA27AA255935616A3833609B890B2445FC82D7A70B798DCB71E7C5B868AF06577FDDD034B63FF8A5CEEE3A1BBCD4CC61AF7A21D812E5987B35EF262FCCDFE85FF02E21E95C20C66357D8C813C672AFF03D9B4023E94E4397596BEA7F642D14DDA48D455EE0EBC7979D7AAD8994DC9A0DB84F1EE247C71E3D3A5626455CABC9C91BBAA98E2DD96EDA9EC0CDE2130236907A41D227CC515E1B139D278BC9F1DC231BDBDD76C400564D3200B2F61980B679BE9D8BF9D37BA5C0CB681E5054431A61CBF3979F0CA24113
-20210513062114 2 6 100 7679 5 FAFDEC5D38380C2FFBEDCDA1262E4817F274B6544BB0A1904CF571375327EDF0105410A3F584F9A15982937EB5A64E30206DA90D66B89BF48EC74E7F40FB957673193875E02B88101A4FE81C47EBCB8451386AAEC6EA69F967310C79D8CC71BE07F669C3094E5F2CD314FF0FDD08256EFDFC03EF43C4704684CEEBBBFC48D48C920B2AC3CC15010D7EE49049D52B12E6E9228BF0482C174747EA40E558D88CACA9F143A496236C120DE560FDD7B2A1175407D333103C025E8EAE424AC5BADA1A354428B451F594BE605000CA3B2773B2D91FEDBBAF2E58DE2F03461A9F8D90B84209F66D7203E92774AB5B83809BAFFCC8D32ACB1B0AD4D1C2D37CED00654FB7517A56FE35CD364967D541D336C0E2CF96303B3BD1FBBC12D5DCF3D8F343BD2DD0EA3B5FA0062DC9A426A36DD27FD9C8E76DBB7FFE97BA3B27BDE53B017D7C9DFA6A4354FC95F3DAD99172290423EB507B574D6CEAF38A4AE227FD44541A29560020EA2EC10C5213E1EBC7A686AFA770A09C28E0D1EFB46AD409D2C58B8A4EF2E740957BCE903FF63D0B5E6BCF7E8C2B8F85DB93FC96E78BE2002603FF9AC2ACF368269FE034D6A5F8BFC6249FD140E85E9435C8B03D9390F1D0FD44519C21D174F7901BAB95DE7C91A1BFB9EB1079C584A71392A72768B2C2748145835AE7A5509B3C59539F46B5E0DF6955B84687C454679C9D87198605D78D1B551F502A5ACD915F55C919763C2F1206A0ADD5F651031A76EA0D102D064CBE24F919D3CF333D1EA0E89C1CA9E7D115802FC38757A50C97849D41E03C5F1EB8485CDDB55464E44172B0DE3D4F94A5AD01ECE4D70E17181225418F4205ABA526FA1D8C493749243D626C1D6A3170AD9D7DA551F3642229428803E81782D49355CB6CCEE08AB7583CA3A73354F2942BC6225E07788E542B1E2A9B46724D8A8EE0BE6F79CCDF78B10FC78FF3E15FFBC2EF1FFF4F53A328C7850BC0DAF358823712FF3609B981377D64FD274C578FFE92A6AE74F6F6A37907BD6B71FDA8C492C15BF9F820360709CFE9C5DFB03196120DF85D7D730DBA4CDFC36F2760227A5EAA27AA255935616A3833609B890B2445FC82D7A70B798DCB71E7C5B868AF06577FDDD034B63FF8A5CEEE3A1BBCD4CC61AF7A21D812E5987B35EF262FCCDFE85FF02E21E95C20C66357D8C813C672AFF03D9B4023E94E4397596BEA7F642D14DDA48D455EE0EBC7979D7AAD8994DC9A0DB84F1EE247C71E3D3A5626455CABC9C91BBAA98E2DD96EDA9EC0CDE2130236907A41D227CC515E1B139D278BC9F1DC231BDBDD76C400564D3200B2F61980B679BE9D8BF9D37BA5C0CB681E5054431A61CBF3979F0D21BC27
-20210513063330 2 6 100 7679 5 FAFDEC5D38380C2FFBEDCDA1262E4817F274B6544BB0A1904CF571375327EDF0105410A3F584F9A15982937EB5A64E30206DA90D66B89BF48EC74E7F40FB957673193875E02B88101A4FE81C47EBCB8451386AAEC6EA69F967310C79D8CC71BE07F669C3094E5F2CD314FF0FDD08256EFDFC03EF43C4704684CEEBBBFC48D48C920B2AC3CC15010D7EE49049D52B12E6E9228BF0482C174747EA40E558D88CACA9F143A496236C120DE560FDD7B2A1175407D333103C025E8EAE424AC5BADA1A354428B451F594BE605000CA3B2773B2D91FEDBBAF2E58DE2F03461A9F8D90B84209F66D7203E92774AB5B83809BAFFCC8D32ACB1B0AD4D1C2D37CED00654FB7517A56FE35CD364967D541D336C0E2CF96303B3BD1FBBC12D5DCF3D8F343BD2DD0EA3B5FA0062DC9A426A36DD27FD9C8E76DBB7FFE97BA3B27BDE53B017D7C9DFA6A4354FC95F3DAD99172290423EB507B574D6CEAF38A4AE227FD44541A29560020EA2EC10C5213E1EBC7A686AFA770A09C28E0D1EFB46AD409D2C58B8A4EF2E740957BCE903FF63D0B5E6BCF7E8C2B8F85DB93FC96E78BE2002603FF9AC2ACF368269FE034D6A5F8BFC6249FD140E85E9435C8B03D9390F1D0FD44519C21D174F7901BAB95DE7C91A1BFB9EB1079C584A71392A72768B2C2748145835AE7A5509B3C59539F46B5E0DF6955B84687C454679C9D87198605D78D1B551F502A5ACD915F55C919763C2F1206A0ADD5F651031A76EA0D102D064CBE24F919D3CF333D1EA0E89C1CA9E7D115802FC38757A50C97849D41E03C5F1EB8485CDDB55464E44172B0DE3D4F94A5AD01ECE4D70E17181225418F4205ABA526FA1D8C493749243D626C1D6A3170AD9D7DA551F3642229428803E81782D49355CB6CCEE08AB7583CA3A73354F2942BC6225E07788E542B1E2A9B46724D8A8EE0BE6F79CCDF78B10FC78FF3E15FFBC2EF1FFF4F53A328C7850BC0DAF358823712FF3609B981377D64FD274C578FFE92A6AE74F6F6A37907BD6B71FDA8C492C15BF9F820360709CFE9C5DFB03196120DF85D7D730DBA4CDFC36F2760227A5EAA27AA255935616A3833609B890B2445FC82D7A70B798DCB71E7C5B868AF06577FDDD034B63FF8A5CEEE3A1BBCD4CC61AF7A21D812E5987B35EF262FCCDFE85FF02E21E95C20C66357D8C813C672AFF03D9B4023E94E4397596BEA7F642D14DDA48D455EE0EBC7979D7AAD8994DC9A0DB84F1EE247C71E3D3A5626455CABC9C91BBAA98E2DD96EDA9EC0CDE2130236907A41D227CC515E1B139D278BC9F1DC231BDBDD76C400564D3200B2F61980B679BE9D8BF9D37BA5C0CB681E5054431A61CBF3979F0E0CA30F
-20210513071712 2 6 100 7679 2 FAFDEC5D38380C2FFBEDCDA1262E4817F274B6544BB0A1904CF571375327EDF0105410A3F584F9A15982937EB5A64E30206DA90D66B89BF48EC74E7F40FB957673193875E02B88101A4FE81C47EBCB8451386AAEC6EA69F967310C79D8CC71BE07F669C3094E5F2CD314FF0FDD08256EFDFC03EF43C4704684CEEBBBFC48D48C920B2AC3CC15010D7EE49049D52B12E6E9228BF0482C174747EA40E558D88CACA9F143A496236C120DE560FDD7B2A1175407D333103C025E8EAE424AC5BADA1A354428B451F594BE605000CA3B2773B2D91FEDBBAF2E58DE2F03461A9F8D90B84209F66D7203E92774AB5B83809BAFFCC8D32ACB1B0AD4D1C2D37CED00654FB7517A56FE35CD364967D541D336C0E2CF96303B3BD1FBBC12D5DCF3D8F343BD2DD0EA3B5FA0062DC9A426A36DD27FD9C8E76DBB7FFE97BA3B27BDE53B017D7C9DFA6A4354FC95F3DAD99172290423EB507B574D6CEAF38A4AE227FD44541A29560020EA2EC10C5213E1EBC7A686AFA770A09C28E0D1EFB46AD409D2C58B8A4EF2E740957BCE903FF63D0B5E6BCF7E8C2B8F85DB93FC96E78BE2002603FF9AC2ACF368269FE034D6A5F8BFC6249FD140E85E9435C8B03D9390F1D0FD44519C21D174F7901BAB95DE7C91A1BFB9EB1079C584A71392A72768B2C2748145835AE7A5509B3C59539F46B5E0DF6955B84687C454679C9D87198605D78D1B551F502A5ACD915F55C919763C2F1206A0ADD5F651031A76EA0D102D064CBE24F919D3CF333D1EA0E89C1CA9E7D115802FC38757A50C97849D41E03C5F1EB8485CDDB55464E44172B0DE3D4F94A5AD01ECE4D70E17181225418F4205ABA526FA1D8C493749243D626C1D6A3170AD9D7DA551F3642229428803E81782D49355CB6CCEE08AB7583CA3A73354F2942BC6225E07788E542B1E2A9B46724D8A8EE0BE6F79CCDF78B10FC78FF3E15FFBC2EF1FFF4F53A328C7850BC0DAF358823712FF3609B981377D64FD274C578FFE92A6AE74F6F6A37907BD6B71FDA8C492C15BF9F820360709CFE9C5DFB03196120DF85D7D730DBA4CDFC36F2760227A5EAA27AA255935616A3833609B890B2445FC82D7A70B798DCB71E7C5B868AF06577FDDD034B63FF8A5CEEE3A1BBCD4CC61AF7A21D812E5987B35EF262FCCDFE85FF02E21E95C20C66357D8C813C672AFF03D9B4023E94E4397596BEA7F642D14DDA48D455EE0EBC7979D7AAD8994DC9A0DB84F1EE247C71E3D3A5626455CABC9C91BBAA98E2DD96EDA9EC0CDE2130236907A41D227CC515E1B139D278BC9F1DC231BDBDD76C400564D3200B2F61980B679BE9D8BF9D37BA5C0CB681E5054431A61CBF3979F1165FA43
-20210513072642 2 6 100 7679 5 FAFDEC5D38380C2FFBEDCDA1262E4817F274B6544BB0A1904CF571375327EDF0105410A3F584F9A15982937EB5A64E30206DA90D66B89BF48EC74E7F40FB957673193875E02B88101A4FE81C47EBCB8451386AAEC6EA69F967310C79D8CC71BE07F669C3094E5F2CD314FF0FDD08256EFDFC03EF43C4704684CEEBBBFC48D48C920B2AC3CC15010D7EE49049D52B12E6E9228BF0482C174747EA40E558D88CACA9F143A496236C120DE560FDD7B2A1175407D333103C025E8EAE424AC5BADA1A354428B451F594BE605000CA3B2773B2D91FEDBBAF2E58DE2F03461A9F8D90B84209F66D7203E92774AB5B83809BAFFCC8D32ACB1B0AD4D1C2D37CED00654FB7517A56FE35CD364967D541D336C0E2CF96303B3BD1FBBC12D5DCF3D8F343BD2DD0EA3B5FA0062DC9A426A36DD27FD9C8E76DBB7FFE97BA3B27BDE53B017D7C9DFA6A4354FC95F3DAD99172290423EB507B574D6CEAF38A4AE227FD44541A29560020EA2EC10C5213E1EBC7A686AFA770A09C28E0D1EFB46AD409D2C58B8A4EF2E740957BCE903FF63D0B5E6BCF7E8C2B8F85DB93FC96E78BE2002603FF9AC2ACF368269FE034D6A5F8BFC6249FD140E85E9435C8B03D9390F1D0FD44519C21D174F7901BAB95DE7C91A1BFB9EB1079C584A71392A72768B2C2748145835AE7A5509B3C59539F46B5E0DF6955B84687C454679C9D87198605D78D1B551F502A5ACD915F55C919763C2F1206A0ADD5F651031A76EA0D102D064CBE24F919D3CF333D1EA0E89C1CA9E7D115802FC38757A50C97849D41E03C5F1EB8485CDDB55464E44172B0DE3D4F94A5AD01ECE4D70E17181225418F4205ABA526FA1D8C493749243D626C1D6A3170AD9D7DA551F3642229428803E81782D49355CB6CCEE08AB7583CA3A73354F2942BC6225E07788E542B1E2A9B46724D8A8EE0BE6F79CCDF78B10FC78FF3E15FFBC2EF1FFF4F53A328C7850BC0DAF358823712FF3609B981377D64FD274C578FFE92A6AE74F6F6A37907BD6B71FDA8C492C15BF9F820360709CFE9C5DFB03196120DF85D7D730DBA4CDFC36F2760227A5EAA27AA255935616A3833609B890B2445FC82D7A70B798DCB71E7C5B868AF06577FDDD034B63FF8A5CEEE3A1BBCD4CC61AF7A21D812E5987B35EF262FCCDFE85FF02E21E95C20C66357D8C813C672AFF03D9B4023E94E4397596BEA7F642D14DDA48D455EE0EBC7979D7AAD8994DC9A0DB84F1EE247C71E3D3A5626455CABC9C91BBAA98E2DD96EDA9EC0CDE2130236907A41D227CC515E1B139D278BC9F1DC231BDBDD76C400564D3200B2F61980B679BE9D8BF9D37BA5C0CB681E5054431A61CBF3979F1213296F
-20210513075016 2 6 100 7679 5 FAFDEC5D38380C2FFBEDCDA1262E4817F274B6544BB0A1904CF571375327EDF0105410A3F584F9A15982937EB5A64E30206DA90D66B89BF48EC74E7F40FB957673193875E02B88101A4FE81C47EBCB8451386AAEC6EA69F967310C79D8CC71BE07F669C3094E5F2CD314FF0FDD08256EFDFC03EF43C4704684CEEBBBFC48D48C920B2AC3CC15010D7EE49049D52B12E6E9228BF0482C174747EA40E558D88CACA9F143A496236C120DE560FDD7B2A1175407D333103C025E8EAE424AC5BADA1A354428B451F594BE605000CA3B2773B2D91FEDBBAF2E58DE2F03461A9F8D90B84209F66D7203E92774AB5B83809BAFFCC8D32ACB1B0AD4D1C2D37CED00654FB7517A56FE35CD364967D541D336C0E2CF96303B3BD1FBBC12D5DCF3D8F343BD2DD0EA3B5FA0062DC9A426A36DD27FD9C8E76DBB7FFE97BA3B27BDE53B017D7C9DFA6A4354FC95F3DAD99172290423EB507B574D6CEAF38A4AE227FD44541A29560020EA2EC10C5213E1EBC7A686AFA770A09C28E0D1EFB46AD409D2C58B8A4EF2E740957BCE903FF63D0B5E6BCF7E8C2B8F85DB93FC96E78BE2002603FF9AC2ACF368269FE034D6A5F8BFC6249FD140E85E9435C8B03D9390F1D0FD44519C21D174F7901BAB95DE7C91A1BFB9EB1079C584A71392A72768B2C2748145835AE7A5509B3C59539F46B5E0DF6955B84687C454679C9D87198605D78D1B551F502A5ACD915F55C919763C2F1206A0ADD5F651031A76EA0D102D064CBE24F919D3CF333D1EA0E89C1CA9E7D115802FC38757A50C97849D41E03C5F1EB8485CDDB55464E44172B0DE3D4F94A5AD01ECE4D70E17181225418F4205ABA526FA1D8C493749243D626C1D6A3170AD9D7DA551F3642229428803E81782D49355CB6CCEE08AB7583CA3A73354F2942BC6225E07788E542B1E2A9B46724D8A8EE0BE6F79CCDF78B10FC78FF3E15FFBC2EF1FFF4F53A328C7850BC0DAF358823712FF3609B981377D64FD274C578FFE92A6AE74F6F6A37907BD6B71FDA8C492C15BF9F820360709CFE9C5DFB03196120DF85D7D730DBA4CDFC36F2760227A5EAA27AA255935616A3833609B890B2445FC82D7A70B798DCB71E7C5B868AF06577FDDD034B63FF8A5CEEE3A1BBCD4CC61AF7A21D812E5987B35EF262FCCDFE85FF02E21E95C20C66357D8C813C672AFF03D9B4023E94E4397596BEA7F642D14DDA48D455EE0EBC7979D7AAD8994DC9A0DB84F1EE247C71E3D3A5626455CABC9C91BBAA98E2DD96EDA9EC0CDE2130236907A41D227CC515E1B139D278BC9F1DC231BDBDD76C400564D3200B2F61980B679BE9D8BF9D37BA5C0CB681E5054431A61CBF3979F13D7F69F
-20210513080859 2 6 100 7679 2 FAFDEC5D38380C2FFBEDCDA1262E4817F274B6544BB0A1904CF571375327EDF0105410A3F584F9A15982937EB5A64E30206DA90D66B89BF48EC74E7F40FB957673193875E02B88101A4FE81C47EBCB8451386AAEC6EA69F967310C79D8CC71BE07F669C3094E5F2CD314FF0FDD08256EFDFC03EF43C4704684CEEBBBFC48D48C920B2AC3CC15010D7EE49049D52B12E6E9228BF0482C174747EA40E558D88CACA9F143A496236C120DE560FDD7B2A1175407D333103C025E8EAE424AC5BADA1A354428B451F594BE605000CA3B2773B2D91FEDBBAF2E58DE2F03461A9F8D90B84209F66D7203E92774AB5B83809BAFFCC8D32ACB1B0AD4D1C2D37CED00654FB7517A56FE35CD364967D541D336C0E2CF96303B3BD1FBBC12D5DCF3D8F343BD2DD0EA3B5FA0062DC9A426A36DD27FD9C8E76DBB7FFE97BA3B27BDE53B017D7C9DFA6A4354FC95F3DAD99172290423EB507B574D6CEAF38A4AE227FD44541A29560020EA2EC10C5213E1EBC7A686AFA770A09C28E0D1EFB46AD409D2C58B8A4EF2E740957BCE903FF63D0B5E6BCF7E8C2B8F85DB93FC96E78BE2002603FF9AC2ACF368269FE034D6A5F8BFC6249FD140E85E9435C8B03D9390F1D0FD44519C21D174F7901BAB95DE7C91A1BFB9EB1079C584A71392A72768B2C2748145835AE7A5509B3C59539F46B5E0DF6955B84687C454679C9D87198605D78D1B551F502A5ACD915F55C919763C2F1206A0ADD5F651031A76EA0D102D064CBE24F919D3CF333D1EA0E89C1CA9E7D115802FC38757A50C97849D41E03C5F1EB8485CDDB55464E44172B0DE3D4F94A5AD01ECE4D70E17181225418F4205ABA526FA1D8C493749243D626C1D6A3170AD9D7DA551F3642229428803E81782D49355CB6CCEE08AB7583CA3A73354F2942BC6225E07788E542B1E2A9B46724D8A8EE0BE6F79CCDF78B10FC78FF3E15FFBC2EF1FFF4F53A328C7850BC0DAF358823712FF3609B981377D64FD274C578FFE92A6AE74F6F6A37907BD6B71FDA8C492C15BF9F820360709CFE9C5DFB03196120DF85D7D730DBA4CDFC36F2760227A5EAA27AA255935616A3833609B890B2445FC82D7A70B798DCB71E7C5B868AF06577FDDD034B63FF8A5CEEE3A1BBCD4CC61AF7A21D812E5987B35EF262FCCDFE85FF02E21E95C20C66357D8C813C672AFF03D9B4023E94E4397596BEA7F642D14DDA48D455EE0EBC7979D7AAD8994DC9A0DB84F1EE247C71E3D3A5626455CABC9C91BBAA98E2DD96EDA9EC0CDE2130236907A41D227CC515E1B139D278BC9F1DC231BDBDD76C400564D3200B2F61980B679BE9D8BF9D37BA5C0CB681E5054431A61CBF3979F15405513
-20210513082937 2 6 100 7679 5 FAFDEC5D38380C2FFBEDCDA1262E4817F274B6544BB0A1904CF571375327EDF0105410A3F584F9A15982937EB5A64E30206DA90D66B89BF48EC74E7F40FB957673193875E02B88101A4FE81C47EBCB8451386AAEC6EA69F967310C79D8CC71BE07F669C3094E5F2CD314FF0FDD08256EFDFC03EF43C4704684CEEBBBFC48D48C920B2AC3CC15010D7EE49049D52B12E6E9228BF0482C174747EA40E558D88CACA9F143A496236C120DE560FDD7B2A1175407D333103C025E8EAE424AC5BADA1A354428B451F594BE605000CA3B2773B2D91FEDBBAF2E58DE2F03461A9F8D90B84209F66D7203E92774AB5B83809BAFFCC8D32ACB1B0AD4D1C2D37CED00654FB7517A56FE35CD364967D541D336C0E2CF96303B3BD1FBBC12D5DCF3D8F343BD2DD0EA3B5FA0062DC9A426A36DD27FD9C8E76DBB7FFE97BA3B27BDE53B017D7C9DFA6A4354FC95F3DAD99172290423EB507B574D6CEAF38A4AE227FD44541A29560020EA2EC10C5213E1EBC7A686AFA770A09C28E0D1EFB46AD409D2C58B8A4EF2E740957BCE903FF63D0B5E6BCF7E8C2B8F85DB93FC96E78BE2002603FF9AC2ACF368269FE034D6A5F8BFC6249FD140E85E9435C8B03D9390F1D0FD44519C21D174F7901BAB95DE7C91A1BFB9EB1079C584A71392A72768B2C2748145835AE7A5509B3C59539F46B5E0DF6955B84687C454679C9D87198605D78D1B551F502A5ACD915F55C919763C2F1206A0ADD5F651031A76EA0D102D064CBE24F919D3CF333D1EA0E89C1CA9E7D115802FC38757A50C97849D41E03C5F1EB8485CDDB55464E44172B0DE3D4F94A5AD01ECE4D70E17181225418F4205ABA526FA1D8C493749243D626C1D6A3170AD9D7DA551F3642229428803E81782D49355CB6CCEE08AB7583CA3A73354F2942BC6225E07788E542B1E2A9B46724D8A8EE0BE6F79CCDF78B10FC78FF3E15FFBC2EF1FFF4F53A328C7850BC0DAF358823712FF3609B981377D64FD274C578FFE92A6AE74F6F6A37907BD6B71FDA8C492C15BF9F820360709CFE9C5DFB03196120DF85D7D730DBA4CDFC36F2760227A5EAA27AA255935616A3833609B890B2445FC82D7A70B798DCB71E7C5B868AF06577FDDD034B63FF8A5CEEE3A1BBCD4CC61AF7A21D812E5987B35EF262FCCDFE85FF02E21E95C20C66357D8C813C672AFF03D9B4023E94E4397596BEA7F642D14DDA48D455EE0EBC7979D7AAD8994DC9A0DB84F1EE247C71E3D3A5626455CABC9C91BBAA98E2DD96EDA9EC0CDE2130236907A41D227CC515E1B139D278BC9F1DC231BDBDD76C400564D3200B2F61980B679BE9D8BF9D37BA5C0CB681E5054431A61CBF3979F16D0AEC7
-20210513084916 2 6 100 7679 2 FAFDEC5D38380C2FFBEDCDA1262E4817F274B6544BB0A1904CF571375327EDF0105410A3F584F9A15982937EB5A64E30206DA90D66B89BF48EC74E7F40FB957673193875E02B88101A4FE81C47EBCB8451386AAEC6EA69F967310C79D8CC71BE07F669C3094E5F2CD314FF0FDD08256EFDFC03EF43C4704684CEEBBBFC48D48C920B2AC3CC15010D7EE49049D52B12E6E9228BF0482C174747EA40E558D88CACA9F143A496236C120DE560FDD7B2A1175407D333103C025E8EAE424AC5BADA1A354428B451F594BE605000CA3B2773B2D91FEDBBAF2E58DE2F03461A9F8D90B84209F66D7203E92774AB5B83809BAFFCC8D32ACB1B0AD4D1C2D37CED00654FB7517A56FE35CD364967D541D336C0E2CF96303B3BD1FBBC12D5DCF3D8F343BD2DD0EA3B5FA0062DC9A426A36DD27FD9C8E76DBB7FFE97BA3B27BDE53B017D7C9DFA6A4354FC95F3DAD99172290423EB507B574D6CEAF38A4AE227FD44541A29560020EA2EC10C5213E1EBC7A686AFA770A09C28E0D1EFB46AD409D2C58B8A4EF2E740957BCE903FF63D0B5E6BCF7E8C2B8F85DB93FC96E78BE2002603FF9AC2ACF368269FE034D6A5F8BFC6249FD140E85E9435C8B03D9390F1D0FD44519C21D174F7901BAB95DE7C91A1BFB9EB1079C584A71392A72768B2C2748145835AE7A5509B3C59539F46B5E0DF6955B84687C454679C9D87198605D78D1B551F502A5ACD915F55C919763C2F1206A0ADD5F651031A76EA0D102D064CBE24F919D3CF333D1EA0E89C1CA9E7D115802FC38757A50C97849D41E03C5F1EB8485CDDB55464E44172B0DE3D4F94A5AD01ECE4D70E17181225418F4205ABA526FA1D8C493749243D626C1D6A3170AD9D7DA551F3642229428803E81782D49355CB6CCEE08AB7583CA3A73354F2942BC6225E07788E542B1E2A9B46724D8A8EE0BE6F79CCDF78B10FC78FF3E15FFBC2EF1FFF4F53A328C7850BC0DAF358823712FF3609B981377D64FD274C578FFE92A6AE74F6F6A37907BD6B71FDA8C492C15BF9F820360709CFE9C5DFB03196120DF85D7D730DBA4CDFC36F2760227A5EAA27AA255935616A3833609B890B2445FC82D7A70B798DCB71E7C5B868AF06577FDDD034B63FF8A5CEEE3A1BBCD4CC61AF7A21D812E5987B35EF262FCCDFE85FF02E21E95C20C66357D8C813C672AFF03D9B4023E94E4397596BEA7F642D14DDA48D455EE0EBC7979D7AAD8994DC9A0DB84F1EE247C71E3D3A5626455CABC9C91BBAA98E2DD96EDA9EC0CDE2130236907A41D227CC515E1B139D278BC9F1DC231BDBDD76C400564D3200B2F61980B679BE9D8BF9D37BA5C0CB681E5054431A61CBF3979F184559A3
-20210513101622 2 6 100 7679 2 FAFDEC5D38380C2FFBEDCDA1262E4817F274B6544BB0A1904CF571375327EDF0105410A3F584F9A15982937EB5A64E30206DA90D66B89BF48EC74E7F40FB957673193875E02B88101A4FE81C47EBCB8451386AAEC6EA69F967310C79D8CC71BE07F669C3094E5F2CD314FF0FDD08256EFDFC03EF43C4704684CEEBBBFC48D48C920B2AC3CC15010D7EE49049D52B12E6E9228BF0482C174747EA40E558D88CACA9F143A496236C120DE560FDD7B2A1175407D333103C025E8EAE424AC5BADA1A354428B451F594BE605000CA3B2773B2D91FEDBBAF2E58DE2F03461A9F8D90B84209F66D7203E92774AB5B83809BAFFCC8D32ACB1B0AD4D1C2D37CED00654FB7517A56FE35CD364967D541D336C0E2CF96303B3BD1FBBC12D5DCF3D8F343BD2DD0EA3B5FA0062DC9A426A36DD27FD9C8E76DBB7FFE97BA3B27BDE53B017D7C9DFA6A4354FC95F3DAD99172290423EB507B574D6CEAF38A4AE227FD44541A29560020EA2EC10C5213E1EBC7A686AFA770A09C28E0D1EFB46AD409D2C58B8A4EF2E740957BCE903FF63D0B5E6BCF7E8C2B8F85DB93FC96E78BE2002603FF9AC2ACF368269FE034D6A5F8BFC6249FD140E85E9435C8B03D9390F1D0FD44519C21D174F7901BAB95DE7C91A1BFB9EB1079C584A71392A72768B2C2748145835AE7A5509B3C59539F46B5E0DF6955B84687C454679C9D87198605D78D1B551F502A5ACD915F55C919763C2F1206A0ADD5F651031A76EA0D102D064CBE24F919D3CF333D1EA0E89C1CA9E7D115802FC38757A50C97849D41E03C5F1EB8485CDDB55464E44172B0DE3D4F94A5AD01ECE4D70E17181225418F4205ABA526FA1D8C493749243D626C1D6A3170AD9D7DA551F3642229428803E81782D49355CB6CCEE08AB7583CA3A73354F2942BC6225E07788E542B1E2A9B46724D8A8EE0BE6F79CCDF78B10FC78FF3E15FFBC2EF1FFF4F53A328C7850BC0DAF358823712FF3609B981377D64FD274C578FFE92A6AE74F6F6A37907BD6B71FDA8C492C15BF9F820360709CFE9C5DFB03196120DF85D7D730DBA4CDFC36F2760227A5EAA27AA255935616A3833609B890B2445FC82D7A70B798DCB71E7C5B868AF06577FDDD034B63FF8A5CEEE3A1BBCD4CC61AF7A21D812E5987B35EF262FCCDFE85FF02E21E95C20C66357D8C813C672AFF03D9B4023E94E4397596BEA7F642D14DDA48D455EE0EBC7979D7AAD8994DC9A0DB84F1EE247C71E3D3A5626455CABC9C91BBAA98E2DD96EDA9EC0CDE2130236907A41D227CC515E1B139D278BC9F1DC231BDBDD76C400564D3200B2F61980B679BE9D8BF9D37BA5C0CB681E5054431A61CBF3979F1ED0663B
-20210513103219 2 6 100 7679 2 FAFDEC5D38380C2FFBEDCDA1262E4817F274B6544BB0A1904CF571375327EDF0105410A3F584F9A15982937EB5A64E30206DA90D66B89BF48EC74E7F40FB957673193875E02B88101A4FE81C47EBCB8451386AAEC6EA69F967310C79D8CC71BE07F669C3094E5F2CD314FF0FDD08256EFDFC03EF43C4704684CEEBBBFC48D48C920B2AC3CC15010D7EE49049D52B12E6E9228BF0482C174747EA40E558D88CACA9F143A496236C120DE560FDD7B2A1175407D333103C025E8EAE424AC5BADA1A354428B451F594BE605000CA3B2773B2D91FEDBBAF2E58DE2F03461A9F8D90B84209F66D7203E92774AB5B83809BAFFCC8D32ACB1B0AD4D1C2D37CED00654FB7517A56FE35CD364967D541D336C0E2CF96303B3BD1FBBC12D5DCF3D8F343BD2DD0EA3B5FA0062DC9A426A36DD27FD9C8E76DBB7FFE97BA3B27BDE53B017D7C9DFA6A4354FC95F3DAD99172290423EB507B574D6CEAF38A4AE227FD44541A29560020EA2EC10C5213E1EBC7A686AFA770A09C28E0D1EFB46AD409D2C58B8A4EF2E740957BCE903FF63D0B5E6BCF7E8C2B8F85DB93FC96E78BE2002603FF9AC2ACF368269FE034D6A5F8BFC6249FD140E85E9435C8B03D9390F1D0FD44519C21D174F7901BAB95DE7C91A1BFB9EB1079C584A71392A72768B2C2748145835AE7A5509B3C59539F46B5E0DF6955B84687C454679C9D87198605D78D1B551F502A5ACD915F55C919763C2F1206A0ADD5F651031A76EA0D102D064CBE24F919D3CF333D1EA0E89C1CA9E7D115802FC38757A50C97849D41E03C5F1EB8485CDDB55464E44172B0DE3D4F94A5AD01ECE4D70E17181225418F4205ABA526FA1D8C493749243D626C1D6A3170AD9D7DA551F3642229428803E81782D49355CB6CCEE08AB7583CA3A73354F2942BC6225E07788E542B1E2A9B46724D8A8EE0BE6F79CCDF78B10FC78FF3E15FFBC2EF1FFF4F53A328C7850BC0DAF358823712FF3609B981377D64FD274C578FFE92A6AE74F6F6A37907BD6B71FDA8C492C15BF9F820360709CFE9C5DFB03196120DF85D7D730DBA4CDFC36F2760227A5EAA27AA255935616A3833609B890B2445FC82D7A70B798DCB71E7C5B868AF06577FDDD034B63FF8A5CEEE3A1BBCD4CC61AF7A21D812E5987B35EF262FCCDFE85FF02E21E95C20C66357D8C813C672AFF03D9B4023E94E4397596BEA7F642D14DDA48D455EE0EBC7979D7AAD8994DC9A0DB84F1EE247C71E3D3A5626455CABC9C91BBAA98E2DD96EDA9EC0CDE2130236907A41D227CC515E1B139D278BC9F1DC231BDBDD76C400564D3200B2F61980B679BE9D8BF9D37BA5C0CB681E5054431A61CBF3979F1FF64A7B
-20210513105336 2 6 100 7679 2 FAFDEC5D38380C2FFBEDCDA1262E4817F274B6544BB0A1904CF571375327EDF0105410A3F584F9A15982937EB5A64E30206DA90D66B89BF48EC74E7F40FB957673193875E02B88101A4FE81C47EBCB8451386AAEC6EA69F967310C79D8CC71BE07F669C3094E5F2CD314FF0FDD08256EFDFC03EF43C4704684CEEBBBFC48D48C920B2AC3CC15010D7EE49049D52B12E6E9228BF0482C174747EA40E558D88CACA9F143A496236C120DE560FDD7B2A1175407D333103C025E8EAE424AC5BADA1A354428B451F594BE605000CA3B2773B2D91FEDBBAF2E58DE2F03461A9F8D90B84209F66D7203E92774AB5B83809BAFFCC8D32ACB1B0AD4D1C2D37CED00654FB7517A56FE35CD364967D541D336C0E2CF96303B3BD1FBBC12D5DCF3D8F343BD2DD0EA3B5FA0062DC9A426A36DD27FD9C8E76DBB7FFE97BA3B27BDE53B017D7C9DFA6A4354FC95F3DAD99172290423EB507B574D6CEAF38A4AE227FD44541A29560020EA2EC10C5213E1EBC7A686AFA770A09C28E0D1EFB46AD409D2C58B8A4EF2E740957BCE903FF63D0B5E6BCF7E8C2B8F85DB93FC96E78BE2002603FF9AC2ACF368269FE034D6A5F8BFC6249FD140E85E9435C8B03D9390F1D0FD44519C21D174F7901BAB95DE7C91A1BFB9EB1079C584A71392A72768B2C2748145835AE7A5509B3C59539F46B5E0DF6955B84687C454679C9D87198605D78D1B551F502A5ACD915F55C919763C2F1206A0ADD5F651031A76EA0D102D064CBE24F919D3CF333D1EA0E89C1CA9E7D115802FC38757A50C97849D41E03C5F1EB8485CDDB55464E44172B0DE3D4F94A5AD01ECE4D70E17181225418F4205ABA526FA1D8C493749243D626C1D6A3170AD9D7DA551F3642229428803E81782D49355CB6CCEE08AB7583CA3A73354F2942BC6225E07788E542B1E2A9B46724D8A8EE0BE6F79CCDF78B10FC78FF3E15FFBC2EF1FFF4F53A328C7850BC0DAF358823712FF3609B981377D64FD274C578FFE92A6AE74F6F6A37907BD6B71FDA8C492C15BF9F820360709CFE9C5DFB03196120DF85D7D730DBA4CDFC36F2760227A5EAA27AA255935616A3833609B890B2445FC82D7A70B798DCB71E7C5B868AF06577FDDD034B63FF8A5CEEE3A1BBCD4CC61AF7A21D812E5987B35EF262FCCDFE85FF02E21E95C20C66357D8C813C672AFF03D9B4023E94E4397596BEA7F642D14DDA48D455EE0EBC7979D7AAD8994DC9A0DB84F1EE247C71E3D3A5626455CABC9C91BBAA98E2DD96EDA9EC0CDE2130236907A41D227CC515E1B139D278BC9F1DC231BDBDD76C400564D3200B2F61980B679BE9D8BF9D37BA5C0CB681E5054431A61CBF3979F217BF603
-20210513120417 2 6 100 7679 2 FAFDEC5D38380C2FFBEDCDA1262E4817F274B6544BB0A1904CF571375327EDF0105410A3F584F9A15982937EB5A64E30206DA90D66B89BF48EC74E7F40FB957673193875E02B88101A4FE81C47EBCB8451386AAEC6EA69F967310C79D8CC71BE07F669C3094E5F2CD314FF0FDD08256EFDFC03EF43C4704684CEEBBBFC48D48C920B2AC3CC15010D7EE49049D52B12E6E9228BF0482C174747EA40E558D88CACA9F143A496236C120DE560FDD7B2A1175407D333103C025E8EAE424AC5BADA1A354428B451F594BE605000CA3B2773B2D91FEDBBAF2E58DE2F03461A9F8D90B84209F66D7203E92774AB5B83809BAFFCC8D32ACB1B0AD4D1C2D37CED00654FB7517A56FE35CD364967D541D336C0E2CF96303B3BD1FBBC12D5DCF3D8F343BD2DD0EA3B5FA0062DC9A426A36DD27FD9C8E76DBB7FFE97BA3B27BDE53B017D7C9DFA6A4354FC95F3DAD99172290423EB507B574D6CEAF38A4AE227FD44541A29560020EA2EC10C5213E1EBC7A686AFA770A09C28E0D1EFB46AD409D2C58B8A4EF2E740957BCE903FF63D0B5E6BCF7E8C2B8F85DB93FC96E78BE2002603FF9AC2ACF368269FE034D6A5F8BFC6249FD140E85E9435C8B03D9390F1D0FD44519C21D174F7901BAB95DE7C91A1BFB9EB1079C584A71392A72768B2C2748145835AE7A5509B3C59539F46B5E0DF6955B84687C454679C9D87198605D78D1B551F502A5ACD915F55C919763C2F1206A0ADD5F651031A76EA0D102D064CBE24F919D3CF333D1EA0E89C1CA9E7D115802FC38757A50C97849D41E03C5F1EB8485CDDB55464E44172B0DE3D4F94A5AD01ECE4D70E17181225418F4205ABA526FA1D8C493749243D626C1D6A3170AD9D7DA551F3642229428803E81782D49355CB6CCEE08AB7583CA3A73354F2942BC6225E07788E542B1E2A9B46724D8A8EE0BE6F79CCDF78B10FC78FF3E15FFBC2EF1FFF4F53A328C7850BC0DAF358823712FF3609B981377D64FD274C578FFE92A6AE74F6F6A37907BD6B71FDA8C492C15BF9F820360709CFE9C5DFB03196120DF85D7D730DBA4CDFC36F2760227A5EAA27AA255935616A3833609B890B2445FC82D7A70B798DCB71E7C5B868AF06577FDDD034B63FF8A5CEEE3A1BBCD4CC61AF7A21D812E5987B35EF262FCCDFE85FF02E21E95C20C66357D8C813C672AFF03D9B4023E94E4397596BEA7F642D14DDA48D455EE0EBC7979D7AAD8994DC9A0DB84F1EE247C71E3D3A5626455CABC9C91BBAA98E2DD96EDA9EC0CDE2130236907A41D227CC515E1B139D278BC9F1DC231BDBDD76C400564D3200B2F61980B679BE9D8BF9D37BA5C0CB681E5054431A61CBF3979F26CCF6D3
-20210513122242 2 6 100 7679 5 FAFDEC5D38380C2FFBEDCDA1262E4817F274B6544BB0A1904CF571375327EDF0105410A3F584F9A15982937EB5A64E30206DA90D66B89BF48EC74E7F40FB957673193875E02B88101A4FE81C47EBCB8451386AAEC6EA69F967310C79D8CC71BE07F669C3094E5F2CD314FF0FDD08256EFDFC03EF43C4704684CEEBBBFC48D48C920B2AC3CC15010D7EE49049D52B12E6E9228BF0482C174747EA40E558D88CACA9F143A496236C120DE560FDD7B2A1175407D333103C025E8EAE424AC5BADA1A354428B451F594BE605000CA3B2773B2D91FEDBBAF2E58DE2F03461A9F8D90B84209F66D7203E92774AB5B83809BAFFCC8D32ACB1B0AD4D1C2D37CED00654FB7517A56FE35CD364967D541D336C0E2CF96303B3BD1FBBC12D5DCF3D8F343BD2DD0EA3B5FA0062DC9A426A36DD27FD9C8E76DBB7FFE97BA3B27BDE53B017D7C9DFA6A4354FC95F3DAD99172290423EB507B574D6CEAF38A4AE227FD44541A29560020EA2EC10C5213E1EBC7A686AFA770A09C28E0D1EFB46AD409D2C58B8A4EF2E740957BCE903FF63D0B5E6BCF7E8C2B8F85DB93FC96E78BE2002603FF9AC2ACF368269FE034D6A5F8BFC6249FD140E85E9435C8B03D9390F1D0FD44519C21D174F7901BAB95DE7C91A1BFB9EB1079C584A71392A72768B2C2748145835AE7A5509B3C59539F46B5E0DF6955B84687C454679C9D87198605D78D1B551F502A5ACD915F55C919763C2F1206A0ADD5F651031A76EA0D102D064CBE24F919D3CF333D1EA0E89C1CA9E7D115802FC38757A50C97849D41E03C5F1EB8485CDDB55464E44172B0DE3D4F94A5AD01ECE4D70E17181225418F4205ABA526FA1D8C493749243D626C1D6A3170AD9D7DA551F3642229428803E81782D49355CB6CCEE08AB7583CA3A73354F2942BC6225E07788E542B1E2A9B46724D8A8EE0BE6F79CCDF78B10FC78FF3E15FFBC2EF1FFF4F53A328C7850BC0DAF358823712FF3609B981377D64FD274C578FFE92A6AE74F6F6A37907BD6B71FDA8C492C15BF9F820360709CFE9C5DFB03196120DF85D7D730DBA4CDFC36F2760227A5EAA27AA255935616A3833609B890B2445FC82D7A70B798DCB71E7C5B868AF06577FDDD034B63FF8A5CEEE3A1BBCD4CC61AF7A21D812E5987B35EF262FCCDFE85FF02E21E95C20C66357D8C813C672AFF03D9B4023E94E4397596BEA7F642D14DDA48D455EE0EBC7979D7AAD8994DC9A0DB84F1EE247C71E3D3A5626455CABC9C91BBAA98E2DD96EDA9EC0CDE2130236907A41D227CC515E1B139D278BC9F1DC231BDBDD76C400564D3200B2F61980B679BE9D8BF9D37BA5C0CB681E5054431A61CBF3979F28222B57
-20210513122833 2 6 100 7679 2 FAFDEC5D38380C2FFBEDCDA1262E4817F274B6544BB0A1904CF571375327EDF0105410A3F584F9A15982937EB5A64E30206DA90D66B89BF48EC74E7F40FB957673193875E02B88101A4FE81C47EBCB8451386AAEC6EA69F967310C79D8CC71BE07F669C3094E5F2CD314FF0FDD08256EFDFC03EF43C4704684CEEBBBFC48D48C920B2AC3CC15010D7EE49049D52B12E6E9228BF0482C174747EA40E558D88CACA9F143A496236C120DE560FDD7B2A1175407D333103C025E8EAE424AC5BADA1A354428B451F594BE605000CA3B2773B2D91FEDBBAF2E58DE2F03461A9F8D90B84209F66D7203E92774AB5B83809BAFFCC8D32ACB1B0AD4D1C2D37CED00654FB7517A56FE35CD364967D541D336C0E2CF96303B3BD1FBBC12D5DCF3D8F343BD2DD0EA3B5FA0062DC9A426A36DD27FD9C8E76DBB7FFE97BA3B27BDE53B017D7C9DFA6A4354FC95F3DAD99172290423EB507B574D6CEAF38A4AE227FD44541A29560020EA2EC10C5213E1EBC7A686AFA770A09C28E0D1EFB46AD409D2C58B8A4EF2E740957BCE903FF63D0B5E6BCF7E8C2B8F85DB93FC96E78BE2002603FF9AC2ACF368269FE034D6A5F8BFC6249FD140E85E9435C8B03D9390F1D0FD44519C21D174F7901BAB95DE7C91A1BFB9EB1079C584A71392A72768B2C2748145835AE7A5509B3C59539F46B5E0DF6955B84687C454679C9D87198605D78D1B551F502A5ACD915F55C919763C2F1206A0ADD5F651031A76EA0D102D064CBE24F919D3CF333D1EA0E89C1CA9E7D115802FC38757A50C97849D41E03C5F1EB8485CDDB55464E44172B0DE3D4F94A5AD01ECE4D70E17181225418F4205ABA526FA1D8C493749243D626C1D6A3170AD9D7DA551F3642229428803E81782D49355CB6CCEE08AB7583CA3A73354F2942BC6225E07788E542B1E2A9B46724D8A8EE0BE6F79CCDF78B10FC78FF3E15FFBC2EF1FFF4F53A328C7850BC0DAF358823712FF3609B981377D64FD274C578FFE92A6AE74F6F6A37907BD6B71FDA8C492C15BF9F820360709CFE9C5DFB03196120DF85D7D730DBA4CDFC36F2760227A5EAA27AA255935616A3833609B890B2445FC82D7A70B798DCB71E7C5B868AF06577FDDD034B63FF8A5CEEE3A1BBCD4CC61AF7A21D812E5987B35EF262FCCDFE85FF02E21E95C20C66357D8C813C672AFF03D9B4023E94E4397596BEA7F642D14DDA48D455EE0EBC7979D7AAD8994DC9A0DB84F1EE247C71E3D3A5626455CABC9C91BBAA98E2DD96EDA9EC0CDE2130236907A41D227CC515E1B139D278BC9F1DC231BDBDD76C400564D3200B2F61980B679BE9D8BF9D37BA5C0CB681E5054431A61CBF3979F2886B733
-20210513132056 2 6 100 7679 5 FAFDEC5D38380C2FFBEDCDA1262E4817F274B6544BB0A1904CF571375327EDF0105410A3F584F9A15982937EB5A64E30206DA90D66B89BF48EC74E7F40FB957673193875E02B88101A4FE81C47EBCB8451386AAEC6EA69F967310C79D8CC71BE07F669C3094E5F2CD314FF0FDD08256EFDFC03EF43C4704684CEEBBBFC48D48C920B2AC3CC15010D7EE49049D52B12E6E9228BF0482C174747EA40E558D88CACA9F143A496236C120DE560FDD7B2A1175407D333103C025E8EAE424AC5BADA1A354428B451F594BE605000CA3B2773B2D91FEDBBAF2E58DE2F03461A9F8D90B84209F66D7203E92774AB5B83809BAFFCC8D32ACB1B0AD4D1C2D37CED00654FB7517A56FE35CD364967D541D336C0E2CF96303B3BD1FBBC12D5DCF3D8F343BD2DD0EA3B5FA0062DC9A426A36DD27FD9C8E76DBB7FFE97BA3B27BDE53B017D7C9DFA6A4354FC95F3DAD99172290423EB507B574D6CEAF38A4AE227FD44541A29560020EA2EC10C5213E1EBC7A686AFA770A09C28E0D1EFB46AD409D2C58B8A4EF2E740957BCE903FF63D0B5E6BCF7E8C2B8F85DB93FC96E78BE2002603FF9AC2ACF368269FE034D6A5F8BFC6249FD140E85E9435C8B03D9390F1D0FD44519C21D174F7901BAB95DE7C91A1BFB9EB1079C584A71392A72768B2C2748145835AE7A5509B3C59539F46B5E0DF6955B84687C454679C9D87198605D78D1B551F502A5ACD915F55C919763C2F1206A0ADD5F651031A76EA0D102D064CBE24F919D3CF333D1EA0E89C1CA9E7D115802FC38757A50C97849D41E03C5F1EB8485CDDB55464E44172B0DE3D4F94A5AD01ECE4D70E17181225418F4205ABA526FA1D8C493749243D626C1D6A3170AD9D7DA551F3642229428803E81782D49355CB6CCEE08AB7583CA3A73354F2942BC6225E07788E542B1E2A9B46724D8A8EE0BE6F79CCDF78B10FC78FF3E15FFBC2EF1FFF4F53A328C7850BC0DAF358823712FF3609B981377D64FD274C578FFE92A6AE74F6F6A37907BD6B71FDA8C492C15BF9F820360709CFE9C5DFB03196120DF85D7D730DBA4CDFC36F2760227A5EAA27AA255935616A3833609B890B2445FC82D7A70B798DCB71E7C5B868AF06577FDDD034B63FF8A5CEEE3A1BBCD4CC61AF7A21D812E5987B35EF262FCCDFE85FF02E21E95C20C66357D8C813C672AFF03D9B4023E94E4397596BEA7F642D14DDA48D455EE0EBC7979D7AAD8994DC9A0DB84F1EE247C71E3D3A5626455CABC9C91BBAA98E2DD96EDA9EC0CDE2130236907A41D227CC515E1B139D278BC9F1DC231BDBDD76C400564D3200B2F61980B679BE9D8BF9D37BA5C0CB681E5054431A61CBF3979F2C65CDC7
-20210513133945 2 6 100 7679 5 FAFDEC5D38380C2FFBEDCDA1262E4817F274B6544BB0A1904CF571375327EDF0105410A3F584F9A15982937EB5A64E30206DA90D66B89BF48EC74E7F40FB957673193875E02B88101A4FE81C47EBCB8451386AAEC6EA69F967310C79D8CC71BE07F669C3094E5F2CD314FF0FDD08256EFDFC03EF43C4704684CEEBBBFC48D48C920B2AC3CC15010D7EE49049D52B12E6E9228BF0482C174747EA40E558D88CACA9F143A496236C120DE560FDD7B2A1175407D333103C025E8EAE424AC5BADA1A354428B451F594BE605000CA3B2773B2D91FEDBBAF2E58DE2F03461A9F8D90B84209F66D7203E92774AB5B83809BAFFCC8D32ACB1B0AD4D1C2D37CED00654FB7517A56FE35CD364967D541D336C0E2CF96303B3BD1FBBC12D5DCF3D8F343BD2DD0EA3B5FA0062DC9A426A36DD27FD9C8E76DBB7FFE97BA3B27BDE53B017D7C9DFA6A4354FC95F3DAD99172290423EB507B574D6CEAF38A4AE227FD44541A29560020EA2EC10C5213E1EBC7A686AFA770A09C28E0D1EFB46AD409D2C58B8A4EF2E740957BCE903FF63D0B5E6BCF7E8C2B8F85DB93FC96E78BE2002603FF9AC2ACF368269FE034D6A5F8BFC6249FD140E85E9435C8B03D9390F1D0FD44519C21D174F7901BAB95DE7C91A1BFB9EB1079C584A71392A72768B2C2748145835AE7A5509B3C59539F46B5E0DF6955B84687C454679C9D87198605D78D1B551F502A5ACD915F55C919763C2F1206A0ADD5F651031A76EA0D102D064CBE24F919D3CF333D1EA0E89C1CA9E7D115802FC38757A50C97849D41E03C5F1EB8485CDDB55464E44172B0DE3D4F94A5AD01ECE4D70E17181225418F4205ABA526FA1D8C493749243D626C1D6A3170AD9D7DA551F3642229428803E81782D49355CB6CCEE08AB7583CA3A73354F2942BC6225E07788E542B1E2A9B46724D8A8EE0BE6F79CCDF78B10FC78FF3E15FFBC2EF1FFF4F53A328C7850BC0DAF358823712FF3609B981377D64FD274C578FFE92A6AE74F6F6A37907BD6B71FDA8C492C15BF9F820360709CFE9C5DFB03196120DF85D7D730DBA4CDFC36F2760227A5EAA27AA255935616A3833609B890B2445FC82D7A70B798DCB71E7C5B868AF06577FDDD034B63FF8A5CEEE3A1BBCD4CC61AF7A21D812E5987B35EF262FCCDFE85FF02E21E95C20C66357D8C813C672AFF03D9B4023E94E4397596BEA7F642D14DDA48D455EE0EBC7979D7AAD8994DC9A0DB84F1EE247C71E3D3A5626455CABC9C91BBAA98E2DD96EDA9EC0CDE2130236907A41D227CC515E1B139D278BC9F1DC231BDBDD76C400564D3200B2F61980B679BE9D8BF9D37BA5C0CB681E5054431A61CBF3979F2DC4BF6F
-20210513144224 2 6 100 8191 2 D352935F33D9BC205912B919A6C5F18F76C30A32F6C0390249B48383BA4F31098BF5B6B2ACE6A745344840435A6C9A0DBF8E268F0463420452610E9A624590DC2CD57490F709DFFC5A54630DE486C73DB3C377B87C919F90BA88A7B41627351E6BEADBA605C2C625833BB95E9F34892A5D15DDF216D1A549FCFA819D7567D99015B1C3944254B87680222859779EA64C26FCEF82F34FE28E765DE3DDBCB9B3664E7896B18B93B9AA3A69944E8CEB93C18F671E2A75D6C1061B23AF8B913911A73099EA5B0F527C054B8A71B335A65CE680F02DC58D27FDBBA83EE263DD9E171B190F1CDB173BF56BB93407074B1899E8D59832EF383BCF6FB145E0F8A4A7484A2F8F4178D0A8DF9B8B920FF1250BF88BE770FD43D7EF2F4B998D86628A676173384FA95CB6B8A2599F8D5BFAA9E7C025CF29A9E1A8818B90CF2568CB8F3C003BC22B873374ACEF560B114B6B3EA0ED1701CE77A34E2723FB377BD67D480E3BF6A4E71763ED85C4E5F034A8E1761B1424AC67CFD1727157A43EEAD2168622F43967A4494E3C3D92E41EF47B7425D13D746CF617F9BB0F7CF04C093261541B6BAD54E3ED418AA1044C21FCC95B3416E6648FC576AECA4A82F2E69CE017A982407FAB0B656B56933908F1FD739686102F68805B8C605CF88952AEE1257382DE39D777527416FBED01472FE9C947AD58968D7FF2847328265584C2E93F7DF92CA891122AF48B9549020D2FAC44913C2DB5DAE20434E477FC5AF527E3D16D13B5586131FA1CC6AB1D522A1EFDA51B84D82BCBC0E76F00E0C790A9C07D0CD81088A6E972BB453B0D72AACF78BE9506B25301A473C0F4E6DF46B6517C73D9809F5319DA70BD22C0C17D90A0A26080E262D9DFB50B21AABFB60D76E655B78B2C4A4EDE0D32CE1BBD3F05F49C12B30DA10A13BAA95F907A1306F4FAFA251D8F6E16B6A5EB177D7777FFAB5A875B3D27D250B496B3EDCF818020A27D1CF30EF135AA50CF05B70D1FBCFAB92C7D0CC17E3AB813D23233BEDB187FAB1406BB9397760F905658A124923E6F97F947EF88572CC3F50F16FC716DEA622F9878462113A5E43CFA165D80B531843CB024CC310FB4FD80788A67ABCADDD99BD5A26D1FDB72FA5DF44C84085D7EA30393ABA8E7CB659489DE64CAECC4E2E6779E80CAC156B5957C30B89F073E97BD013CE3E7D260917C1B3C46F6AF0B77A2109E7A81DBB20745B4FD4B33BCC08FD30F554C5EF9B6E69CBD225A498D2D51CA440B83205DF7AE9020AF2595F3CC648907EA05C2F4063C835606A4598A7E9CF67710332A938B1FF851A6697F9A38FFA2CCF2BBD6A00F8437794DA285A8E298CCF2D5497DCA6065D8E0AD829172FBF4D10F75BE58F97FB2D272DD9B57C5659910BDF70D78C45FDFE135DC75F8DBB69F78EF068CBEA5F9FC8940D45AB9928C9002EA165CBBFFB1974BC3929B
-20210513153319 2 6 100 8191 2 D352935F33D9BC205912B919A6C5F18F76C30A32F6C0390249B48383BA4F31098BF5B6B2ACE6A745344840435A6C9A0DBF8E268F0463420452610E9A624590DC2CD57490F709DFFC5A54630DE486C73DB3C377B87C919F90BA88A7B41627351E6BEADBA605C2C625833BB95E9F34892A5D15DDF216D1A549FCFA819D7567D99015B1C3944254B87680222859779EA64C26FCEF82F34FE28E765DE3DDBCB9B3664E7896B18B93B9AA3A69944E8CEB93C18F671E2A75D6C1061B23AF8B913911A73099EA5B0F527C054B8A71B335A65CE680F02DC58D27FDBBA83EE263DD9E171B190F1CDB173BF56BB93407074B1899E8D59832EF383BCF6FB145E0F8A4A7484A2F8F4178D0A8DF9B8B920FF1250BF88BE770FD43D7EF2F4B998D86628A676173384FA95CB6B8A2599F8D5BFAA9E7C025CF29A9E1A8818B90CF2568CB8F3C003BC22B873374ACEF560B114B6B3EA0ED1701CE77A34E2723FB377BD67D480E3BF6A4E71763ED85C4E5F034A8E1761B1424AC67CFD1727157A43EEAD2168622F43967A4494E3C3D92E41EF47B7425D13D746CF617F9BB0F7CF04C093261541B6BAD54E3ED418AA1044C21FCC95B3416E6648FC576AECA4A82F2E69CE017A982407FAB0B656B56933908F1FD739686102F68805B8C605CF88952AEE1257382DE39D777527416FBED01472FE9C947AD58968D7FF2847328265584C2E93F7DF92CA891122AF48B9549020D2FAC44913C2DB5DAE20434E477FC5AF527E3D16D13B5586131FA1CC6AB1D522A1EFDA51B84D82BCBC0E76F00E0C790A9C07D0CD81088A6E972BB453B0D72AACF78BE9506B25301A473C0F4E6DF46B6517C73D9809F5319DA70BD22C0C17D90A0A26080E262D9DFB50B21AABFB60D76E655B78B2C4A4EDE0D32CE1BBD3F05F49C12B30DA10A13BAA95F907A1306F4FAFA251D8F6E16B6A5EB177D7777FFAB5A875B3D27D250B496B3EDCF818020A27D1CF30EF135AA50CF05B70D1FBCFAB92C7D0CC17E3AB813D23233BEDB187FAB1406BB9397760F905658A124923E6F97F947EF88572CC3F50F16FC716DEA622F9878462113A5E43CFA165D80B531843CB024CC310FB4FD80788A67ABCADDD99BD5A26D1FDB72FA5DF44C84085D7EA30393ABA8E7CB659489DE64CAECC4E2E6779E80CAC156B5957C30B89F073E97BD013CE3E7D260917C1B3C46F6AF0B77A2109E7A81DBB20745B4FD4B33BCC08FD30F554C5EF9B6E69CBD225A498D2D51CA440B83205DF7AE9020AF2595F3CC648907EA05C2F4063C835606A4598A7E9CF67710332A938B1FF851A6697F9A38FFA2CCF2BBD6A00F8437794DA285A8E298CCF2D5497DCA6065D8E0AD829172FBF4D10F75BE58F97FB2D272DD9B57C5659910BDF70D78C45FDFE135DC75F8DBB69F78EF068CBEA5F9FC8940D45AB9928C9002EA165CBBFFB1974F77AE5B
-20210513202423 2 6 100 8191 5 D352935F33D9BC205912B919A6C5F18F76C30A32F6C0390249B48383BA4F31098BF5B6B2ACE6A745344840435A6C9A0DBF8E268F0463420452610E9A624590DC2CD57490F709DFFC5A54630DE486C73DB3C377B87C919F90BA88A7B41627351E6BEADBA605C2C625833BB95E9F34892A5D15DDF216D1A549FCFA819D7567D99015B1C3944254B87680222859779EA64C26FCEF82F34FE28E765DE3DDBCB9B3664E7896B18B93B9AA3A69944E8CEB93C18F671E2A75D6C1061B23AF8B913911A73099EA5B0F527C054B8A71B335A65CE680F02DC58D27FDBBA83EE263DD9E171B190F1CDB173BF56BB93407074B1899E8D59832EF383BCF6FB145E0F8A4A7484A2F8F4178D0A8DF9B8B920FF1250BF88BE770FD43D7EF2F4B998D86628A676173384FA95CB6B8A2599F8D5BFAA9E7C025CF29A9E1A8818B90CF2568CB8F3C003BC22B873374ACEF560B114B6B3EA0ED1701CE77A34E2723FB377BD67D480E3BF6A4E71763ED85C4E5F034A8E1761B1424AC67CFD1727157A43EEAD2168622F43967A4494E3C3D92E41EF47B7425D13D746CF617F9BB0F7CF04C093261541B6BAD54E3ED418AA1044C21FCC95B3416E6648FC576AECA4A82F2E69CE017A982407FAB0B656B56933908F1FD739686102F68805B8C605CF88952AEE1257382DE39D777527416FBED01472FE9C947AD58968D7FF2847328265584C2E93F7DF92CA891122AF48B9549020D2FAC44913C2DB5DAE20434E477FC5AF527E3D16D13B5586131FA1CC6AB1D522A1EFDA51B84D82BCBC0E76F00E0C790A9C07D0CD81088A6E972BB453B0D72AACF78BE9506B25301A473C0F4E6DF46B6517C73D9809F5319DA70BD22C0C17D90A0A26080E262D9DFB50B21AABFB60D76E655B78B2C4A4EDE0D32CE1BBD3F05F49C12B30DA10A13BAA95F907A1306F4FAFA251D8F6E16B6A5EB177D7777FFAB5A875B3D27D250B496B3EDCF818020A27D1CF30EF135AA50CF05B70D1FBCFAB92C7D0CC17E3AB813D23233BEDB187FAB1406BB9397760F905658A124923E6F97F947EF88572CC3F50F16FC716DEA622F9878462113A5E43CFA165D80B531843CB024CC310FB4FD80788A67ABCADDD99BD5A26D1FDB72FA5DF44C84085D7EA30393ABA8E7CB659489DE64CAECC4E2E6779E80CAC156B5957C30B89F073E97BD013CE3E7D260917C1B3C46F6AF0B77A2109E7A81DBB20745B4FD4B33BCC08FD30F554C5EF9B6E69CBD225A498D2D51CA440B83205DF7AE9020AF2595F3CC648907EA05C2F4063C835606A4598A7E9CF67710332A938B1FF851A6697F9A38FFA2CCF2BBD6A00F8437794DA285A8E298CCF2D5497DCA6065D8E0AD829172FBF4D10F75BE58F97FB2D272DD9B57C5659910BDF70D78C45FDFE135DC75F8DBB69F78EF068CBEA5F9FC8940D45AB9928C9002EA165CBBFFB1976458B21F
-20210513231705 2 6 100 8191 5 D352935F33D9BC205912B919A6C5F18F76C30A32F6C0390249B48383BA4F31098BF5B6B2ACE6A745344840435A6C9A0DBF8E268F0463420452610E9A624590DC2CD57490F709DFFC5A54630DE486C73DB3C377B87C919F90BA88A7B41627351E6BEADBA605C2C625833BB95E9F34892A5D15DDF216D1A549FCFA819D7567D99015B1C3944254B87680222859779EA64C26FCEF82F34FE28E765DE3DDBCB9B3664E7896B18B93B9AA3A69944E8CEB93C18F671E2A75D6C1061B23AF8B913911A73099EA5B0F527C054B8A71B335A65CE680F02DC58D27FDBBA83EE263DD9E171B190F1CDB173BF56BB93407074B1899E8D59832EF383BCF6FB145E0F8A4A7484A2F8F4178D0A8DF9B8B920FF1250BF88BE770FD43D7EF2F4B998D86628A676173384FA95CB6B8A2599F8D5BFAA9E7C025CF29A9E1A8818B90CF2568CB8F3C003BC22B873374ACEF560B114B6B3EA0ED1701CE77A34E2723FB377BD67D480E3BF6A4E71763ED85C4E5F034A8E1761B1424AC67CFD1727157A43EEAD2168622F43967A4494E3C3D92E41EF47B7425D13D746CF617F9BB0F7CF04C093261541B6BAD54E3ED418AA1044C21FCC95B3416E6648FC576AECA4A82F2E69CE017A982407FAB0B656B56933908F1FD739686102F68805B8C605CF88952AEE1257382DE39D777527416FBED01472FE9C947AD58968D7FF2847328265584C2E93F7DF92CA891122AF48B9549020D2FAC44913C2DB5DAE20434E477FC5AF527E3D16D13B5586131FA1CC6AB1D522A1EFDA51B84D82BCBC0E76F00E0C790A9C07D0CD81088A6E972BB453B0D72AACF78BE9506B25301A473C0F4E6DF46B6517C73D9809F5319DA70BD22C0C17D90A0A26080E262D9DFB50B21AABFB60D76E655B78B2C4A4EDE0D32CE1BBD3F05F49C12B30DA10A13BAA95F907A1306F4FAFA251D8F6E16B6A5EB177D7777FFAB5A875B3D27D250B496B3EDCF818020A27D1CF30EF135AA50CF05B70D1FBCFAB92C7D0CC17E3AB813D23233BEDB187FAB1406BB9397760F905658A124923E6F97F947EF88572CC3F50F16FC716DEA622F9878462113A5E43CFA165D80B531843CB024CC310FB4FD80788A67ABCADDD99BD5A26D1FDB72FA5DF44C84085D7EA30393ABA8E7CB659489DE64CAECC4E2E6779E80CAC156B5957C30B89F073E97BD013CE3E7D260917C1B3C46F6AF0B77A2109E7A81DBB20745B4FD4B33BCC08FD30F554C5EF9B6E69CBD225A498D2D51CA440B83205DF7AE9020AF2595F3CC648907EA05C2F4063C835606A4598A7E9CF67710332A938B1FF851A6697F9A38FFA2CCF2BBD6A00F8437794DA285A8E298CCF2D5497DCA6065D8E0AD829172FBF4D10F75BE58F97FB2D272DD9B57C5659910BDF70D78C45FDFE135DC75F8DBB69F78EF068CBEA5F9FC8940D45AB9928C9002EA165CBBFFB197705C37B7
-20210513233042 2 6 100 8191 2 D352935F33D9BC205912B919A6C5F18F76C30A32F6C0390249B48383BA4F31098BF5B6B2ACE6A745344840435A6C9A0DBF8E268F0463420452610E9A624590DC2CD57490F709DFFC5A54630DE486C73DB3C377B87C919F90BA88A7B41627351E6BEADBA605C2C625833BB95E9F34892A5D15DDF216D1A549FCFA819D7567D99015B1C3944254B87680222859779EA64C26FCEF82F34FE28E765DE3DDBCB9B3664E7896B18B93B9AA3A69944E8CEB93C18F671E2A75D6C1061B23AF8B913911A73099EA5B0F527C054B8A71B335A65CE680F02DC58D27FDBBA83EE263DD9E171B190F1CDB173BF56BB93407074B1899E8D59832EF383BCF6FB145E0F8A4A7484A2F8F4178D0A8DF9B8B920FF1250BF88BE770FD43D7EF2F4B998D86628A676173384FA95CB6B8A2599F8D5BFAA9E7C025CF29A9E1A8818B90CF2568CB8F3C003BC22B873374ACEF560B114B6B3EA0ED1701CE77A34E2723FB377BD67D480E3BF6A4E71763ED85C4E5F034A8E1761B1424AC67CFD1727157A43EEAD2168622F43967A4494E3C3D92E41EF47B7425D13D746CF617F9BB0F7CF04C093261541B6BAD54E3ED418AA1044C21FCC95B3416E6648FC576AECA4A82F2E69CE017A982407FAB0B656B56933908F1FD739686102F68805B8C605CF88952AEE1257382DE39D777527416FBED01472FE9C947AD58968D7FF2847328265584C2E93F7DF92CA891122AF48B9549020D2FAC44913C2DB5DAE20434E477FC5AF527E3D16D13B5586131FA1CC6AB1D522A1EFDA51B84D82BCBC0E76F00E0C790A9C07D0CD81088A6E972BB453B0D72AACF78BE9506B25301A473C0F4E6DF46B6517C73D9809F5319DA70BD22C0C17D90A0A26080E262D9DFB50B21AABFB60D76E655B78B2C4A4EDE0D32CE1BBD3F05F49C12B30DA10A13BAA95F907A1306F4FAFA251D8F6E16B6A5EB177D7777FFAB5A875B3D27D250B496B3EDCF818020A27D1CF30EF135AA50CF05B70D1FBCFAB92C7D0CC17E3AB813D23233BEDB187FAB1406BB9397760F905658A124923E6F97F947EF88572CC3F50F16FC716DEA622F9878462113A5E43CFA165D80B531843CB024CC310FB4FD80788A67ABCADDD99BD5A26D1FDB72FA5DF44C84085D7EA30393ABA8E7CB659489DE64CAECC4E2E6779E80CAC156B5957C30B89F073E97BD013CE3E7D260917C1B3C46F6AF0B77A2109E7A81DBB20745B4FD4B33BCC08FD30F554C5EF9B6E69CBD225A498D2D51CA440B83205DF7AE9020AF2595F3CC648907EA05C2F4063C835606A4598A7E9CF67710332A938B1FF851A6697F9A38FFA2CCF2BBD6A00F8437794DA285A8E298CCF2D5497DCA6065D8E0AD829172FBF4D10F75BE58F97FB2D272DD9B57C5659910BDF70D78C45FDFE135DC75F8DBB69F78EF068CBEA5F9FC8940D45AB9928C9002EA165CBBFFB1977149F50B
-20210513233427 2 6 100 8191 2 D352935F33D9BC205912B919A6C5F18F76C30A32F6C0390249B48383BA4F31098BF5B6B2ACE6A745344840435A6C9A0DBF8E268F0463420452610E9A624590DC2CD57490F709DFFC5A54630DE486C73DB3C377B87C919F90BA88A7B41627351E6BEADBA605C2C625833BB95E9F34892A5D15DDF216D1A549FCFA819D7567D99015B1C3944254B87680222859779EA64C26FCEF82F34FE28E765DE3DDBCB9B3664E7896B18B93B9AA3A69944E8CEB93C18F671E2A75D6C1061B23AF8B913911A73099EA5B0F527C054B8A71B335A65CE680F02DC58D27FDBBA83EE263DD9E171B190F1CDB173BF56BB93407074B1899E8D59832EF383BCF6FB145E0F8A4A7484A2F8F4178D0A8DF9B8B920FF1250BF88BE770FD43D7EF2F4B998D86628A676173384FA95CB6B8A2599F8D5BFAA9E7C025CF29A9E1A8818B90CF2568CB8F3C003BC22B873374ACEF560B114B6B3EA0ED1701CE77A34E2723FB377BD67D480E3BF6A4E71763ED85C4E5F034A8E1761B1424AC67CFD1727157A43EEAD2168622F43967A4494E3C3D92E41EF47B7425D13D746CF617F9BB0F7CF04C093261541B6BAD54E3ED418AA1044C21FCC95B3416E6648FC576AECA4A82F2E69CE017A982407FAB0B656B56933908F1FD739686102F68805B8C605CF88952AEE1257382DE39D777527416FBED01472FE9C947AD58968D7FF2847328265584C2E93F7DF92CA891122AF48B9549020D2FAC44913C2DB5DAE20434E477FC5AF527E3D16D13B5586131FA1CC6AB1D522A1EFDA51B84D82BCBC0E76F00E0C790A9C07D0CD81088A6E972BB453B0D72AACF78BE9506B25301A473C0F4E6DF46B6517C73D9809F5319DA70BD22C0C17D90A0A26080E262D9DFB50B21AABFB60D76E655B78B2C4A4EDE0D32CE1BBD3F05F49C12B30DA10A13BAA95F907A1306F4FAFA251D8F6E16B6A5EB177D7777FFAB5A875B3D27D250B496B3EDCF818020A27D1CF30EF135AA50CF05B70D1FBCFAB92C7D0CC17E3AB813D23233BEDB187FAB1406BB9397760F905658A124923E6F97F947EF88572CC3F50F16FC716DEA622F9878462113A5E43CFA165D80B531843CB024CC310FB4FD80788A67ABCADDD99BD5A26D1FDB72FA5DF44C84085D7EA30393ABA8E7CB659489DE64CAECC4E2E6779E80CAC156B5957C30B89F073E97BD013CE3E7D260917C1B3C46F6AF0B77A2109E7A81DBB20745B4FD4B33BCC08FD30F554C5EF9B6E69CBD225A498D2D51CA440B83205DF7AE9020AF2595F3CC648907EA05C2F4063C835606A4598A7E9CF67710332A938B1FF851A6697F9A38FFA2CCF2BBD6A00F8437794DA285A8E298CCF2D5497DCA6065D8E0AD829172FBF4D10F75BE58F97FB2D272DD9B57C5659910BDF70D78C45FDFE135DC75F8DBB69F78EF068CBEA5F9FC8940D45AB9928C9002EA165CBBFFB197718133B3
-20210514021221 2 6 100 8191 2 D352935F33D9BC205912B919A6C5F18F76C30A32F6C0390249B48383BA4F31098BF5B6B2ACE6A745344840435A6C9A0DBF8E268F0463420452610E9A624590DC2CD57490F709DFFC5A54630DE486C73DB3C377B87C919F90BA88A7B41627351E6BEADBA605C2C625833BB95E9F34892A5D15DDF216D1A549FCFA819D7567D99015B1C3944254B87680222859779EA64C26FCEF82F34FE28E765DE3DDBCB9B3664E7896B18B93B9AA3A69944E8CEB93C18F671E2A75D6C1061B23AF8B913911A73099EA5B0F527C054B8A71B335A65CE680F02DC58D27FDBBA83EE263DD9E171B190F1CDB173BF56BB93407074B1899E8D59832EF383BCF6FB145E0F8A4A7484A2F8F4178D0A8DF9B8B920FF1250BF88BE770FD43D7EF2F4B998D86628A676173384FA95CB6B8A2599F8D5BFAA9E7C025CF29A9E1A8818B90CF2568CB8F3C003BC22B873374ACEF560B114B6B3EA0ED1701CE77A34E2723FB377BD67D480E3BF6A4E71763ED85C4E5F034A8E1761B1424AC67CFD1727157A43EEAD2168622F43967A4494E3C3D92E41EF47B7425D13D746CF617F9BB0F7CF04C093261541B6BAD54E3ED418AA1044C21FCC95B3416E6648FC576AECA4A82F2E69CE017A982407FAB0B656B56933908F1FD739686102F68805B8C605CF88952AEE1257382DE39D777527416FBED01472FE9C947AD58968D7FF2847328265584C2E93F7DF92CA891122AF48B9549020D2FAC44913C2DB5DAE20434E477FC5AF527E3D16D13B5586131FA1CC6AB1D522A1EFDA51B84D82BCBC0E76F00E0C790A9C07D0CD81088A6E972BB453B0D72AACF78BE9506B25301A473C0F4E6DF46B6517C73D9809F5319DA70BD22C0C17D90A0A26080E262D9DFB50B21AABFB60D76E655B78B2C4A4EDE0D32CE1BBD3F05F49C12B30DA10A13BAA95F907A1306F4FAFA251D8F6E16B6A5EB177D7777FFAB5A875B3D27D250B496B3EDCF818020A27D1CF30EF135AA50CF05B70D1FBCFAB92C7D0CC17E3AB813D23233BEDB187FAB1406BB9397760F905658A124923E6F97F947EF88572CC3F50F16FC716DEA622F9878462113A5E43CFA165D80B531843CB024CC310FB4FD80788A67ABCADDD99BD5A26D1FDB72FA5DF44C84085D7EA30393ABA8E7CB659489DE64CAECC4E2E6779E80CAC156B5957C30B89F073E97BD013CE3E7D260917C1B3C46F6AF0B77A2109E7A81DBB20745B4FD4B33BCC08FD30F554C5EF9B6E69CBD225A498D2D51CA440B83205DF7AE9020AF2595F3CC648907EA05C2F4063C835606A4598A7E9CF67710332A938B1FF851A6697F9A38FFA2CCF2BBD6A00F8437794DA285A8E298CCF2D5497DCA6065D8E0AD829172FBF4D10F75BE58F97FB2D272DD9B57C5659910BDF70D78C45FDFE135DC75F8DBB69F78EF068CBEA5F9FC8940D45AB9928C9002EA165CBBFFB1977C49F803
-20210514033618 2 6 100 8191 2 D352935F33D9BC205912B919A6C5F18F76C30A32F6C0390249B48383BA4F31098BF5B6B2ACE6A745344840435A6C9A0DBF8E268F0463420452610E9A624590DC2CD57490F709DFFC5A54630DE486C73DB3C377B87C919F90BA88A7B41627351E6BEADBA605C2C625833BB95E9F34892A5D15DDF216D1A549FCFA819D7567D99015B1C3944254B87680222859779EA64C26FCEF82F34FE28E765DE3DDBCB9B3664E7896B18B93B9AA3A69944E8CEB93C18F671E2A75D6C1061B23AF8B913911A73099EA5B0F527C054B8A71B335A65CE680F02DC58D27FDBBA83EE263DD9E171B190F1CDB173BF56BB93407074B1899E8D59832EF383BCF6FB145E0F8A4A7484A2F8F4178D0A8DF9B8B920FF1250BF88BE770FD43D7EF2F4B998D86628A676173384FA95CB6B8A2599F8D5BFAA9E7C025CF29A9E1A8818B90CF2568CB8F3C003BC22B873374ACEF560B114B6B3EA0ED1701CE77A34E2723FB377BD67D480E3BF6A4E71763ED85C4E5F034A8E1761B1424AC67CFD1727157A43EEAD2168622F43967A4494E3C3D92E41EF47B7425D13D746CF617F9BB0F7CF04C093261541B6BAD54E3ED418AA1044C21FCC95B3416E6648FC576AECA4A82F2E69CE017A982407FAB0B656B56933908F1FD739686102F68805B8C605CF88952AEE1257382DE39D777527416FBED01472FE9C947AD58968D7FF2847328265584C2E93F7DF92CA891122AF48B9549020D2FAC44913C2DB5DAE20434E477FC5AF527E3D16D13B5586131FA1CC6AB1D522A1EFDA51B84D82BCBC0E76F00E0C790A9C07D0CD81088A6E972BB453B0D72AACF78BE9506B25301A473C0F4E6DF46B6517C73D9809F5319DA70BD22C0C17D90A0A26080E262D9DFB50B21AABFB60D76E655B78B2C4A4EDE0D32CE1BBD3F05F49C12B30DA10A13BAA95F907A1306F4FAFA251D8F6E16B6A5EB177D7777FFAB5A875B3D27D250B496B3EDCF818020A27D1CF30EF135AA50CF05B70D1FBCFAB92C7D0CC17E3AB813D23233BEDB187FAB1406BB9397760F905658A124923E6F97F947EF88572CC3F50F16FC716DEA622F9878462113A5E43CFA165D80B531843CB024CC310FB4FD80788A67ABCADDD99BD5A26D1FDB72FA5DF44C84085D7EA30393ABA8E7CB659489DE64CAECC4E2E6779E80CAC156B5957C30B89F073E97BD013CE3E7D260917C1B3C46F6AF0B77A2109E7A81DBB20745B4FD4B33BCC08FD30F554C5EF9B6E69CBD225A498D2D51CA440B83205DF7AE9020AF2595F3CC648907EA05C2F4063C835606A4598A7E9CF67710332A938B1FF851A6697F9A38FFA2CCF2BBD6A00F8437794DA285A8E298CCF2D5497DCA6065D8E0AD829172FBF4D10F75BE58F97FB2D272DD9B57C5659910BDF70D78C45FDFE135DC75F8DBB69F78EF068CBEA5F9FC8940D45AB9928C9002EA165CBBFFB19781E711FB
-20210514034136 2 6 100 8191 2 D352935F33D9BC205912B919A6C5F18F76C30A32F6C0390249B48383BA4F31098BF5B6B2ACE6A745344840435A6C9A0DBF8E268F0463420452610E9A624590DC2CD57490F709DFFC5A54630DE486C73DB3C377B87C919F90BA88A7B41627351E6BEADBA605C2C625833BB95E9F34892A5D15DDF216D1A549FCFA819D7567D99015B1C3944254B87680222859779EA64C26FCEF82F34FE28E765DE3DDBCB9B3664E7896B18B93B9AA3A69944E8CEB93C18F671E2A75D6C1061B23AF8B913911A73099EA5B0F527C054B8A71B335A65CE680F02DC58D27FDBBA83EE263DD9E171B190F1CDB173BF56BB93407074B1899E8D59832EF383BCF6FB145E0F8A4A7484A2F8F4178D0A8DF9B8B920FF1250BF88BE770FD43D7EF2F4B998D86628A676173384FA95CB6B8A2599F8D5BFAA9E7C025CF29A9E1A8818B90CF2568CB8F3C003BC22B873374ACEF560B114B6B3EA0ED1701CE77A34E2723FB377BD67D480E3BF6A4E71763ED85C4E5F034A8E1761B1424AC67CFD1727157A43EEAD2168622F43967A4494E3C3D92E41EF47B7425D13D746CF617F9BB0F7CF04C093261541B6BAD54E3ED418AA1044C21FCC95B3416E6648FC576AECA4A82F2E69CE017A982407FAB0B656B56933908F1FD739686102F68805B8C605CF88952AEE1257382DE39D777527416FBED01472FE9C947AD58968D7FF2847328265584C2E93F7DF92CA891122AF48B9549020D2FAC44913C2DB5DAE20434E477FC5AF527E3D16D13B5586131FA1CC6AB1D522A1EFDA51B84D82BCBC0E76F00E0C790A9C07D0CD81088A6E972BB453B0D72AACF78BE9506B25301A473C0F4E6DF46B6517C73D9809F5319DA70BD22C0C17D90A0A26080E262D9DFB50B21AABFB60D76E655B78B2C4A4EDE0D32CE1BBD3F05F49C12B30DA10A13BAA95F907A1306F4FAFA251D8F6E16B6A5EB177D7777FFAB5A875B3D27D250B496B3EDCF818020A27D1CF30EF135AA50CF05B70D1FBCFAB92C7D0CC17E3AB813D23233BEDB187FAB1406BB9397760F905658A124923E6F97F947EF88572CC3F50F16FC716DEA622F9878462113A5E43CFA165D80B531843CB024CC310FB4FD80788A67ABCADDD99BD5A26D1FDB72FA5DF44C84085D7EA30393ABA8E7CB659489DE64CAECC4E2E6779E80CAC156B5957C30B89F073E97BD013CE3E7D260917C1B3C46F6AF0B77A2109E7A81DBB20745B4FD4B33BCC08FD30F554C5EF9B6E69CBD225A498D2D51CA440B83205DF7AE9020AF2595F3CC648907EA05C2F4063C835606A4598A7E9CF67710332A938B1FF851A6697F9A38FFA2CCF2BBD6A00F8437794DA285A8E298CCF2D5497DCA6065D8E0AD829172FBF4D10F75BE58F97FB2D272DD9B57C5659910BDF70D78C45FDFE135DC75F8DBB69F78EF068CBEA5F9FC8940D45AB9928C9002EA165CBBFFB1978239BC2B
-20210514061321 2 6 100 8191 2 D352935F33D9BC205912B919A6C5F18F76C30A32F6C0390249B48383BA4F31098BF5B6B2ACE6A745344840435A6C9A0DBF8E268F0463420452610E9A624590DC2CD57490F709DFFC5A54630DE486C73DB3C377B87C919F90BA88A7B41627351E6BEADBA605C2C625833BB95E9F34892A5D15DDF216D1A549FCFA819D7567D99015B1C3944254B87680222859779EA64C26FCEF82F34FE28E765DE3DDBCB9B3664E7896B18B93B9AA3A69944E8CEB93C18F671E2A75D6C1061B23AF8B913911A73099EA5B0F527C054B8A71B335A65CE680F02DC58D27FDBBA83EE263DD9E171B190F1CDB173BF56BB93407074B1899E8D59832EF383BCF6FB145E0F8A4A7484A2F8F4178D0A8DF9B8B920FF1250BF88BE770FD43D7EF2F4B998D86628A676173384FA95CB6B8A2599F8D5BFAA9E7C025CF29A9E1A8818B90CF2568CB8F3C003BC22B873374ACEF560B114B6B3EA0ED1701CE77A34E2723FB377BD67D480E3BF6A4E71763ED85C4E5F034A8E1761B1424AC67CFD1727157A43EEAD2168622F43967A4494E3C3D92E41EF47B7425D13D746CF617F9BB0F7CF04C093261541B6BAD54E3ED418AA1044C21FCC95B3416E6648FC576AECA4A82F2E69CE017A982407FAB0B656B56933908F1FD739686102F68805B8C605CF88952AEE1257382DE39D777527416FBED01472FE9C947AD58968D7FF2847328265584C2E93F7DF92CA891122AF48B9549020D2FAC44913C2DB5DAE20434E477FC5AF527E3D16D13B5586131FA1CC6AB1D522A1EFDA51B84D82BCBC0E76F00E0C790A9C07D0CD81088A6E972BB453B0D72AACF78BE9506B25301A473C0F4E6DF46B6517C73D9809F5319DA70BD22C0C17D90A0A26080E262D9DFB50B21AABFB60D76E655B78B2C4A4EDE0D32CE1BBD3F05F49C12B30DA10A13BAA95F907A1306F4FAFA251D8F6E16B6A5EB177D7777FFAB5A875B3D27D250B496B3EDCF818020A27D1CF30EF135AA50CF05B70D1FBCFAB92C7D0CC17E3AB813D23233BEDB187FAB1406BB9397760F905658A124923E6F97F947EF88572CC3F50F16FC716DEA622F9878462113A5E43CFA165D80B531843CB024CC310FB4FD80788A67ABCADDD99BD5A26D1FDB72FA5DF44C84085D7EA30393ABA8E7CB659489DE64CAECC4E2E6779E80CAC156B5957C30B89F073E97BD013CE3E7D260917C1B3C46F6AF0B77A2109E7A81DBB20745B4FD4B33BCC08FD30F554C5EF9B6E69CBD225A498D2D51CA440B83205DF7AE9020AF2595F3CC648907EA05C2F4063C835606A4598A7E9CF67710332A938B1FF851A6697F9A38FFA2CCF2BBD6A00F8437794DA285A8E298CCF2D5497DCA6065D8E0AD829172FBF4D10F75BE58F97FB2D272DD9B57C5659910BDF70D78C45FDFE135DC75F8DBB69F78EF068CBEA5F9FC8940D45AB9928C9002EA165CBBFFB1978C43CECB
-20210514081550 2 6 100 8191 2 D352935F33D9BC205912B919A6C5F18F76C30A32F6C0390249B48383BA4F31098BF5B6B2ACE6A745344840435A6C9A0DBF8E268F0463420452610E9A624590DC2CD57490F709DFFC5A54630DE486C73DB3C377B87C919F90BA88A7B41627351E6BEADBA605C2C625833BB95E9F34892A5D15DDF216D1A549FCFA819D7567D99015B1C3944254B87680222859779EA64C26FCEF82F34FE28E765DE3DDBCB9B3664E7896B18B93B9AA3A69944E8CEB93C18F671E2A75D6C1061B23AF8B913911A73099EA5B0F527C054B8A71B335A65CE680F02DC58D27FDBBA83EE263DD9E171B190F1CDB173BF56BB93407074B1899E8D59832EF383BCF6FB145E0F8A4A7484A2F8F4178D0A8DF9B8B920FF1250BF88BE770FD43D7EF2F4B998D86628A676173384FA95CB6B8A2599F8D5BFAA9E7C025CF29A9E1A8818B90CF2568CB8F3C003BC22B873374ACEF560B114B6B3EA0ED1701CE77A34E2723FB377BD67D480E3BF6A4E71763ED85C4E5F034A8E1761B1424AC67CFD1727157A43EEAD2168622F43967A4494E3C3D92E41EF47B7425D13D746CF617F9BB0F7CF04C093261541B6BAD54E3ED418AA1044C21FCC95B3416E6648FC576AECA4A82F2E69CE017A982407FAB0B656B56933908F1FD739686102F68805B8C605CF88952AEE1257382DE39D777527416FBED01472FE9C947AD58968D7FF2847328265584C2E93F7DF92CA891122AF48B9549020D2FAC44913C2DB5DAE20434E477FC5AF527E3D16D13B5586131FA1CC6AB1D522A1EFDA51B84D82BCBC0E76F00E0C790A9C07D0CD81088A6E972BB453B0D72AACF78BE9506B25301A473C0F4E6DF46B6517C73D9809F5319DA70BD22C0C17D90A0A26080E262D9DFB50B21AABFB60D76E655B78B2C4A4EDE0D32CE1BBD3F05F49C12B30DA10A13BAA95F907A1306F4FAFA251D8F6E16B6A5EB177D7777FFAB5A875B3D27D250B496B3EDCF818020A27D1CF30EF135AA50CF05B70D1FBCFAB92C7D0CC17E3AB813D23233BEDB187FAB1406BB9397760F905658A124923E6F97F947EF88572CC3F50F16FC716DEA622F9878462113A5E43CFA165D80B531843CB024CC310FB4FD80788A67ABCADDD99BD5A26D1FDB72FA5DF44C84085D7EA30393ABA8E7CB659489DE64CAECC4E2E6779E80CAC156B5957C30B89F073E97BD013CE3E7D260917C1B3C46F6AF0B77A2109E7A81DBB20745B4FD4B33BCC08FD30F554C5EF9B6E69CBD225A498D2D51CA440B83205DF7AE9020AF2595F3CC648907EA05C2F4063C835606A4598A7E9CF67710332A938B1FF851A6697F9A38FFA2CCF2BBD6A00F8437794DA285A8E298CCF2D5497DCA6065D8E0AD829172FBF4D10F75BE58F97FB2D272DD9B57C5659910BDF70D78C45FDFE135DC75F8DBB69F78EF068CBEA5F9FC8940D45AB9928C9002EA165CBBFFB1979429D64B
-20210514112414 2 6 100 8191 2 D352935F33D9BC205912B919A6C5F18F76C30A32F6C0390249B48383BA4F31098BF5B6B2ACE6A745344840435A6C9A0DBF8E268F0463420452610E9A624590DC2CD57490F709DFFC5A54630DE486C73DB3C377B87C919F90BA88A7B41627351E6BEADBA605C2C625833BB95E9F34892A5D15DDF216D1A549FCFA819D7567D99015B1C3944254B87680222859779EA64C26FCEF82F34FE28E765DE3DDBCB9B3664E7896B18B93B9AA3A69944E8CEB93C18F671E2A75D6C1061B23AF8B913911A73099EA5B0F527C054B8A71B335A65CE680F02DC58D27FDBBA83EE263DD9E171B190F1CDB173BF56BB93407074B1899E8D59832EF383BCF6FB145E0F8A4A7484A2F8F4178D0A8DF9B8B920FF1250BF88BE770FD43D7EF2F4B998D86628A676173384FA95CB6B8A2599F8D5BFAA9E7C025CF29A9E1A8818B90CF2568CB8F3C003BC22B873374ACEF560B114B6B3EA0ED1701CE77A34E2723FB377BD67D480E3BF6A4E71763ED85C4E5F034A8E1761B1424AC67CFD1727157A43EEAD2168622F43967A4494E3C3D92E41EF47B7425D13D746CF617F9BB0F7CF04C093261541B6BAD54E3ED418AA1044C21FCC95B3416E6648FC576AECA4A82F2E69CE017A982407FAB0B656B56933908F1FD739686102F68805B8C605CF88952AEE1257382DE39D777527416FBED01472FE9C947AD58968D7FF2847328265584C2E93F7DF92CA891122AF48B9549020D2FAC44913C2DB5DAE20434E477FC5AF527E3D16D13B5586131FA1CC6AB1D522A1EFDA51B84D82BCBC0E76F00E0C790A9C07D0CD81088A6E972BB453B0D72AACF78BE9506B25301A473C0F4E6DF46B6517C73D9809F5319DA70BD22C0C17D90A0A26080E262D9DFB50B21AABFB60D76E655B78B2C4A4EDE0D32CE1BBD3F05F49C12B30DA10A13BAA95F907A1306F4FAFA251D8F6E16B6A5EB177D7777FFAB5A875B3D27D250B496B3EDCF818020A27D1CF30EF135AA50CF05B70D1FBCFAB92C7D0CC17E3AB813D23233BEDB187FAB1406BB9397760F905658A124923E6F97F947EF88572CC3F50F16FC716DEA622F9878462113A5E43CFA165D80B531843CB024CC310FB4FD80788A67ABCADDD99BD5A26D1FDB72FA5DF44C84085D7EA30393ABA8E7CB659489DE64CAECC4E2E6779E80CAC156B5957C30B89F073E97BD013CE3E7D260917C1B3C46F6AF0B77A2109E7A81DBB20745B4FD4B33BCC08FD30F554C5EF9B6E69CBD225A498D2D51CA440B83205DF7AE9020AF2595F3CC648907EA05C2F4063C835606A4598A7E9CF67710332A938B1FF851A6697F9A38FFA2CCF2BBD6A00F8437794DA285A8E298CCF2D5497DCA6065D8E0AD829172FBF4D10F75BE58F97FB2D272DD9B57C5659910BDF70D78C45FDFE135DC75F8DBB69F78EF068CBEA5F9FC8940D45AB9928C9002EA165CBBFFB197A0360BD3
-20210514115310 2 6 100 8191 5 D352935F33D9BC205912B919A6C5F18F76C30A32F6C0390249B48383BA4F31098BF5B6B2ACE6A745344840435A6C9A0DBF8E268F0463420452610E9A624590DC2CD57490F709DFFC5A54630DE486C73DB3C377B87C919F90BA88A7B41627351E6BEADBA605C2C625833BB95E9F34892A5D15DDF216D1A549FCFA819D7567D99015B1C3944254B87680222859779EA64C26FCEF82F34FE28E765DE3DDBCB9B3664E7896B18B93B9AA3A69944E8CEB93C18F671E2A75D6C1061B23AF8B913911A73099EA5B0F527C054B8A71B335A65CE680F02DC58D27FDBBA83EE263DD9E171B190F1CDB173BF56BB93407074B1899E8D59832EF383BCF6FB145E0F8A4A7484A2F8F4178D0A8DF9B8B920FF1250BF88BE770FD43D7EF2F4B998D86628A676173384FA95CB6B8A2599F8D5BFAA9E7C025CF29A9E1A8818B90CF2568CB8F3C003BC22B873374ACEF560B114B6B3EA0ED1701CE77A34E2723FB377BD67D480E3BF6A4E71763ED85C4E5F034A8E1761B1424AC67CFD1727157A43EEAD2168622F43967A4494E3C3D92E41EF47B7425D13D746CF617F9BB0F7CF04C093261541B6BAD54E3ED418AA1044C21FCC95B3416E6648FC576AECA4A82F2E69CE017A982407FAB0B656B56933908F1FD739686102F68805B8C605CF88952AEE1257382DE39D777527416FBED01472FE9C947AD58968D7FF2847328265584C2E93F7DF92CA891122AF48B9549020D2FAC44913C2DB5DAE20434E477FC5AF527E3D16D13B5586131FA1CC6AB1D522A1EFDA51B84D82BCBC0E76F00E0C790A9C07D0CD81088A6E972BB453B0D72AACF78BE9506B25301A473C0F4E6DF46B6517C73D9809F5319DA70BD22C0C17D90A0A26080E262D9DFB50B21AABFB60D76E655B78B2C4A4EDE0D32CE1BBD3F05F49C12B30DA10A13BAA95F907A1306F4FAFA251D8F6E16B6A5EB177D7777FFAB5A875B3D27D250B496B3EDCF818020A27D1CF30EF135AA50CF05B70D1FBCFAB92C7D0CC17E3AB813D23233BEDB187FAB1406BB9397760F905658A124923E6F97F947EF88572CC3F50F16FC716DEA622F9878462113A5E43CFA165D80B531843CB024CC310FB4FD80788A67ABCADDD99BD5A26D1FDB72FA5DF44C84085D7EA30393ABA8E7CB659489DE64CAECC4E2E6779E80CAC156B5957C30B89F073E97BD013CE3E7D260917C1B3C46F6AF0B77A2109E7A81DBB20745B4FD4B33BCC08FD30F554C5EF9B6E69CBD225A498D2D51CA440B83205DF7AE9020AF2595F3CC648907EA05C2F4063C835606A4598A7E9CF67710332A938B1FF851A6697F9A38FFA2CCF2BBD6A00F8437794DA285A8E298CCF2D5497DCA6065D8E0AD829172FBF4D10F75BE58F97FB2D272DD9B57C5659910BDF70D78C45FDFE135DC75F8DBB69F78EF068CBEA5F9FC8940D45AB9928C9002EA165CBBFFB197A2059F5F
-20210514125653 2 6 100 8191 2 D352935F33D9BC205912B919A6C5F18F76C30A32F6C0390249B48383BA4F31098BF5B6B2ACE6A745344840435A6C9A0DBF8E268F0463420452610E9A624590DC2CD57490F709DFFC5A54630DE486C73DB3C377B87C919F90BA88A7B41627351E6BEADBA605C2C625833BB95E9F34892A5D15DDF216D1A549FCFA819D7567D99015B1C3944254B87680222859779EA64C26FCEF82F34FE28E765DE3DDBCB9B3664E7896B18B93B9AA3A69944E8CEB93C18F671E2A75D6C1061B23AF8B913911A73099EA5B0F527C054B8A71B335A65CE680F02DC58D27FDBBA83EE263DD9E171B190F1CDB173BF56BB93407074B1899E8D59832EF383BCF6FB145E0F8A4A7484A2F8F4178D0A8DF9B8B920FF1250BF88BE770FD43D7EF2F4B998D86628A676173384FA95CB6B8A2599F8D5BFAA9E7C025CF29A9E1A8818B90CF2568CB8F3C003BC22B873374ACEF560B114B6B3EA0ED1701CE77A34E2723FB377BD67D480E3BF6A4E71763ED85C4E5F034A8E1761B1424AC67CFD1727157A43EEAD2168622F43967A4494E3C3D92E41EF47B7425D13D746CF617F9BB0F7CF04C093261541B6BAD54E3ED418AA1044C21FCC95B3416E6648FC576AECA4A82F2E69CE017A982407FAB0B656B56933908F1FD739686102F68805B8C605CF88952AEE1257382DE39D777527416FBED01472FE9C947AD58968D7FF2847328265584C2E93F7DF92CA891122AF48B9549020D2FAC44913C2DB5DAE20434E477FC5AF527E3D16D13B5586131FA1CC6AB1D522A1EFDA51B84D82BCBC0E76F00E0C790A9C07D0CD81088A6E972BB453B0D72AACF78BE9506B25301A473C0F4E6DF46B6517C73D9809F5319DA70BD22C0C17D90A0A26080E262D9DFB50B21AABFB60D76E655B78B2C4A4EDE0D32CE1BBD3F05F49C12B30DA10A13BAA95F907A1306F4FAFA251D8F6E16B6A5EB177D7777FFAB5A875B3D27D250B496B3EDCF818020A27D1CF30EF135AA50CF05B70D1FBCFAB92C7D0CC17E3AB813D23233BEDB187FAB1406BB9397760F905658A124923E6F97F947EF88572CC3F50F16FC716DEA622F9878462113A5E43CFA165D80B531843CB024CC310FB4FD80788A67ABCADDD99BD5A26D1FDB72FA5DF44C84085D7EA30393ABA8E7CB659489DE64CAECC4E2E6779E80CAC156B5957C30B89F073E97BD013CE3E7D260917C1B3C46F6AF0B77A2109E7A81DBB20745B4FD4B33BCC08FD30F554C5EF9B6E69CBD225A498D2D51CA440B83205DF7AE9020AF2595F3CC648907EA05C2F4063C835606A4598A7E9CF67710332A938B1FF851A6697F9A38FFA2CCF2BBD6A00F8437794DA285A8E298CCF2D5497DCA6065D8E0AD829172FBF4D10F75BE58F97FB2D272DD9B57C5659910BDF70D78C45FDFE135DC75F8DBB69F78EF068CBEA5F9FC8940D45AB9928C9002EA165CBBFFB197A6070053
-20210514135322 2 6 100 8191 5 D352935F33D9BC205912B919A6C5F18F76C30A32F6C0390249B48383BA4F31098BF5B6B2ACE6A745344840435A6C9A0DBF8E268F0463420452610E9A624590DC2CD57490F709DFFC5A54630DE486C73DB3C377B87C919F90BA88A7B41627351E6BEADBA605C2C625833BB95E9F34892A5D15DDF216D1A549FCFA819D7567D99015B1C3944254B87680222859779EA64C26FCEF82F34FE28E765DE3DDBCB9B3664E7896B18B93B9AA3A69944E8CEB93C18F671E2A75D6C1061B23AF8B913911A73099EA5B0F527C054B8A71B335A65CE680F02DC58D27FDBBA83EE263DD9E171B190F1CDB173BF56BB93407074B1899E8D59832EF383BCF6FB145E0F8A4A7484A2F8F4178D0A8DF9B8B920FF1250BF88BE770FD43D7EF2F4B998D86628A676173384FA95CB6B8A2599F8D5BFAA9E7C025CF29A9E1A8818B90CF2568CB8F3C003BC22B873374ACEF560B114B6B3EA0ED1701CE77A34E2723FB377BD67D480E3BF6A4E71763ED85C4E5F034A8E1761B1424AC67CFD1727157A43EEAD2168622F43967A4494E3C3D92E41EF47B7425D13D746CF617F9BB0F7CF04C093261541B6BAD54E3ED418AA1044C21FCC95B3416E6648FC576AECA4A82F2E69CE017A982407FAB0B656B56933908F1FD739686102F68805B8C605CF88952AEE1257382DE39D777527416FBED01472FE9C947AD58968D7FF2847328265584C2E93F7DF92CA891122AF48B9549020D2FAC44913C2DB5DAE20434E477FC5AF527E3D16D13B5586131FA1CC6AB1D522A1EFDA51B84D82BCBC0E76F00E0C790A9C07D0CD81088A6E972BB453B0D72AACF78BE9506B25301A473C0F4E6DF46B6517C73D9809F5319DA70BD22C0C17D90A0A26080E262D9DFB50B21AABFB60D76E655B78B2C4A4EDE0D32CE1BBD3F05F49C12B30DA10A13BAA95F907A1306F4FAFA251D8F6E16B6A5EB177D7777FFAB5A875B3D27D250B496B3EDCF818020A27D1CF30EF135AA50CF05B70D1FBCFAB92C7D0CC17E3AB813D23233BEDB187FAB1406BB9397760F905658A124923E6F97F947EF88572CC3F50F16FC716DEA622F9878462113A5E43CFA165D80B531843CB024CC310FB4FD80788A67ABCADDD99BD5A26D1FDB72FA5DF44C84085D7EA30393ABA8E7CB659489DE64CAECC4E2E6779E80CAC156B5957C30B89F073E97BD013CE3E7D260917C1B3C46F6AF0B77A2109E7A81DBB20745B4FD4B33BCC08FD30F554C5EF9B6E69CBD225A498D2D51CA440B83205DF7AE9020AF2595F3CC648907EA05C2F4063C835606A4598A7E9CF67710332A938B1FF851A6697F9A38FFA2CCF2BBD6A00F8437794DA285A8E298CCF2D5497DCA6065D8E0AD829172FBF4D10F75BE58F97FB2D272DD9B57C5659910BDF70D78C45FDFE135DC75F8DBB69F78EF068CBEA5F9FC8940D45AB9928C9002EA165CBBFFB197A992D4D7
-20210514152842 2 6 100 8191 5 D352935F33D9BC205912B919A6C5F18F76C30A32F6C0390249B48383BA4F31098BF5B6B2ACE6A745344840435A6C9A0DBF8E268F0463420452610E9A624590DC2CD57490F709DFFC5A54630DE486C73DB3C377B87C919F90BA88A7B41627351E6BEADBA605C2C625833BB95E9F34892A5D15DDF216D1A549FCFA819D7567D99015B1C3944254B87680222859779EA64C26FCEF82F34FE28E765DE3DDBCB9B3664E7896B18B93B9AA3A69944E8CEB93C18F671E2A75D6C1061B23AF8B913911A73099EA5B0F527C054B8A71B335A65CE680F02DC58D27FDBBA83EE263DD9E171B190F1CDB173BF56BB93407074B1899E8D59832EF383BCF6FB145E0F8A4A7484A2F8F4178D0A8DF9B8B920FF1250BF88BE770FD43D7EF2F4B998D86628A676173384FA95CB6B8A2599F8D5BFAA9E7C025CF29A9E1A8818B90CF2568CB8F3C003BC22B873374ACEF560B114B6B3EA0ED1701CE77A34E2723FB377BD67D480E3BF6A4E71763ED85C4E5F034A8E1761B1424AC67CFD1727157A43EEAD2168622F43967A4494E3C3D92E41EF47B7425D13D746CF617F9BB0F7CF04C093261541B6BAD54E3ED418AA1044C21FCC95B3416E6648FC576AECA4A82F2E69CE017A982407FAB0B656B56933908F1FD739686102F68805B8C605CF88952AEE1257382DE39D777527416FBED01472FE9C947AD58968D7FF2847328265584C2E93F7DF92CA891122AF48B9549020D2FAC44913C2DB5DAE20434E477FC5AF527E3D16D13B5586131FA1CC6AB1D522A1EFDA51B84D82BCBC0E76F00E0C790A9C07D0CD81088A6E972BB453B0D72AACF78BE9506B25301A473C0F4E6DF46B6517C73D9809F5319DA70BD22C0C17D90A0A26080E262D9DFB50B21AABFB60D76E655B78B2C4A4EDE0D32CE1BBD3F05F49C12B30DA10A13BAA95F907A1306F4FAFA251D8F6E16B6A5EB177D7777FFAB5A875B3D27D250B496B3EDCF818020A27D1CF30EF135AA50CF05B70D1FBCFAB92C7D0CC17E3AB813D23233BEDB187FAB1406BB9397760F905658A124923E6F97F947EF88572CC3F50F16FC716DEA622F9878462113A5E43CFA165D80B531843CB024CC310FB4FD80788A67ABCADDD99BD5A26D1FDB72FA5DF44C84085D7EA30393ABA8E7CB659489DE64CAECC4E2E6779E80CAC156B5957C30B89F073E97BD013CE3E7D260917C1B3C46F6AF0B77A2109E7A81DBB20745B4FD4B33BCC08FD30F554C5EF9B6E69CBD225A498D2D51CA440B83205DF7AE9020AF2595F3CC648907EA05C2F4063C835606A4598A7E9CF67710332A938B1FF851A6697F9A38FFA2CCF2BBD6A00F8437794DA285A8E298CCF2D5497DCA6065D8E0AD829172FBF4D10F75BE58F97FB2D272DD9B57C5659910BDF70D78C45FDFE135DC75F8DBB69F78EF068CBEA5F9FC8940D45AB9928C9002EA165CBBFFB197AF853A37
-20210514153107 2 6 100 8191 5 D352935F33D9BC205912B919A6C5F18F76C30A32F6C0390249B48383BA4F31098BF5B6B2ACE6A745344840435A6C9A0DBF8E268F0463420452610E9A624590DC2CD57490F709DFFC5A54630DE486C73DB3C377B87C919F90BA88A7B41627351E6BEADBA605C2C625833BB95E9F34892A5D15DDF216D1A549FCFA819D7567D99015B1C3944254B87680222859779EA64C26FCEF82F34FE28E765DE3DDBCB9B3664E7896B18B93B9AA3A69944E8CEB93C18F671E2A75D6C1061B23AF8B913911A73099EA5B0F527C054B8A71B335A65CE680F02DC58D27FDBBA83EE263DD9E171B190F1CDB173BF56BB93407074B1899E8D59832EF383BCF6FB145E0F8A4A7484A2F8F4178D0A8DF9B8B920FF1250BF88BE770FD43D7EF2F4B998D86628A676173384FA95CB6B8A2599F8D5BFAA9E7C025CF29A9E1A8818B90CF2568CB8F3C003BC22B873374ACEF560B114B6B3EA0ED1701CE77A34E2723FB377BD67D480E3BF6A4E71763ED85C4E5F034A8E1761B1424AC67CFD1727157A43EEAD2168622F43967A4494E3C3D92E41EF47B7425D13D746CF617F9BB0F7CF04C093261541B6BAD54E3ED418AA1044C21FCC95B3416E6648FC576AECA4A82F2E69CE017A982407FAB0B656B56933908F1FD739686102F68805B8C605CF88952AEE1257382DE39D777527416FBED01472FE9C947AD58968D7FF2847328265584C2E93F7DF92CA891122AF48B9549020D2FAC44913C2DB5DAE20434E477FC5AF527E3D16D13B5586131FA1CC6AB1D522A1EFDA51B84D82BCBC0E76F00E0C790A9C07D0CD81088A6E972BB453B0D72AACF78BE9506B25301A473C0F4E6DF46B6517C73D9809F5319DA70BD22C0C17D90A0A26080E262D9DFB50B21AABFB60D76E655B78B2C4A4EDE0D32CE1BBD3F05F49C12B30DA10A13BAA95F907A1306F4FAFA251D8F6E16B6A5EB177D7777FFAB5A875B3D27D250B496B3EDCF818020A27D1CF30EF135AA50CF05B70D1FBCFAB92C7D0CC17E3AB813D23233BEDB187FAB1406BB9397760F905658A124923E6F97F947EF88572CC3F50F16FC716DEA622F9878462113A5E43CFA165D80B531843CB024CC310FB4FD80788A67ABCADDD99BD5A26D1FDB72FA5DF44C84085D7EA30393ABA8E7CB659489DE64CAECC4E2E6779E80CAC156B5957C30B89F073E97BD013CE3E7D260917C1B3C46F6AF0B77A2109E7A81DBB20745B4FD4B33BCC08FD30F554C5EF9B6E69CBD225A498D2D51CA440B83205DF7AE9020AF2595F3CC648907EA05C2F4063C835606A4598A7E9CF67710332A938B1FF851A6697F9A38FFA2CCF2BBD6A00F8437794DA285A8E298CCF2D5497DCA6065D8E0AD829172FBF4D10F75BE58F97FB2D272DD9B57C5659910BDF70D78C45FDFE135DC75F8DBB69F78EF068CBEA5F9FC8940D45AB9928C9002EA165CBBFFB197AFA14327
-20210514162047 2 6 100 8191 5 D352935F33D9BC205912B919A6C5F18F76C30A32F6C0390249B48383BA4F31098BF5B6B2ACE6A745344840435A6C9A0DBF8E268F0463420452610E9A624590DC2CD57490F709DFFC5A54630DE486C73DB3C377B87C919F90BA88A7B41627351E6BEADBA605C2C625833BB95E9F34892A5D15DDF216D1A549FCFA819D7567D99015B1C3944254B87680222859779EA64C26FCEF82F34FE28E765DE3DDBCB9B3664E7896B18B93B9AA3A69944E8CEB93C18F671E2A75D6C1061B23AF8B913911A73099EA5B0F527C054B8A71B335A65CE680F02DC58D27FDBBA83EE263DD9E171B190F1CDB173BF56BB93407074B1899E8D59832EF383BCF6FB145E0F8A4A7484A2F8F4178D0A8DF9B8B920FF1250BF88BE770FD43D7EF2F4B998D86628A676173384FA95CB6B8A2599F8D5BFAA9E7C025CF29A9E1A8818B90CF2568CB8F3C003BC22B873374ACEF560B114B6B3EA0ED1701CE77A34E2723FB377BD67D480E3BF6A4E71763ED85C4E5F034A8E1761B1424AC67CFD1727157A43EEAD2168622F43967A4494E3C3D92E41EF47B7425D13D746CF617F9BB0F7CF04C093261541B6BAD54E3ED418AA1044C21FCC95B3416E6648FC576AECA4A82F2E69CE017A982407FAB0B656B56933908F1FD739686102F68805B8C605CF88952AEE1257382DE39D777527416FBED01472FE9C947AD58968D7FF2847328265584C2E93F7DF92CA891122AF48B9549020D2FAC44913C2DB5DAE20434E477FC5AF527E3D16D13B5586131FA1CC6AB1D522A1EFDA51B84D82BCBC0E76F00E0C790A9C07D0CD81088A6E972BB453B0D72AACF78BE9506B25301A473C0F4E6DF46B6517C73D9809F5319DA70BD22C0C17D90A0A26080E262D9DFB50B21AABFB60D76E655B78B2C4A4EDE0D32CE1BBD3F05F49C12B30DA10A13BAA95F907A1306F4FAFA251D8F6E16B6A5EB177D7777FFAB5A875B3D27D250B496B3EDCF818020A27D1CF30EF135AA50CF05B70D1FBCFAB92C7D0CC17E3AB813D23233BEDB187FAB1406BB9397760F905658A124923E6F97F947EF88572CC3F50F16FC716DEA622F9878462113A5E43CFA165D80B531843CB024CC310FB4FD80788A67ABCADDD99BD5A26D1FDB72FA5DF44C84085D7EA30393ABA8E7CB659489DE64CAECC4E2E6779E80CAC156B5957C30B89F073E97BD013CE3E7D260917C1B3C46F6AF0B77A2109E7A81DBB20745B4FD4B33BCC08FD30F554C5EF9B6E69CBD225A498D2D51CA440B83205DF7AE9020AF2595F3CC648907EA05C2F4063C835606A4598A7E9CF67710332A938B1FF851A6697F9A38FFA2CCF2BBD6A00F8437794DA285A8E298CCF2D5497DCA6065D8E0AD829172FBF4D10F75BE58F97FB2D272DD9B57C5659910BDF70D78C45FDFE135DC75F8DBB69F78EF068CBEA5F9FC8940D45AB9928C9002EA165CBBFFB197B2B7330F
-20210514163234 2 6 100 8191 2 D352935F33D9BC205912B919A6C5F18F76C30A32F6C0390249B48383BA4F31098BF5B6B2ACE6A745344840435A6C9A0DBF8E268F0463420452610E9A624590DC2CD57490F709DFFC5A54630DE486C73DB3C377B87C919F90BA88A7B41627351E6BEADBA605C2C625833BB95E9F34892A5D15DDF216D1A549FCFA819D7567D99015B1C3944254B87680222859779EA64C26FCEF82F34FE28E765DE3DDBCB9B3664E7896B18B93B9AA3A69944E8CEB93C18F671E2A75D6C1061B23AF8B913911A73099EA5B0F527C054B8A71B335A65CE680F02DC58D27FDBBA83EE263DD9E171B190F1CDB173BF56BB93407074B1899E8D59832EF383BCF6FB145E0F8A4A7484A2F8F4178D0A8DF9B8B920FF1250BF88BE770FD43D7EF2F4B998D86628A676173384FA95CB6B8A2599F8D5BFAA9E7C025CF29A9E1A8818B90CF2568CB8F3C003BC22B873374ACEF560B114B6B3EA0ED1701CE77A34E2723FB377BD67D480E3BF6A4E71763ED85C4E5F034A8E1761B1424AC67CFD1727157A43EEAD2168622F43967A4494E3C3D92E41EF47B7425D13D746CF617F9BB0F7CF04C093261541B6BAD54E3ED418AA1044C21FCC95B3416E6648FC576AECA4A82F2E69CE017A982407FAB0B656B56933908F1FD739686102F68805B8C605CF88952AEE1257382DE39D777527416FBED01472FE9C947AD58968D7FF2847328265584C2E93F7DF92CA891122AF48B9549020D2FAC44913C2DB5DAE20434E477FC5AF527E3D16D13B5586131FA1CC6AB1D522A1EFDA51B84D82BCBC0E76F00E0C790A9C07D0CD81088A6E972BB453B0D72AACF78BE9506B25301A473C0F4E6DF46B6517C73D9809F5319DA70BD22C0C17D90A0A26080E262D9DFB50B21AABFB60D76E655B78B2C4A4EDE0D32CE1BBD3F05F49C12B30DA10A13BAA95F907A1306F4FAFA251D8F6E16B6A5EB177D7777FFAB5A875B3D27D250B496B3EDCF818020A27D1CF30EF135AA50CF05B70D1FBCFAB92C7D0CC17E3AB813D23233BEDB187FAB1406BB9397760F905658A124923E6F97F947EF88572CC3F50F16FC716DEA622F9878462113A5E43CFA165D80B531843CB024CC310FB4FD80788A67ABCADDD99BD5A26D1FDB72FA5DF44C84085D7EA30393ABA8E7CB659489DE64CAECC4E2E6779E80CAC156B5957C30B89F073E97BD013CE3E7D260917C1B3C46F6AF0B77A2109E7A81DBB20745B4FD4B33BCC08FD30F554C5EF9B6E69CBD225A498D2D51CA440B83205DF7AE9020AF2595F3CC648907EA05C2F4063C835606A4598A7E9CF67710332A938B1FF851A6697F9A38FFA2CCF2BBD6A00F8437794DA285A8E298CCF2D5497DCA6065D8E0AD829172FBF4D10F75BE58F97FB2D272DD9B57C5659910BDF70D78C45FDFE135DC75F8DBB69F78EF068CBEA5F9FC8940D45AB9928C9002EA165CBBFFB197B36A5C3B
-20210514173058 2 6 100 8191 2 D352935F33D9BC205912B919A6C5F18F76C30A32F6C0390249B48383BA4F31098BF5B6B2ACE6A745344840435A6C9A0DBF8E268F0463420452610E9A624590DC2CD57490F709DFFC5A54630DE486C73DB3C377B87C919F90BA88A7B41627351E6BEADBA605C2C625833BB95E9F34892A5D15DDF216D1A549FCFA819D7567D99015B1C3944254B87680222859779EA64C26FCEF82F34FE28E765DE3DDBCB9B3664E7896B18B93B9AA3A69944E8CEB93C18F671E2A75D6C1061B23AF8B913911A73099EA5B0F527C054B8A71B335A65CE680F02DC58D27FDBBA83EE263DD9E171B190F1CDB173BF56BB93407074B1899E8D59832EF383BCF6FB145E0F8A4A7484A2F8F4178D0A8DF9B8B920FF1250BF88BE770FD43D7EF2F4B998D86628A676173384FA95CB6B8A2599F8D5BFAA9E7C025CF29A9E1A8818B90CF2568CB8F3C003BC22B873374ACEF560B114B6B3EA0ED1701CE77A34E2723FB377BD67D480E3BF6A4E71763ED85C4E5F034A8E1761B1424AC67CFD1727157A43EEAD2168622F43967A4494E3C3D92E41EF47B7425D13D746CF617F9BB0F7CF04C093261541B6BAD54E3ED418AA1044C21FCC95B3416E6648FC576AECA4A82F2E69CE017A982407FAB0B656B56933908F1FD739686102F68805B8C605CF88952AEE1257382DE39D777527416FBED01472FE9C947AD58968D7FF2847328265584C2E93F7DF92CA891122AF48B9549020D2FAC44913C2DB5DAE20434E477FC5AF527E3D16D13B5586131FA1CC6AB1D522A1EFDA51B84D82BCBC0E76F00E0C790A9C07D0CD81088A6E972BB453B0D72AACF78BE9506B25301A473C0F4E6DF46B6517C73D9809F5319DA70BD22C0C17D90A0A26080E262D9DFB50B21AABFB60D76E655B78B2C4A4EDE0D32CE1BBD3F05F49C12B30DA10A13BAA95F907A1306F4FAFA251D8F6E16B6A5EB177D7777FFAB5A875B3D27D250B496B3EDCF818020A27D1CF30EF135AA50CF05B70D1FBCFAB92C7D0CC17E3AB813D23233BEDB187FAB1406BB9397760F905658A124923E6F97F947EF88572CC3F50F16FC716DEA622F9878462113A5E43CFA165D80B531843CB024CC310FB4FD80788A67ABCADDD99BD5A26D1FDB72FA5DF44C84085D7EA30393ABA8E7CB659489DE64CAECC4E2E6779E80CAC156B5957C30B89F073E97BD013CE3E7D260917C1B3C46F6AF0B77A2109E7A81DBB20745B4FD4B33BCC08FD30F554C5EF9B6E69CBD225A498D2D51CA440B83205DF7AE9020AF2595F3CC648907EA05C2F4063C835606A4598A7E9CF67710332A938B1FF851A6697F9A38FFA2CCF2BBD6A00F8437794DA285A8E298CCF2D5497DCA6065D8E0AD829172FBF4D10F75BE58F97FB2D272DD9B57C5659910BDF70D78C45FDFE135DC75F8DBB69F78EF068CBEA5F9FC8940D45AB9928C9002EA165CBBFFB197B701F873
-20210514181258 2 6 100 8191 5 D352935F33D9BC205912B919A6C5F18F76C30A32F6C0390249B48383BA4F31098BF5B6B2ACE6A745344840435A6C9A0DBF8E268F0463420452610E9A624590DC2CD57490F709DFFC5A54630DE486C73DB3C377B87C919F90BA88A7B41627351E6BEADBA605C2C625833BB95E9F34892A5D15DDF216D1A549FCFA819D7567D99015B1C3944254B87680222859779EA64C26FCEF82F34FE28E765DE3DDBCB9B3664E7896B18B93B9AA3A69944E8CEB93C18F671E2A75D6C1061B23AF8B913911A73099EA5B0F527C054B8A71B335A65CE680F02DC58D27FDBBA83EE263DD9E171B190F1CDB173BF56BB93407074B1899E8D59832EF383BCF6FB145E0F8A4A7484A2F8F4178D0A8DF9B8B920FF1250BF88BE770FD43D7EF2F4B998D86628A676173384FA95CB6B8A2599F8D5BFAA9E7C025CF29A9E1A8818B90CF2568CB8F3C003BC22B873374ACEF560B114B6B3EA0ED1701CE77A34E2723FB377BD67D480E3BF6A4E71763ED85C4E5F034A8E1761B1424AC67CFD1727157A43EEAD2168622F43967A4494E3C3D92E41EF47B7425D13D746CF617F9BB0F7CF04C093261541B6BAD54E3ED418AA1044C21FCC95B3416E6648FC576AECA4A82F2E69CE017A982407FAB0B656B56933908F1FD739686102F68805B8C605CF88952AEE1257382DE39D777527416FBED01472FE9C947AD58968D7FF2847328265584C2E93F7DF92CA891122AF48B9549020D2FAC44913C2DB5DAE20434E477FC5AF527E3D16D13B5586131FA1CC6AB1D522A1EFDA51B84D82BCBC0E76F00E0C790A9C07D0CD81088A6E972BB453B0D72AACF78BE9506B25301A473C0F4E6DF46B6517C73D9809F5319DA70BD22C0C17D90A0A26080E262D9DFB50B21AABFB60D76E655B78B2C4A4EDE0D32CE1BBD3F05F49C12B30DA10A13BAA95F907A1306F4FAFA251D8F6E16B6A5EB177D7777FFAB5A875B3D27D250B496B3EDCF818020A27D1CF30EF135AA50CF05B70D1FBCFAB92C7D0CC17E3AB813D23233BEDB187FAB1406BB9397760F905658A124923E6F97F947EF88572CC3F50F16FC716DEA622F9878462113A5E43CFA165D80B531843CB024CC310FB4FD80788A67ABCADDD99BD5A26D1FDB72FA5DF44C84085D7EA30393ABA8E7CB659489DE64CAECC4E2E6779E80CAC156B5957C30B89F073E97BD013CE3E7D260917C1B3C46F6AF0B77A2109E7A81DBB20745B4FD4B33BCC08FD30F554C5EF9B6E69CBD225A498D2D51CA440B83205DF7AE9020AF2595F3CC648907EA05C2F4063C835606A4598A7E9CF67710332A938B1FF851A6697F9A38FFA2CCF2BBD6A00F8437794DA285A8E298CCF2D5497DCA6065D8E0AD829172FBF4D10F75BE58F97FB2D272DD9B57C5659910BDF70D78C45FDFE135DC75F8DBB69F78EF068CBEA5F9FC8940D45AB9928C9002EA165CBBFFB197B999E087
-20210514182942 2 6 100 8191 2 D352935F33D9BC205912B919A6C5F18F76C30A32F6C0390249B48383BA4F31098BF5B6B2ACE6A745344840435A6C9A0DBF8E268F0463420452610E9A624590DC2CD57490F709DFFC5A54630DE486C73DB3C377B87C919F90BA88A7B41627351E6BEADBA605C2C625833BB95E9F34892A5D15DDF216D1A549FCFA819D7567D99015B1C3944254B87680222859779EA64C26FCEF82F34FE28E765DE3DDBCB9B3664E7896B18B93B9AA3A69944E8CEB93C18F671E2A75D6C1061B23AF8B913911A73099EA5B0F527C054B8A71B335A65CE680F02DC58D27FDBBA83EE263DD9E171B190F1CDB173BF56BB93407074B1899E8D59832EF383BCF6FB145E0F8A4A7484A2F8F4178D0A8DF9B8B920FF1250BF88BE770FD43D7EF2F4B998D86628A676173384FA95CB6B8A2599F8D5BFAA9E7C025CF29A9E1A8818B90CF2568CB8F3C003BC22B873374ACEF560B114B6B3EA0ED1701CE77A34E2723FB377BD67D480E3BF6A4E71763ED85C4E5F034A8E1761B1424AC67CFD1727157A43EEAD2168622F43967A4494E3C3D92E41EF47B7425D13D746CF617F9BB0F7CF04C093261541B6BAD54E3ED418AA1044C21FCC95B3416E6648FC576AECA4A82F2E69CE017A982407FAB0B656B56933908F1FD739686102F68805B8C605CF88952AEE1257382DE39D777527416FBED01472FE9C947AD58968D7FF2847328265584C2E93F7DF92CA891122AF48B9549020D2FAC44913C2DB5DAE20434E477FC5AF527E3D16D13B5586131FA1CC6AB1D522A1EFDA51B84D82BCBC0E76F00E0C790A9C07D0CD81088A6E972BB453B0D72AACF78BE9506B25301A473C0F4E6DF46B6517C73D9809F5319DA70BD22C0C17D90A0A26080E262D9DFB50B21AABFB60D76E655B78B2C4A4EDE0D32CE1BBD3F05F49C12B30DA10A13BAA95F907A1306F4FAFA251D8F6E16B6A5EB177D7777FFAB5A875B3D27D250B496B3EDCF818020A27D1CF30EF135AA50CF05B70D1FBCFAB92C7D0CC17E3AB813D23233BEDB187FAB1406BB9397760F905658A124923E6F97F947EF88572CC3F50F16FC716DEA622F9878462113A5E43CFA165D80B531843CB024CC310FB4FD80788A67ABCADDD99BD5A26D1FDB72FA5DF44C84085D7EA30393ABA8E7CB659489DE64CAECC4E2E6779E80CAC156B5957C30B89F073E97BD013CE3E7D260917C1B3C46F6AF0B77A2109E7A81DBB20745B4FD4B33BCC08FD30F554C5EF9B6E69CBD225A498D2D51CA440B83205DF7AE9020AF2595F3CC648907EA05C2F4063C835606A4598A7E9CF67710332A938B1FF851A6697F9A38FFA2CCF2BBD6A00F8437794DA285A8E298CCF2D5497DCA6065D8E0AD829172FBF4D10F75BE58F97FB2D272DD9B57C5659910BDF70D78C45FDFE135DC75F8DBB69F78EF068CBEA5F9FC8940D45AB9928C9002EA165CBBFFB197BA9B3683
-20210514191337 2 6 100 8191 5 D352935F33D9BC205912B919A6C5F18F76C30A32F6C0390249B48383BA4F31098BF5B6B2ACE6A745344840435A6C9A0DBF8E268F0463420452610E9A624590DC2CD57490F709DFFC5A54630DE486C73DB3C377B87C919F90BA88A7B41627351E6BEADBA605C2C625833BB95E9F34892A5D15DDF216D1A549FCFA819D7567D99015B1C3944254B87680222859779EA64C26FCEF82F34FE28E765DE3DDBCB9B3664E7896B18B93B9AA3A69944E8CEB93C18F671E2A75D6C1061B23AF8B913911A73099EA5B0F527C054B8A71B335A65CE680F02DC58D27FDBBA83EE263DD9E171B190F1CDB173BF56BB93407074B1899E8D59832EF383BCF6FB145E0F8A4A7484A2F8F4178D0A8DF9B8B920FF1250BF88BE770FD43D7EF2F4B998D86628A676173384FA95CB6B8A2599F8D5BFAA9E7C025CF29A9E1A8818B90CF2568CB8F3C003BC22B873374ACEF560B114B6B3EA0ED1701CE77A34E2723FB377BD67D480E3BF6A4E71763ED85C4E5F034A8E1761B1424AC67CFD1727157A43EEAD2168622F43967A4494E3C3D92E41EF47B7425D13D746CF617F9BB0F7CF04C093261541B6BAD54E3ED418AA1044C21FCC95B3416E6648FC576AECA4A82F2E69CE017A982407FAB0B656B56933908F1FD739686102F68805B8C605CF88952AEE1257382DE39D777527416FBED01472FE9C947AD58968D7FF2847328265584C2E93F7DF92CA891122AF48B9549020D2FAC44913C2DB5DAE20434E477FC5AF527E3D16D13B5586131FA1CC6AB1D522A1EFDA51B84D82BCBC0E76F00E0C790A9C07D0CD81088A6E972BB453B0D72AACF78BE9506B25301A473C0F4E6DF46B6517C73D9809F5319DA70BD22C0C17D90A0A26080E262D9DFB50B21AABFB60D76E655B78B2C4A4EDE0D32CE1BBD3F05F49C12B30DA10A13BAA95F907A1306F4FAFA251D8F6E16B6A5EB177D7777FFAB5A875B3D27D250B496B3EDCF818020A27D1CF30EF135AA50CF05B70D1FBCFAB92C7D0CC17E3AB813D23233BEDB187FAB1406BB9397760F905658A124923E6F97F947EF88572CC3F50F16FC716DEA622F9878462113A5E43CFA165D80B531843CB024CC310FB4FD80788A67ABCADDD99BD5A26D1FDB72FA5DF44C84085D7EA30393ABA8E7CB659489DE64CAECC4E2E6779E80CAC156B5957C30B89F073E97BD013CE3E7D260917C1B3C46F6AF0B77A2109E7A81DBB20745B4FD4B33BCC08FD30F554C5EF9B6E69CBD225A498D2D51CA440B83205DF7AE9020AF2595F3CC648907EA05C2F4063C835606A4598A7E9CF67710332A938B1FF851A6697F9A38FFA2CCF2BBD6A00F8437794DA285A8E298CCF2D5497DCA6065D8E0AD829172FBF4D10F75BE58F97FB2D272DD9B57C5659910BDF70D78C45FDFE135DC75F8DBB69F78EF068CBEA5F9FC8940D45AB9928C9002EA165CBBFFB197BD4793EF
-20210514193708 2 6 100 8191 2 D352935F33D9BC205912B919A6C5F18F76C30A32F6C0390249B48383BA4F31098BF5B6B2ACE6A745344840435A6C9A0DBF8E268F0463420452610E9A624590DC2CD57490F709DFFC5A54630DE486C73DB3C377B87C919F90BA88A7B41627351E6BEADBA605C2C625833BB95E9F34892A5D15DDF216D1A549FCFA819D7567D99015B1C3944254B87680222859779EA64C26FCEF82F34FE28E765DE3DDBCB9B3664E7896B18B93B9AA3A69944E8CEB93C18F671E2A75D6C1061B23AF8B913911A73099EA5B0F527C054B8A71B335A65CE680F02DC58D27FDBBA83EE263DD9E171B190F1CDB173BF56BB93407074B1899E8D59832EF383BCF6FB145E0F8A4A7484A2F8F4178D0A8DF9B8B920FF1250BF88BE770FD43D7EF2F4B998D86628A676173384FA95CB6B8A2599F8D5BFAA9E7C025CF29A9E1A8818B90CF2568CB8F3C003BC22B873374ACEF560B114B6B3EA0ED1701CE77A34E2723FB377BD67D480E3BF6A4E71763ED85C4E5F034A8E1761B1424AC67CFD1727157A43EEAD2168622F43967A4494E3C3D92E41EF47B7425D13D746CF617F9BB0F7CF04C093261541B6BAD54E3ED418AA1044C21FCC95B3416E6648FC576AECA4A82F2E69CE017A982407FAB0B656B56933908F1FD739686102F68805B8C605CF88952AEE1257382DE39D777527416FBED01472FE9C947AD58968D7FF2847328265584C2E93F7DF92CA891122AF48B9549020D2FAC44913C2DB5DAE20434E477FC5AF527E3D16D13B5586131FA1CC6AB1D522A1EFDA51B84D82BCBC0E76F00E0C790A9C07D0CD81088A6E972BB453B0D72AACF78BE9506B25301A473C0F4E6DF46B6517C73D9809F5319DA70BD22C0C17D90A0A26080E262D9DFB50B21AABFB60D76E655B78B2C4A4EDE0D32CE1BBD3F05F49C12B30DA10A13BAA95F907A1306F4FAFA251D8F6E16B6A5EB177D7777FFAB5A875B3D27D250B496B3EDCF818020A27D1CF30EF135AA50CF05B70D1FBCFAB92C7D0CC17E3AB813D23233BEDB187FAB1406BB9397760F905658A124923E6F97F947EF88572CC3F50F16FC716DEA622F9878462113A5E43CFA165D80B531843CB024CC310FB4FD80788A67ABCADDD99BD5A26D1FDB72FA5DF44C84085D7EA30393ABA8E7CB659489DE64CAECC4E2E6779E80CAC156B5957C30B89F073E97BD013CE3E7D260917C1B3C46F6AF0B77A2109E7A81DBB20745B4FD4B33BCC08FD30F554C5EF9B6E69CBD225A498D2D51CA440B83205DF7AE9020AF2595F3CC648907EA05C2F4063C835606A4598A7E9CF67710332A938B1FF851A6697F9A38FFA2CCF2BBD6A00F8437794DA285A8E298CCF2D5497DCA6065D8E0AD829172FBF4D10F75BE58F97FB2D272DD9B57C5659910BDF70D78C45FDFE135DC75F8DBB69F78EF068CBEA5F9FC8940D45AB9928C9002EA165CBBFFB197BEACFC3B
-20210514205734 2 6 100 8191 2 D352935F33D9BC205912B919A6C5F18F76C30A32F6C0390249B48383BA4F31098BF5B6B2ACE6A745344840435A6C9A0DBF8E268F0463420452610E9A624590DC2CD57490F709DFFC5A54630DE486C73DB3C377B87C919F90BA88A7B41627351E6BEADBA605C2C625833BB95E9F34892A5D15DDF216D1A549FCFA819D7567D99015B1C3944254B87680222859779EA64C26FCEF82F34FE28E765DE3DDBCB9B3664E7896B18B93B9AA3A69944E8CEB93C18F671E2A75D6C1061B23AF8B913911A73099EA5B0F527C054B8A71B335A65CE680F02DC58D27FDBBA83EE263DD9E171B190F1CDB173BF56BB93407074B1899E8D59832EF383BCF6FB145E0F8A4A7484A2F8F4178D0A8DF9B8B920FF1250BF88BE770FD43D7EF2F4B998D86628A676173384FA95CB6B8A2599F8D5BFAA9E7C025CF29A9E1A8818B90CF2568CB8F3C003BC22B873374ACEF560B114B6B3EA0ED1701CE77A34E2723FB377BD67D480E3BF6A4E71763ED85C4E5F034A8E1761B1424AC67CFD1727157A43EEAD2168622F43967A4494E3C3D92E41EF47B7425D13D746CF617F9BB0F7CF04C093261541B6BAD54E3ED418AA1044C21FCC95B3416E6648FC576AECA4A82F2E69CE017A982407FAB0B656B56933908F1FD739686102F68805B8C605CF88952AEE1257382DE39D777527416FBED01472FE9C947AD58968D7FF2847328265584C2E93F7DF92CA891122AF48B9549020D2FAC44913C2DB5DAE20434E477FC5AF527E3D16D13B5586131FA1CC6AB1D522A1EFDA51B84D82BCBC0E76F00E0C790A9C07D0CD81088A6E972BB453B0D72AACF78BE9506B25301A473C0F4E6DF46B6517C73D9809F5319DA70BD22C0C17D90A0A26080E262D9DFB50B21AABFB60D76E655B78B2C4A4EDE0D32CE1BBD3F05F49C12B30DA10A13BAA95F907A1306F4FAFA251D8F6E16B6A5EB177D7777FFAB5A875B3D27D250B496B3EDCF818020A27D1CF30EF135AA50CF05B70D1FBCFAB92C7D0CC17E3AB813D23233BEDB187FAB1406BB9397760F905658A124923E6F97F947EF88572CC3F50F16FC716DEA622F9878462113A5E43CFA165D80B531843CB024CC310FB4FD80788A67ABCADDD99BD5A26D1FDB72FA5DF44C84085D7EA30393ABA8E7CB659489DE64CAECC4E2E6779E80CAC156B5957C30B89F073E97BD013CE3E7D260917C1B3C46F6AF0B77A2109E7A81DBB20745B4FD4B33BCC08FD30F554C5EF9B6E69CBD225A498D2D51CA440B83205DF7AE9020AF2595F3CC648907EA05C2F4063C835606A4598A7E9CF67710332A938B1FF851A6697F9A38FFA2CCF2BBD6A00F8437794DA285A8E298CCF2D5497DCA6065D8E0AD829172FBF4D10F75BE58F97FB2D272DD9B57C5659910BDF70D78C45FDFE135DC75F8DBB69F78EF068CBEA5F9FC8940D45AB9928C9002EA165CBBFFB197C391340B
-20210514221328 2 6 100 8191 2 D352935F33D9BC205912B919A6C5F18F76C30A32F6C0390249B48383BA4F31098BF5B6B2ACE6A745344840435A6C9A0DBF8E268F0463420452610E9A624590DC2CD57490F709DFFC5A54630DE486C73DB3C377B87C919F90BA88A7B41627351E6BEADBA605C2C625833BB95E9F34892A5D15DDF216D1A549FCFA819D7567D99015B1C3944254B87680222859779EA64C26FCEF82F34FE28E765DE3DDBCB9B3664E7896B18B93B9AA3A69944E8CEB93C18F671E2A75D6C1061B23AF8B913911A73099EA5B0F527C054B8A71B335A65CE680F02DC58D27FDBBA83EE263DD9E171B190F1CDB173BF56BB93407074B1899E8D59832EF383BCF6FB145E0F8A4A7484A2F8F4178D0A8DF9B8B920FF1250BF88BE770FD43D7EF2F4B998D86628A676173384FA95CB6B8A2599F8D5BFAA9E7C025CF29A9E1A8818B90CF2568CB8F3C003BC22B873374ACEF560B114B6B3EA0ED1701CE77A34E2723FB377BD67D480E3BF6A4E71763ED85C4E5F034A8E1761B1424AC67CFD1727157A43EEAD2168622F43967A4494E3C3D92E41EF47B7425D13D746CF617F9BB0F7CF04C093261541B6BAD54E3ED418AA1044C21FCC95B3416E6648FC576AECA4A82F2E69CE017A982407FAB0B656B56933908F1FD739686102F68805B8C605CF88952AEE1257382DE39D777527416FBED01472FE9C947AD58968D7FF2847328265584C2E93F7DF92CA891122AF48B9549020D2FAC44913C2DB5DAE20434E477FC5AF527E3D16D13B5586131FA1CC6AB1D522A1EFDA51B84D82BCBC0E76F00E0C790A9C07D0CD81088A6E972BB453B0D72AACF78BE9506B25301A473C0F4E6DF46B6517C73D9809F5319DA70BD22C0C17D90A0A26080E262D9DFB50B21AABFB60D76E655B78B2C4A4EDE0D32CE1BBD3F05F49C12B30DA10A13BAA95F907A1306F4FAFA251D8F6E16B6A5EB177D7777FFAB5A875B3D27D250B496B3EDCF818020A27D1CF30EF135AA50CF05B70D1FBCFAB92C7D0CC17E3AB813D23233BEDB187FAB1406BB9397760F905658A124923E6F97F947EF88572CC3F50F16FC716DEA622F9878462113A5E43CFA165D80B531843CB024CC310FB4FD80788A67ABCADDD99BD5A26D1FDB72FA5DF44C84085D7EA30393ABA8E7CB659489DE64CAECC4E2E6779E80CAC156B5957C30B89F073E97BD013CE3E7D260917C1B3C46F6AF0B77A2109E7A81DBB20745B4FD4B33BCC08FD30F554C5EF9B6E69CBD225A498D2D51CA440B83205DF7AE9020AF2595F3CC648907EA05C2F4063C835606A4598A7E9CF67710332A938B1FF851A6697F9A38FFA2CCF2BBD6A00F8437794DA285A8E298CCF2D5497DCA6065D8E0AD829172FBF4D10F75BE58F97FB2D272DD9B57C5659910BDF70D78C45FDFE135DC75F8DBB69F78EF068CBEA5F9FC8940D45AB9928C9002EA165CBBFFB197C828281B
-20210515004609 2 6 100 8191 2 DD4A2D5D7B10514C9CBEB91330C309D38566FF0D418584030168693F4060DE64CC996D4F9D446AEF0F5C78E4BCFD2067A117FF78EDB5E248F494F0F6AAF718220D801EE111F50E6FD20092C3C4CFF0452384E6EF948624A85ACB5A40280F32E0C1824BF0D7215F20DC356DCF39DB382083F4CAB942564DEDA2B38211789A707CA0388E27191F3238E75B8FA352A37BA743CB80351DB5DC8F4F5CFD79C920102A838B5EE973E4F95253B43B0E327F31CBBBD7932E13C2DB0F43CCE1FB609DFE4140CA3B048CFB3C929AB9685EBFFD09F08625727583AE0E4AB61DDE47807E124D84F3FCA43FC92A7AA931FBE193CC609611FC30E873F1988D92251DF49C1E2A9126C63FA3FE19C4D9066FEC94693CBCC0951624C3F410F729F9539D35C848D924C29CF512ED032AA4B5AC4A2440197C81D5EBA6A5A9CBC11F4660FFE7597F60E6AF25944E425D724606ABFCB84878D66CE017D3ED6B07CA4FCA5B5CFA57C82FCCF1172850678F63F6F2277F242C1DACB5D16D2BC5EC611C45751A8AFC3179CEFA82334172D326B3CFCB9FB43B2E981AB6BC4033CC2E7BB57E6A19A74953E1E5E7A2E4463E3C3C950ACC5128D1DC543A6BB34C3AE3F4C33818923C1911329D5BA8D6AF1ED5915E1A1E0824CC612898AF0B0EBB553D5760AD00913D60A5649C860B3FCA1049A55BC24045298537BAA1E47B9C779FF24654889FF6162DFF3DF787E53CE4D1355AAF425B9B7CACE1C9FE076D61BD6A1887155813C7C922ABF8D161B546A94D091365D7EF693532B7CB2352F73EB8E4CB75E5771E21C2691C1AB114880E0AB104869DA6425900EF55A5B95FED252DC1D70B2473B26AEFFBCD5569F895D16B50F030B7EB2846985D185880F2B4624622F28CDD73CAEBBC318187AD69432EF31B38831E67222CCBA64DFBF0937A297E3473421506E7AA1D30DABE3841E8F58D6C6B1D0596867D80ADA9A9ADD06A1FB634DBF7B1FEF67DBABFF52538C4563B90FD343F711822EA17054A9FD1D61B9FD78CD083345E7544853B5D284CC73082C2042BFF6C2614FB1F129F7B7E2C07DFF784DCC5859A8306A33807ED27958C3FFD25F13537F869248BE6E4B3ADD9F03E5DF976D1BCEE46C30B5E79AFCF5233F3E4FE05EE6E5AA17A0E44BD67B1ED69F51F5EF287E531FA51B4FA545BC0C3EFB16D8424518AE27498DFBCBF79D129CA3AF38108C86266527435FC27AFA4201609B974EC1CEF0741BC478676736135E5E2BA6297C061E585CE267A99CB411505FC26A2E54209C94D6757CA9B71127B401DEB364D0A86C4C22A5A65CDD2504C57602959D2DB6E8BAC42720A76B8910D08852AE79D91F195A046D86BC3D88660ECC6BAB9CA26B765B45C6DC2571685EE8F25EEBC7B7FEE5AE00B492CF90CFC2C2348F92D2C0D4776FC611CB1F7064E40230E74302CF83A93F177A53CE7B7D0AF33
-20210515010402 2 6 100 8191 5 DD4A2D5D7B10514C9CBEB91330C309D38566FF0D418584030168693F4060DE64CC996D4F9D446AEF0F5C78E4BCFD2067A117FF78EDB5E248F494F0F6AAF718220D801EE111F50E6FD20092C3C4CFF0452384E6EF948624A85ACB5A40280F32E0C1824BF0D7215F20DC356DCF39DB382083F4CAB942564DEDA2B38211789A707CA0388E27191F3238E75B8FA352A37BA743CB80351DB5DC8F4F5CFD79C920102A838B5EE973E4F95253B43B0E327F31CBBBD7932E13C2DB0F43CCE1FB609DFE4140CA3B048CFB3C929AB9685EBFFD09F08625727583AE0E4AB61DDE47807E124D84F3FCA43FC92A7AA931FBE193CC609611FC30E873F1988D92251DF49C1E2A9126C63FA3FE19C4D9066FEC94693CBCC0951624C3F410F729F9539D35C848D924C29CF512ED032AA4B5AC4A2440197C81D5EBA6A5A9CBC11F4660FFE7597F60E6AF25944E425D724606ABFCB84878D66CE017D3ED6B07CA4FCA5B5CFA57C82FCCF1172850678F63F6F2277F242C1DACB5D16D2BC5EC611C45751A8AFC3179CEFA82334172D326B3CFCB9FB43B2E981AB6BC4033CC2E7BB57E6A19A74953E1E5E7A2E4463E3C3C950ACC5128D1DC543A6BB34C3AE3F4C33818923C1911329D5BA8D6AF1ED5915E1A1E0824CC612898AF0B0EBB553D5760AD00913D60A5649C860B3FCA1049A55BC24045298537BAA1E47B9C779FF24654889FF6162DFF3DF787E53CE4D1355AAF425B9B7CACE1C9FE076D61BD6A1887155813C7C922ABF8D161B546A94D091365D7EF693532B7CB2352F73EB8E4CB75E5771E21C2691C1AB114880E0AB104869DA6425900EF55A5B95FED252DC1D70B2473B26AEFFBCD5569F895D16B50F030B7EB2846985D185880F2B4624622F28CDD73CAEBBC318187AD69432EF31B38831E67222CCBA64DFBF0937A297E3473421506E7AA1D30DABE3841E8F58D6C6B1D0596867D80ADA9A9ADD06A1FB634DBF7B1FEF67DBABFF52538C4563B90FD343F711822EA17054A9FD1D61B9FD78CD083345E7544853B5D284CC73082C2042BFF6C2614FB1F129F7B7E2C07DFF784DCC5859A8306A33807ED27958C3FFD25F13537F869248BE6E4B3ADD9F03E5DF976D1BCEE46C30B5E79AFCF5233F3E4FE05EE6E5AA17A0E44BD67B1ED69F51F5EF287E531FA51B4FA545BC0C3EFB16D8424518AE27498DFBCBF79D129CA3AF38108C86266527435FC27AFA4201609B974EC1CEF0741BC478676736135E5E2BA6297C061E585CE267A99CB411505FC26A2E54209C94D6757CA9B71127B401DEB364D0A86C4C22A5A65CDD2504C57602959D2DB6E8BAC42720A76B8910D08852AE79D91F195A046D86BC3D88660ECC6BAB9CA26B765B45C6DC2571685EE8F25EEBC7B7FEE5AE00B492CF90CFC2C2348F92D2C0D4776FC611CB1F7064E40230E74302CF83A93F177A53CE7B90F73BF
-20210515020359 2 6 100 8191 2 DD4A2D5D7B10514C9CBEB91330C309D38566FF0D418584030168693F4060DE64CC996D4F9D446AEF0F5C78E4BCFD2067A117FF78EDB5E248F494F0F6AAF718220D801EE111F50E6FD20092C3C4CFF0452384E6EF948624A85ACB5A40280F32E0C1824BF0D7215F20DC356DCF39DB382083F4CAB942564DEDA2B38211789A707CA0388E27191F3238E75B8FA352A37BA743CB80351DB5DC8F4F5CFD79C920102A838B5EE973E4F95253B43B0E327F31CBBBD7932E13C2DB0F43CCE1FB609DFE4140CA3B048CFB3C929AB9685EBFFD09F08625727583AE0E4AB61DDE47807E124D84F3FCA43FC92A7AA931FBE193CC609611FC30E873F1988D92251DF49C1E2A9126C63FA3FE19C4D9066FEC94693CBCC0951624C3F410F729F9539D35C848D924C29CF512ED032AA4B5AC4A2440197C81D5EBA6A5A9CBC11F4660FFE7597F60E6AF25944E425D724606ABFCB84878D66CE017D3ED6B07CA4FCA5B5CFA57C82FCCF1172850678F63F6F2277F242C1DACB5D16D2BC5EC611C45751A8AFC3179CEFA82334172D326B3CFCB9FB43B2E981AB6BC4033CC2E7BB57E6A19A74953E1E5E7A2E4463E3C3C950ACC5128D1DC543A6BB34C3AE3F4C33818923C1911329D5BA8D6AF1ED5915E1A1E0824CC612898AF0B0EBB553D5760AD00913D60A5649C860B3FCA1049A55BC24045298537BAA1E47B9C779FF24654889FF6162DFF3DF787E53CE4D1355AAF425B9B7CACE1C9FE076D61BD6A1887155813C7C922ABF8D161B546A94D091365D7EF693532B7CB2352F73EB8E4CB75E5771E21C2691C1AB114880E0AB104869DA6425900EF55A5B95FED252DC1D70B2473B26AEFFBCD5569F895D16B50F030B7EB2846985D185880F2B4624622F28CDD73CAEBBC318187AD69432EF31B38831E67222CCBA64DFBF0937A297E3473421506E7AA1D30DABE3841E8F58D6C6B1D0596867D80ADA9A9ADD06A1FB634DBF7B1FEF67DBABFF52538C4563B90FD343F711822EA17054A9FD1D61B9FD78CD083345E7544853B5D284CC73082C2042BFF6C2614FB1F129F7B7E2C07DFF784DCC5859A8306A33807ED27958C3FFD25F13537F869248BE6E4B3ADD9F03E5DF976D1BCEE46C30B5E79AFCF5233F3E4FE05EE6E5AA17A0E44BD67B1ED69F51F5EF287E531FA51B4FA545BC0C3EFB16D8424518AE27498DFBCBF79D129CA3AF38108C86266527435FC27AFA4201609B974EC1CEF0741BC478676736135E5E2BA6297C061E585CE267A99CB411505FC26A2E54209C94D6757CA9B71127B401DEB364D0A86C4C22A5A65CDD2504C57602959D2DB6E8BAC42720A76B8910D08852AE79D91F195A046D86BC3D88660ECC6BAB9CA26B765B45C6DC2571685EE8F25EEBC7B7FEE5AE00B492CF90CFC2C2348F92D2C0D4776FC611CB1F7064E40230E74302CF83A93F177A53CE7BD3DCDAB
-20210515020859 2 6 100 8191 5 DD4A2D5D7B10514C9CBEB91330C309D38566FF0D418584030168693F4060DE64CC996D4F9D446AEF0F5C78E4BCFD2067A117FF78EDB5E248F494F0F6AAF718220D801EE111F50E6FD20092C3C4CFF0452384E6EF948624A85ACB5A40280F32E0C1824BF0D7215F20DC356DCF39DB382083F4CAB942564DEDA2B38211789A707CA0388E27191F3238E75B8FA352A37BA743CB80351DB5DC8F4F5CFD79C920102A838B5EE973E4F95253B43B0E327F31CBBBD7932E13C2DB0F43CCE1FB609DFE4140CA3B048CFB3C929AB9685EBFFD09F08625727583AE0E4AB61DDE47807E124D84F3FCA43FC92A7AA931FBE193CC609611FC30E873F1988D92251DF49C1E2A9126C63FA3FE19C4D9066FEC94693CBCC0951624C3F410F729F9539D35C848D924C29CF512ED032AA4B5AC4A2440197C81D5EBA6A5A9CBC11F4660FFE7597F60E6AF25944E425D724606ABFCB84878D66CE017D3ED6B07CA4FCA5B5CFA57C82FCCF1172850678F63F6F2277F242C1DACB5D16D2BC5EC611C45751A8AFC3179CEFA82334172D326B3CFCB9FB43B2E981AB6BC4033CC2E7BB57E6A19A74953E1E5E7A2E4463E3C3C950ACC5128D1DC543A6BB34C3AE3F4C33818923C1911329D5BA8D6AF1ED5915E1A1E0824CC612898AF0B0EBB553D5760AD00913D60A5649C860B3FCA1049A55BC24045298537BAA1E47B9C779FF24654889FF6162DFF3DF787E53CE4D1355AAF425B9B7CACE1C9FE076D61BD6A1887155813C7C922ABF8D161B546A94D091365D7EF693532B7CB2352F73EB8E4CB75E5771E21C2691C1AB114880E0AB104869DA6425900EF55A5B95FED252DC1D70B2473B26AEFFBCD5569F895D16B50F030B7EB2846985D185880F2B4624622F28CDD73CAEBBC318187AD69432EF31B38831E67222CCBA64DFBF0937A297E3473421506E7AA1D30DABE3841E8F58D6C6B1D0596867D80ADA9A9ADD06A1FB634DBF7B1FEF67DBABFF52538C4563B90FD343F711822EA17054A9FD1D61B9FD78CD083345E7544853B5D284CC73082C2042BFF6C2614FB1F129F7B7E2C07DFF784DCC5859A8306A33807ED27958C3FFD25F13537F869248BE6E4B3ADD9F03E5DF976D1BCEE46C30B5E79AFCF5233F3E4FE05EE6E5AA17A0E44BD67B1ED69F51F5EF287E531FA51B4FA545BC0C3EFB16D8424518AE27498DFBCBF79D129CA3AF38108C86266527435FC27AFA4201609B974EC1CEF0741BC478676736135E5E2BA6297C061E585CE267A99CB411505FC26A2E54209C94D6757CA9B71127B401DEB364D0A86C4C22A5A65CDD2504C57602959D2DB6E8BAC42720A76B8910D08852AE79D91F195A046D86BC3D88660ECC6BAB9CA26B765B45C6DC2571685EE8F25EEBC7B7FEE5AE00B492CF90CFC2C2348F92D2C0D4776FC611CB1F7064E40230E74302CF83A93F177A53CE7BD8C099F
-20210515024607 2 6 100 8191 5 DD4A2D5D7B10514C9CBEB91330C309D38566FF0D418584030168693F4060DE64CC996D4F9D446AEF0F5C78E4BCFD2067A117FF78EDB5E248F494F0F6AAF718220D801EE111F50E6FD20092C3C4CFF0452384E6EF948624A85ACB5A40280F32E0C1824BF0D7215F20DC356DCF39DB382083F4CAB942564DEDA2B38211789A707CA0388E27191F3238E75B8FA352A37BA743CB80351DB5DC8F4F5CFD79C920102A838B5EE973E4F95253B43B0E327F31CBBBD7932E13C2DB0F43CCE1FB609DFE4140CA3B048CFB3C929AB9685EBFFD09F08625727583AE0E4AB61DDE47807E124D84F3FCA43FC92A7AA931FBE193CC609611FC30E873F1988D92251DF49C1E2A9126C63FA3FE19C4D9066FEC94693CBCC0951624C3F410F729F9539D35C848D924C29CF512ED032AA4B5AC4A2440197C81D5EBA6A5A9CBC11F4660FFE7597F60E6AF25944E425D724606ABFCB84878D66CE017D3ED6B07CA4FCA5B5CFA57C82FCCF1172850678F63F6F2277F242C1DACB5D16D2BC5EC611C45751A8AFC3179CEFA82334172D326B3CFCB9FB43B2E981AB6BC4033CC2E7BB57E6A19A74953E1E5E7A2E4463E3C3C950ACC5128D1DC543A6BB34C3AE3F4C33818923C1911329D5BA8D6AF1ED5915E1A1E0824CC612898AF0B0EBB553D5760AD00913D60A5649C860B3FCA1049A55BC24045298537BAA1E47B9C779FF24654889FF6162DFF3DF787E53CE4D1355AAF425B9B7CACE1C9FE076D61BD6A1887155813C7C922ABF8D161B546A94D091365D7EF693532B7CB2352F73EB8E4CB75E5771E21C2691C1AB114880E0AB104869DA6425900EF55A5B95FED252DC1D70B2473B26AEFFBCD5569F895D16B50F030B7EB2846985D185880F2B4624622F28CDD73CAEBBC318187AD69432EF31B38831E67222CCBA64DFBF0937A297E3473421506E7AA1D30DABE3841E8F58D6C6B1D0596867D80ADA9A9ADD06A1FB634DBF7B1FEF67DBABFF52538C4563B90FD343F711822EA17054A9FD1D61B9FD78CD083345E7544853B5D284CC73082C2042BFF6C2614FB1F129F7B7E2C07DFF784DCC5859A8306A33807ED27958C3FFD25F13537F869248BE6E4B3ADD9F03E5DF976D1BCEE46C30B5E79AFCF5233F3E4FE05EE6E5AA17A0E44BD67B1ED69F51F5EF287E531FA51B4FA545BC0C3EFB16D8424518AE27498DFBCBF79D129CA3AF38108C86266527435FC27AFA4201609B974EC1CEF0741BC478676736135E5E2BA6297C061E585CE267A99CB411505FC26A2E54209C94D6757CA9B71127B401DEB364D0A86C4C22A5A65CDD2504C57602959D2DB6E8BAC42720A76B8910D08852AE79D91F195A046D86BC3D88660ECC6BAB9CA26B765B45C6DC2571685EE8F25EEBC7B7FEE5AE00B492CF90CFC2C2348F92D2C0D4776FC611CB1F7064E40230E74302CF83A93F177A53CE7C01A4257
-20210515042745 2 6 100 8191 5 DD4A2D5D7B10514C9CBEB91330C309D38566FF0D418584030168693F4060DE64CC996D4F9D446AEF0F5C78E4BCFD2067A117FF78EDB5E248F494F0F6AAF718220D801EE111F50E6FD20092C3C4CFF0452384E6EF948624A85ACB5A40280F32E0C1824BF0D7215F20DC356DCF39DB382083F4CAB942564DEDA2B38211789A707CA0388E27191F3238E75B8FA352A37BA743CB80351DB5DC8F4F5CFD79C920102A838B5EE973E4F95253B43B0E327F31CBBBD7932E13C2DB0F43CCE1FB609DFE4140CA3B048CFB3C929AB9685EBFFD09F08625727583AE0E4AB61DDE47807E124D84F3FCA43FC92A7AA931FBE193CC609611FC30E873F1988D92251DF49C1E2A9126C63FA3FE19C4D9066FEC94693CBCC0951624C3F410F729F9539D35C848D924C29CF512ED032AA4B5AC4A2440197C81D5EBA6A5A9CBC11F4660FFE7597F60E6AF25944E425D724606ABFCB84878D66CE017D3ED6B07CA4FCA5B5CFA57C82FCCF1172850678F63F6F2277F242C1DACB5D16D2BC5EC611C45751A8AFC3179CEFA82334172D326B3CFCB9FB43B2E981AB6BC4033CC2E7BB57E6A19A74953E1E5E7A2E4463E3C3C950ACC5128D1DC543A6BB34C3AE3F4C33818923C1911329D5BA8D6AF1ED5915E1A1E0824CC612898AF0B0EBB553D5760AD00913D60A5649C860B3FCA1049A55BC24045298537BAA1E47B9C779FF24654889FF6162DFF3DF787E53CE4D1355AAF425B9B7CACE1C9FE076D61BD6A1887155813C7C922ABF8D161B546A94D091365D7EF693532B7CB2352F73EB8E4CB75E5771E21C2691C1AB114880E0AB104869DA6425900EF55A5B95FED252DC1D70B2473B26AEFFBCD5569F895D16B50F030B7EB2846985D185880F2B4624622F28CDD73CAEBBC318187AD69432EF31B38831E67222CCBA64DFBF0937A297E3473421506E7AA1D30DABE3841E8F58D6C6B1D0596867D80ADA9A9ADD06A1FB634DBF7B1FEF67DBABFF52538C4563B90FD343F711822EA17054A9FD1D61B9FD78CD083345E7544853B5D284CC73082C2042BFF6C2614FB1F129F7B7E2C07DFF784DCC5859A8306A33807ED27958C3FFD25F13537F869248BE6E4B3ADD9F03E5DF976D1BCEE46C30B5E79AFCF5233F3E4FE05EE6E5AA17A0E44BD67B1ED69F51F5EF287E531FA51B4FA545BC0C3EFB16D8424518AE27498DFBCBF79D129CA3AF38108C86266527435FC27AFA4201609B974EC1CEF0741BC478676736135E5E2BA6297C061E585CE267A99CB411505FC26A2E54209C94D6757CA9B71127B401DEB364D0A86C4C22A5A65CDD2504C57602959D2DB6E8BAC42720A76B8910D08852AE79D91F195A046D86BC3D88660ECC6BAB9CA26B765B45C6DC2571685EE8F25EEBC7B7FEE5AE00B492CF90CFC2C2348F92D2C0D4776FC611CB1F7064E40230E74302CF83A93F177A53CE7C7338DAF
-20210515064126 2 6 100 8191 2 DD4A2D5D7B10514C9CBEB91330C309D38566FF0D418584030168693F4060DE64CC996D4F9D446AEF0F5C78E4BCFD2067A117FF78EDB5E248F494F0F6AAF718220D801EE111F50E6FD20092C3C4CFF0452384E6EF948624A85ACB5A40280F32E0C1824BF0D7215F20DC356DCF39DB382083F4CAB942564DEDA2B38211789A707CA0388E27191F3238E75B8FA352A37BA743CB80351DB5DC8F4F5CFD79C920102A838B5EE973E4F95253B43B0E327F31CBBBD7932E13C2DB0F43CCE1FB609DFE4140CA3B048CFB3C929AB9685EBFFD09F08625727583AE0E4AB61DDE47807E124D84F3FCA43FC92A7AA931FBE193CC609611FC30E873F1988D92251DF49C1E2A9126C63FA3FE19C4D9066FEC94693CBCC0951624C3F410F729F9539D35C848D924C29CF512ED032AA4B5AC4A2440197C81D5EBA6A5A9CBC11F4660FFE7597F60E6AF25944E425D724606ABFCB84878D66CE017D3ED6B07CA4FCA5B5CFA57C82FCCF1172850678F63F6F2277F242C1DACB5D16D2BC5EC611C45751A8AFC3179CEFA82334172D326B3CFCB9FB43B2E981AB6BC4033CC2E7BB57E6A19A74953E1E5E7A2E4463E3C3C950ACC5128D1DC543A6BB34C3AE3F4C33818923C1911329D5BA8D6AF1ED5915E1A1E0824CC612898AF0B0EBB553D5760AD00913D60A5649C860B3FCA1049A55BC24045298537BAA1E47B9C779FF24654889FF6162DFF3DF787E53CE4D1355AAF425B9B7CACE1C9FE076D61BD6A1887155813C7C922ABF8D161B546A94D091365D7EF693532B7CB2352F73EB8E4CB75E5771E21C2691C1AB114880E0AB104869DA6425900EF55A5B95FED252DC1D70B2473B26AEFFBCD5569F895D16B50F030B7EB2846985D185880F2B4624622F28CDD73CAEBBC318187AD69432EF31B38831E67222CCBA64DFBF0937A297E3473421506E7AA1D30DABE3841E8F58D6C6B1D0596867D80ADA9A9ADD06A1FB634DBF7B1FEF67DBABFF52538C4563B90FD343F711822EA17054A9FD1D61B9FD78CD083345E7544853B5D284CC73082C2042BFF6C2614FB1F129F7B7E2C07DFF784DCC5859A8306A33807ED27958C3FFD25F13537F869248BE6E4B3ADD9F03E5DF976D1BCEE46C30B5E79AFCF5233F3E4FE05EE6E5AA17A0E44BD67B1ED69F51F5EF287E531FA51B4FA545BC0C3EFB16D8424518AE27498DFBCBF79D129CA3AF38108C86266527435FC27AFA4201609B974EC1CEF0741BC478676736135E5E2BA6297C061E585CE267A99CB411505FC26A2E54209C94D6757CA9B71127B401DEB364D0A86C4C22A5A65CDD2504C57602959D2DB6E8BAC42720A76B8910D08852AE79D91F195A046D86BC3D88660ECC6BAB9CA26B765B45C6DC2571685EE8F25EEBC7B7FEE5AE00B492CF90CFC2C2348F92D2C0D4776FC611CB1F7064E40230E74302CF83A93F177A53CE7D05D5BDB
-20210515065958 2 6 100 8191 2 DD4A2D5D7B10514C9CBEB91330C309D38566FF0D418584030168693F4060DE64CC996D4F9D446AEF0F5C78E4BCFD2067A117FF78EDB5E248F494F0F6AAF718220D801EE111F50E6FD20092C3C4CFF0452384E6EF948624A85ACB5A40280F32E0C1824BF0D7215F20DC356DCF39DB382083F4CAB942564DEDA2B38211789A707CA0388E27191F3238E75B8FA352A37BA743CB80351DB5DC8F4F5CFD79C920102A838B5EE973E4F95253B43B0E327F31CBBBD7932E13C2DB0F43CCE1FB609DFE4140CA3B048CFB3C929AB9685EBFFD09F08625727583AE0E4AB61DDE47807E124D84F3FCA43FC92A7AA931FBE193CC609611FC30E873F1988D92251DF49C1E2A9126C63FA3FE19C4D9066FEC94693CBCC0951624C3F410F729F9539D35C848D924C29CF512ED032AA4B5AC4A2440197C81D5EBA6A5A9CBC11F4660FFE7597F60E6AF25944E425D724606ABFCB84878D66CE017D3ED6B07CA4FCA5B5CFA57C82FCCF1172850678F63F6F2277F242C1DACB5D16D2BC5EC611C45751A8AFC3179CEFA82334172D326B3CFCB9FB43B2E981AB6BC4033CC2E7BB57E6A19A74953E1E5E7A2E4463E3C3C950ACC5128D1DC543A6BB34C3AE3F4C33818923C1911329D5BA8D6AF1ED5915E1A1E0824CC612898AF0B0EBB553D5760AD00913D60A5649C860B3FCA1049A55BC24045298537BAA1E47B9C779FF24654889FF6162DFF3DF787E53CE4D1355AAF425B9B7CACE1C9FE076D61BD6A1887155813C7C922ABF8D161B546A94D091365D7EF693532B7CB2352F73EB8E4CB75E5771E21C2691C1AB114880E0AB104869DA6425900EF55A5B95FED252DC1D70B2473B26AEFFBCD5569F895D16B50F030B7EB2846985D185880F2B4624622F28CDD73CAEBBC318187AD69432EF31B38831E67222CCBA64DFBF0937A297E3473421506E7AA1D30DABE3841E8F58D6C6B1D0596867D80ADA9A9ADD06A1FB634DBF7B1FEF67DBABFF52538C4563B90FD343F711822EA17054A9FD1D61B9FD78CD083345E7544853B5D284CC73082C2042BFF6C2614FB1F129F7B7E2C07DFF784DCC5859A8306A33807ED27958C3FFD25F13537F869248BE6E4B3ADD9F03E5DF976D1BCEE46C30B5E79AFCF5233F3E4FE05EE6E5AA17A0E44BD67B1ED69F51F5EF287E531FA51B4FA545BC0C3EFB16D8424518AE27498DFBCBF79D129CA3AF38108C86266527435FC27AFA4201609B974EC1CEF0741BC478676736135E5E2BA6297C061E585CE267A99CB411505FC26A2E54209C94D6757CA9B71127B401DEB364D0A86C4C22A5A65CDD2504C57602959D2DB6E8BAC42720A76B8910D08852AE79D91F195A046D86BC3D88660ECC6BAB9CA26B765B45C6DC2571685EE8F25EEBC7B7FEE5AE00B492CF90CFC2C2348F92D2C0D4776FC611CB1F7064E40230E74302CF83A93F177A53CE7D190DF9B
-20210515070456 2 6 100 8191 5 DD4A2D5D7B10514C9CBEB91330C309D38566FF0D418584030168693F4060DE64CC996D4F9D446AEF0F5C78E4BCFD2067A117FF78EDB5E248F494F0F6AAF718220D801EE111F50E6FD20092C3C4CFF0452384E6EF948624A85ACB5A40280F32E0C1824BF0D7215F20DC356DCF39DB382083F4CAB942564DEDA2B38211789A707CA0388E27191F3238E75B8FA352A37BA743CB80351DB5DC8F4F5CFD79C920102A838B5EE973E4F95253B43B0E327F31CBBBD7932E13C2DB0F43CCE1FB609DFE4140CA3B048CFB3C929AB9685EBFFD09F08625727583AE0E4AB61DDE47807E124D84F3FCA43FC92A7AA931FBE193CC609611FC30E873F1988D92251DF49C1E2A9126C63FA3FE19C4D9066FEC94693CBCC0951624C3F410F729F9539D35C848D924C29CF512ED032AA4B5AC4A2440197C81D5EBA6A5A9CBC11F4660FFE7597F60E6AF25944E425D724606ABFCB84878D66CE017D3ED6B07CA4FCA5B5CFA57C82FCCF1172850678F63F6F2277F242C1DACB5D16D2BC5EC611C45751A8AFC3179CEFA82334172D326B3CFCB9FB43B2E981AB6BC4033CC2E7BB57E6A19A74953E1E5E7A2E4463E3C3C950ACC5128D1DC543A6BB34C3AE3F4C33818923C1911329D5BA8D6AF1ED5915E1A1E0824CC612898AF0B0EBB553D5760AD00913D60A5649C860B3FCA1049A55BC24045298537BAA1E47B9C779FF24654889FF6162DFF3DF787E53CE4D1355AAF425B9B7CACE1C9FE076D61BD6A1887155813C7C922ABF8D161B546A94D091365D7EF693532B7CB2352F73EB8E4CB75E5771E21C2691C1AB114880E0AB104869DA6425900EF55A5B95FED252DC1D70B2473B26AEFFBCD5569F895D16B50F030B7EB2846985D185880F2B4624622F28CDD73CAEBBC318187AD69432EF31B38831E67222CCBA64DFBF0937A297E3473421506E7AA1D30DABE3841E8F58D6C6B1D0596867D80ADA9A9ADD06A1FB634DBF7B1FEF67DBABFF52538C4563B90FD343F711822EA17054A9FD1D61B9FD78CD083345E7544853B5D284CC73082C2042BFF6C2614FB1F129F7B7E2C07DFF784DCC5859A8306A33807ED27958C3FFD25F13537F869248BE6E4B3ADD9F03E5DF976D1BCEE46C30B5E79AFCF5233F3E4FE05EE6E5AA17A0E44BD67B1ED69F51F5EF287E531FA51B4FA545BC0C3EFB16D8424518AE27498DFBCBF79D129CA3AF38108C86266527435FC27AFA4201609B974EC1CEF0741BC478676736135E5E2BA6297C061E585CE267A99CB411505FC26A2E54209C94D6757CA9B71127B401DEB364D0A86C4C22A5A65CDD2504C57602959D2DB6E8BAC42720A76B8910D08852AE79D91F195A046D86BC3D88660ECC6BAB9CA26B765B45C6DC2571685EE8F25EEBC7B7FEE5AE00B492CF90CFC2C2348F92D2C0D4776FC611CB1F7064E40230E74302CF83A93F177A53CE7D1DF4F37
-20210515073228 2 6 100 8191 2 DD4A2D5D7B10514C9CBEB91330C309D38566FF0D418584030168693F4060DE64CC996D4F9D446AEF0F5C78E4BCFD2067A117FF78EDB5E248F494F0F6AAF718220D801EE111F50E6FD20092C3C4CFF0452384E6EF948624A85ACB5A40280F32E0C1824BF0D7215F20DC356DCF39DB382083F4CAB942564DEDA2B38211789A707CA0388E27191F3238E75B8FA352A37BA743CB80351DB5DC8F4F5CFD79C920102A838B5EE973E4F95253B43B0E327F31CBBBD7932E13C2DB0F43CCE1FB609DFE4140CA3B048CFB3C929AB9685EBFFD09F08625727583AE0E4AB61DDE47807E124D84F3FCA43FC92A7AA931FBE193CC609611FC30E873F1988D92251DF49C1E2A9126C63FA3FE19C4D9066FEC94693CBCC0951624C3F410F729F9539D35C848D924C29CF512ED032AA4B5AC4A2440197C81D5EBA6A5A9CBC11F4660FFE7597F60E6AF25944E425D724606ABFCB84878D66CE017D3ED6B07CA4FCA5B5CFA57C82FCCF1172850678F63F6F2277F242C1DACB5D16D2BC5EC611C45751A8AFC3179CEFA82334172D326B3CFCB9FB43B2E981AB6BC4033CC2E7BB57E6A19A74953E1E5E7A2E4463E3C3C950ACC5128D1DC543A6BB34C3AE3F4C33818923C1911329D5BA8D6AF1ED5915E1A1E0824CC612898AF0B0EBB553D5760AD00913D60A5649C860B3FCA1049A55BC24045298537BAA1E47B9C779FF24654889FF6162DFF3DF787E53CE4D1355AAF425B9B7CACE1C9FE076D61BD6A1887155813C7C922ABF8D161B546A94D091365D7EF693532B7CB2352F73EB8E4CB75E5771E21C2691C1AB114880E0AB104869DA6425900EF55A5B95FED252DC1D70B2473B26AEFFBCD5569F895D16B50F030B7EB2846985D185880F2B4624622F28CDD73CAEBBC318187AD69432EF31B38831E67222CCBA64DFBF0937A297E3473421506E7AA1D30DABE3841E8F58D6C6B1D0596867D80ADA9A9ADD06A1FB634DBF7B1FEF67DBABFF52538C4563B90FD343F711822EA17054A9FD1D61B9FD78CD083345E7544853B5D284CC73082C2042BFF6C2614FB1F129F7B7E2C07DFF784DCC5859A8306A33807ED27958C3FFD25F13537F869248BE6E4B3ADD9F03E5DF976D1BCEE46C30B5E79AFCF5233F3E4FE05EE6E5AA17A0E44BD67B1ED69F51F5EF287E531FA51B4FA545BC0C3EFB16D8424518AE27498DFBCBF79D129CA3AF38108C86266527435FC27AFA4201609B974EC1CEF0741BC478676736135E5E2BA6297C061E585CE267A99CB411505FC26A2E54209C94D6757CA9B71127B401DEB364D0A86C4C22A5A65CDD2504C57602959D2DB6E8BAC42720A76B8910D08852AE79D91F195A046D86BC3D88660ECC6BAB9CA26B765B45C6DC2571685EE8F25EEBC7B7FEE5AE00B492CF90CFC2C2348F92D2C0D4776FC611CB1F7064E40230E74302CF83A93F177A53CE7D3BDC2E3
-20210515082306 2 6 100 8191 5 DD4A2D5D7B10514C9CBEB91330C309D38566FF0D418584030168693F4060DE64CC996D4F9D446AEF0F5C78E4BCFD2067A117FF78EDB5E248F494F0F6AAF718220D801EE111F50E6FD20092C3C4CFF0452384E6EF948624A85ACB5A40280F32E0C1824BF0D7215F20DC356DCF39DB382083F4CAB942564DEDA2B38211789A707CA0388E27191F3238E75B8FA352A37BA743CB80351DB5DC8F4F5CFD79C920102A838B5EE973E4F95253B43B0E327F31CBBBD7932E13C2DB0F43CCE1FB609DFE4140CA3B048CFB3C929AB9685EBFFD09F08625727583AE0E4AB61DDE47807E124D84F3FCA43FC92A7AA931FBE193CC609611FC30E873F1988D92251DF49C1E2A9126C63FA3FE19C4D9066FEC94693CBCC0951624C3F410F729F9539D35C848D924C29CF512ED032AA4B5AC4A2440197C81D5EBA6A5A9CBC11F4660FFE7597F60E6AF25944E425D724606ABFCB84878D66CE017D3ED6B07CA4FCA5B5CFA57C82FCCF1172850678F63F6F2277F242C1DACB5D16D2BC5EC611C45751A8AFC3179CEFA82334172D326B3CFCB9FB43B2E981AB6BC4033CC2E7BB57E6A19A74953E1E5E7A2E4463E3C3C950ACC5128D1DC543A6BB34C3AE3F4C33818923C1911329D5BA8D6AF1ED5915E1A1E0824CC612898AF0B0EBB553D5760AD00913D60A5649C860B3FCA1049A55BC24045298537BAA1E47B9C779FF24654889FF6162DFF3DF787E53CE4D1355AAF425B9B7CACE1C9FE076D61BD6A1887155813C7C922ABF8D161B546A94D091365D7EF693532B7CB2352F73EB8E4CB75E5771E21C2691C1AB114880E0AB104869DA6425900EF55A5B95FED252DC1D70B2473B26AEFFBCD5569F895D16B50F030B7EB2846985D185880F2B4624622F28CDD73CAEBBC318187AD69432EF31B38831E67222CCBA64DFBF0937A297E3473421506E7AA1D30DABE3841E8F58D6C6B1D0596867D80ADA9A9ADD06A1FB634DBF7B1FEF67DBABFF52538C4563B90FD343F711822EA17054A9FD1D61B9FD78CD083345E7544853B5D284CC73082C2042BFF6C2614FB1F129F7B7E2C07DFF784DCC5859A8306A33807ED27958C3FFD25F13537F869248BE6E4B3ADD9F03E5DF976D1BCEE46C30B5E79AFCF5233F3E4FE05EE6E5AA17A0E44BD67B1ED69F51F5EF287E531FA51B4FA545BC0C3EFB16D8424518AE27498DFBCBF79D129CA3AF38108C86266527435FC27AFA4201609B974EC1CEF0741BC478676736135E5E2BA6297C061E585CE267A99CB411505FC26A2E54209C94D6757CA9B71127B401DEB364D0A86C4C22A5A65CDD2504C57602959D2DB6E8BAC42720A76B8910D08852AE79D91F195A046D86BC3D88660ECC6BAB9CA26B765B45C6DC2571685EE8F25EEBC7B7FEE5AE00B492CF90CFC2C2348F92D2C0D4776FC611CB1F7064E40230E74302CF83A93F177A53CE7D7180387
-20210515083006 2 6 100 8191 2 DD4A2D5D7B10514C9CBEB91330C309D38566FF0D418584030168693F4060DE64CC996D4F9D446AEF0F5C78E4BCFD2067A117FF78EDB5E248F494F0F6AAF718220D801EE111F50E6FD20092C3C4CFF0452384E6EF948624A85ACB5A40280F32E0C1824BF0D7215F20DC356DCF39DB382083F4CAB942564DEDA2B38211789A707CA0388E27191F3238E75B8FA352A37BA743CB80351DB5DC8F4F5CFD79C920102A838B5EE973E4F95253B43B0E327F31CBBBD7932E13C2DB0F43CCE1FB609DFE4140CA3B048CFB3C929AB9685EBFFD09F08625727583AE0E4AB61DDE47807E124D84F3FCA43FC92A7AA931FBE193CC609611FC30E873F1988D92251DF49C1E2A9126C63FA3FE19C4D9066FEC94693CBCC0951624C3F410F729F9539D35C848D924C29CF512ED032AA4B5AC4A2440197C81D5EBA6A5A9CBC11F4660FFE7597F60E6AF25944E425D724606ABFCB84878D66CE017D3ED6B07CA4FCA5B5CFA57C82FCCF1172850678F63F6F2277F242C1DACB5D16D2BC5EC611C45751A8AFC3179CEFA82334172D326B3CFCB9FB43B2E981AB6BC4033CC2E7BB57E6A19A74953E1E5E7A2E4463E3C3C950ACC5128D1DC543A6BB34C3AE3F4C33818923C1911329D5BA8D6AF1ED5915E1A1E0824CC612898AF0B0EBB553D5760AD00913D60A5649C860B3FCA1049A55BC24045298537BAA1E47B9C779FF24654889FF6162DFF3DF787E53CE4D1355AAF425B9B7CACE1C9FE076D61BD6A1887155813C7C922ABF8D161B546A94D091365D7EF693532B7CB2352F73EB8E4CB75E5771E21C2691C1AB114880E0AB104869DA6425900EF55A5B95FED252DC1D70B2473B26AEFFBCD5569F895D16B50F030B7EB2846985D185880F2B4624622F28CDD73CAEBBC318187AD69432EF31B38831E67222CCBA64DFBF0937A297E3473421506E7AA1D30DABE3841E8F58D6C6B1D0596867D80ADA9A9ADD06A1FB634DBF7B1FEF67DBABFF52538C4563B90FD343F711822EA17054A9FD1D61B9FD78CD083345E7544853B5D284CC73082C2042BFF6C2614FB1F129F7B7E2C07DFF784DCC5859A8306A33807ED27958C3FFD25F13537F869248BE6E4B3ADD9F03E5DF976D1BCEE46C30B5E79AFCF5233F3E4FE05EE6E5AA17A0E44BD67B1ED69F51F5EF287E531FA51B4FA545BC0C3EFB16D8424518AE27498DFBCBF79D129CA3AF38108C86266527435FC27AFA4201609B974EC1CEF0741BC478676736135E5E2BA6297C061E585CE267A99CB411505FC26A2E54209C94D6757CA9B71127B401DEB364D0A86C4C22A5A65CDD2504C57602959D2DB6E8BAC42720A76B8910D08852AE79D91F195A046D86BC3D88660ECC6BAB9CA26B765B45C6DC2571685EE8F25EEBC7B7FEE5AE00B492CF90CFC2C2348F92D2C0D4776FC611CB1F7064E40230E74302CF83A93F177A53CE7D78B18B3
-20210515090500 2 6 100 8191 5 DD4A2D5D7B10514C9CBEB91330C309D38566FF0D418584030168693F4060DE64CC996D4F9D446AEF0F5C78E4BCFD2067A117FF78EDB5E248F494F0F6AAF718220D801EE111F50E6FD20092C3C4CFF0452384E6EF948624A85ACB5A40280F32E0C1824BF0D7215F20DC356DCF39DB382083F4CAB942564DEDA2B38211789A707CA0388E27191F3238E75B8FA352A37BA743CB80351DB5DC8F4F5CFD79C920102A838B5EE973E4F95253B43B0E327F31CBBBD7932E13C2DB0F43CCE1FB609DFE4140CA3B048CFB3C929AB9685EBFFD09F08625727583AE0E4AB61DDE47807E124D84F3FCA43FC92A7AA931FBE193CC609611FC30E873F1988D92251DF49C1E2A9126C63FA3FE19C4D9066FEC94693CBCC0951624C3F410F729F9539D35C848D924C29CF512ED032AA4B5AC4A2440197C81D5EBA6A5A9CBC11F4660FFE7597F60E6AF25944E425D724606ABFCB84878D66CE017D3ED6B07CA4FCA5B5CFA57C82FCCF1172850678F63F6F2277F242C1DACB5D16D2BC5EC611C45751A8AFC3179CEFA82334172D326B3CFCB9FB43B2E981AB6BC4033CC2E7BB57E6A19A74953E1E5E7A2E4463E3C3C950ACC5128D1DC543A6BB34C3AE3F4C33818923C1911329D5BA8D6AF1ED5915E1A1E0824CC612898AF0B0EBB553D5760AD00913D60A5649C860B3FCA1049A55BC24045298537BAA1E47B9C779FF24654889FF6162DFF3DF787E53CE4D1355AAF425B9B7CACE1C9FE076D61BD6A1887155813C7C922ABF8D161B546A94D091365D7EF693532B7CB2352F73EB8E4CB75E5771E21C2691C1AB114880E0AB104869DA6425900EF55A5B95FED252DC1D70B2473B26AEFFBCD5569F895D16B50F030B7EB2846985D185880F2B4624622F28CDD73CAEBBC318187AD69432EF31B38831E67222CCBA64DFBF0937A297E3473421506E7AA1D30DABE3841E8F58D6C6B1D0596867D80ADA9A9ADD06A1FB634DBF7B1FEF67DBABFF52538C4563B90FD343F711822EA17054A9FD1D61B9FD78CD083345E7544853B5D284CC73082C2042BFF6C2614FB1F129F7B7E2C07DFF784DCC5859A8306A33807ED27958C3FFD25F13537F869248BE6E4B3ADD9F03E5DF976D1BCEE46C30B5E79AFCF5233F3E4FE05EE6E5AA17A0E44BD67B1ED69F51F5EF287E531FA51B4FA545BC0C3EFB16D8424518AE27498DFBCBF79D129CA3AF38108C86266527435FC27AFA4201609B974EC1CEF0741BC478676736135E5E2BA6297C061E585CE267A99CB411505FC26A2E54209C94D6757CA9B71127B401DEB364D0A86C4C22A5A65CDD2504C57602959D2DB6E8BAC42720A76B8910D08852AE79D91F195A046D86BC3D88660ECC6BAB9CA26B765B45C6DC2571685EE8F25EEBC7B7FEE5AE00B492CF90CFC2C2348F92D2C0D4776FC611CB1F7064E40230E74302CF83A93F177A53CE7D9CF96DF
-20210515092343 2 6 100 8191 5 DD4A2D5D7B10514C9CBEB91330C309D38566FF0D418584030168693F4060DE64CC996D4F9D446AEF0F5C78E4BCFD2067A117FF78EDB5E248F494F0F6AAF718220D801EE111F50E6FD20092C3C4CFF0452384E6EF948624A85ACB5A40280F32E0C1824BF0D7215F20DC356DCF39DB382083F4CAB942564DEDA2B38211789A707CA0388E27191F3238E75B8FA352A37BA743CB80351DB5DC8F4F5CFD79C920102A838B5EE973E4F95253B43B0E327F31CBBBD7932E13C2DB0F43CCE1FB609DFE4140CA3B048CFB3C929AB9685EBFFD09F08625727583AE0E4AB61DDE47807E124D84F3FCA43FC92A7AA931FBE193CC609611FC30E873F1988D92251DF49C1E2A9126C63FA3FE19C4D9066FEC94693CBCC0951624C3F410F729F9539D35C848D924C29CF512ED032AA4B5AC4A2440197C81D5EBA6A5A9CBC11F4660FFE7597F60E6AF25944E425D724606ABFCB84878D66CE017D3ED6B07CA4FCA5B5CFA57C82FCCF1172850678F63F6F2277F242C1DACB5D16D2BC5EC611C45751A8AFC3179CEFA82334172D326B3CFCB9FB43B2E981AB6BC4033CC2E7BB57E6A19A74953E1E5E7A2E4463E3C3C950ACC5128D1DC543A6BB34C3AE3F4C33818923C1911329D5BA8D6AF1ED5915E1A1E0824CC612898AF0B0EBB553D5760AD00913D60A5649C860B3FCA1049A55BC24045298537BAA1E47B9C779FF24654889FF6162DFF3DF787E53CE4D1355AAF425B9B7CACE1C9FE076D61BD6A1887155813C7C922ABF8D161B546A94D091365D7EF693532B7CB2352F73EB8E4CB75E5771E21C2691C1AB114880E0AB104869DA6425900EF55A5B95FED252DC1D70B2473B26AEFFBCD5569F895D16B50F030B7EB2846985D185880F2B4624622F28CDD73CAEBBC318187AD69432EF31B38831E67222CCBA64DFBF0937A297E3473421506E7AA1D30DABE3841E8F58D6C6B1D0596867D80ADA9A9ADD06A1FB634DBF7B1FEF67DBABFF52538C4563B90FD343F711822EA17054A9FD1D61B9FD78CD083345E7544853B5D284CC73082C2042BFF6C2614FB1F129F7B7E2C07DFF784DCC5859A8306A33807ED27958C3FFD25F13537F869248BE6E4B3ADD9F03E5DF976D1BCEE46C30B5E79AFCF5233F3E4FE05EE6E5AA17A0E44BD67B1ED69F51F5EF287E531FA51B4FA545BC0C3EFB16D8424518AE27498DFBCBF79D129CA3AF38108C86266527435FC27AFA4201609B974EC1CEF0741BC478676736135E5E2BA6297C061E585CE267A99CB411505FC26A2E54209C94D6757CA9B71127B401DEB364D0A86C4C22A5A65CDD2504C57602959D2DB6E8BAC42720A76B8910D08852AE79D91F195A046D86BC3D88660ECC6BAB9CA26B765B45C6DC2571685EE8F25EEBC7B7FEE5AE00B492CF90CFC2C2348F92D2C0D4776FC611CB1F7064E40230E74302CF83A93F177A53CE7DB040157
-20210515100730 2 6 100 8191 2 DD4A2D5D7B10514C9CBEB91330C309D38566FF0D418584030168693F4060DE64CC996D4F9D446AEF0F5C78E4BCFD2067A117FF78EDB5E248F494F0F6AAF718220D801EE111F50E6FD20092C3C4CFF0452384E6EF948624A85ACB5A40280F32E0C1824BF0D7215F20DC356DCF39DB382083F4CAB942564DEDA2B38211789A707CA0388E27191F3238E75B8FA352A37BA743CB80351DB5DC8F4F5CFD79C920102A838B5EE973E4F95253B43B0E327F31CBBBD7932E13C2DB0F43CCE1FB609DFE4140CA3B048CFB3C929AB9685EBFFD09F08625727583AE0E4AB61DDE47807E124D84F3FCA43FC92A7AA931FBE193CC609611FC30E873F1988D92251DF49C1E2A9126C63FA3FE19C4D9066FEC94693CBCC0951624C3F410F729F9539D35C848D924C29CF512ED032AA4B5AC4A2440197C81D5EBA6A5A9CBC11F4660FFE7597F60E6AF25944E425D724606ABFCB84878D66CE017D3ED6B07CA4FCA5B5CFA57C82FCCF1172850678F63F6F2277F242C1DACB5D16D2BC5EC611C45751A8AFC3179CEFA82334172D326B3CFCB9FB43B2E981AB6BC4033CC2E7BB57E6A19A74953E1E5E7A2E4463E3C3C950ACC5128D1DC543A6BB34C3AE3F4C33818923C1911329D5BA8D6AF1ED5915E1A1E0824CC612898AF0B0EBB553D5760AD00913D60A5649C860B3FCA1049A55BC24045298537BAA1E47B9C779FF24654889FF6162DFF3DF787E53CE4D1355AAF425B9B7CACE1C9FE076D61BD6A1887155813C7C922ABF8D161B546A94D091365D7EF693532B7CB2352F73EB8E4CB75E5771E21C2691C1AB114880E0AB104869DA6425900EF55A5B95FED252DC1D70B2473B26AEFFBCD5569F895D16B50F030B7EB2846985D185880F2B4624622F28CDD73CAEBBC318187AD69432EF31B38831E67222CCBA64DFBF0937A297E3473421506E7AA1D30DABE3841E8F58D6C6B1D0596867D80ADA9A9ADD06A1FB634DBF7B1FEF67DBABFF52538C4563B90FD343F711822EA17054A9FD1D61B9FD78CD083345E7544853B5D284CC73082C2042BFF6C2614FB1F129F7B7E2C07DFF784DCC5859A8306A33807ED27958C3FFD25F13537F869248BE6E4B3ADD9F03E5DF976D1BCEE46C30B5E79AFCF5233F3E4FE05EE6E5AA17A0E44BD67B1ED69F51F5EF287E531FA51B4FA545BC0C3EFB16D8424518AE27498DFBCBF79D129CA3AF38108C86266527435FC27AFA4201609B974EC1CEF0741BC478676736135E5E2BA6297C061E585CE267A99CB411505FC26A2E54209C94D6757CA9B71127B401DEB364D0A86C4C22A5A65CDD2504C57602959D2DB6E8BAC42720A76B8910D08852AE79D91F195A046D86BC3D88660ECC6BAB9CA26B765B45C6DC2571685EE8F25EEBC7B7FEE5AE00B492CF90CFC2C2348F92D2C0D4776FC611CB1F7064E40230E74302CF83A93F177A53CE7DDEA0AE3
-20210515102122 2 6 100 8191 2 DD4A2D5D7B10514C9CBEB91330C309D38566FF0D418584030168693F4060DE64CC996D4F9D446AEF0F5C78E4BCFD2067A117FF78EDB5E248F494F0F6AAF718220D801EE111F50E6FD20092C3C4CFF0452384E6EF948624A85ACB5A40280F32E0C1824BF0D7215F20DC356DCF39DB382083F4CAB942564DEDA2B38211789A707CA0388E27191F3238E75B8FA352A37BA743CB80351DB5DC8F4F5CFD79C920102A838B5EE973E4F95253B43B0E327F31CBBBD7932E13C2DB0F43CCE1FB609DFE4140CA3B048CFB3C929AB9685EBFFD09F08625727583AE0E4AB61DDE47807E124D84F3FCA43FC92A7AA931FBE193CC609611FC30E873F1988D92251DF49C1E2A9126C63FA3FE19C4D9066FEC94693CBCC0951624C3F410F729F9539D35C848D924C29CF512ED032AA4B5AC4A2440197C81D5EBA6A5A9CBC11F4660FFE7597F60E6AF25944E425D724606ABFCB84878D66CE017D3ED6B07CA4FCA5B5CFA57C82FCCF1172850678F63F6F2277F242C1DACB5D16D2BC5EC611C45751A8AFC3179CEFA82334172D326B3CFCB9FB43B2E981AB6BC4033CC2E7BB57E6A19A74953E1E5E7A2E4463E3C3C950ACC5128D1DC543A6BB34C3AE3F4C33818923C1911329D5BA8D6AF1ED5915E1A1E0824CC612898AF0B0EBB553D5760AD00913D60A5649C860B3FCA1049A55BC24045298537BAA1E47B9C779FF24654889FF6162DFF3DF787E53CE4D1355AAF425B9B7CACE1C9FE076D61BD6A1887155813C7C922ABF8D161B546A94D091365D7EF693532B7CB2352F73EB8E4CB75E5771E21C2691C1AB114880E0AB104869DA6425900EF55A5B95FED252DC1D70B2473B26AEFFBCD5569F895D16B50F030B7EB2846985D185880F2B4624622F28CDD73CAEBBC318187AD69432EF31B38831E67222CCBA64DFBF0937A297E3473421506E7AA1D30DABE3841E8F58D6C6B1D0596867D80ADA9A9ADD06A1FB634DBF7B1FEF67DBABFF52538C4563B90FD343F711822EA17054A9FD1D61B9FD78CD083345E7544853B5D284CC73082C2042BFF6C2614FB1F129F7B7E2C07DFF784DCC5859A8306A33807ED27958C3FFD25F13537F869248BE6E4B3ADD9F03E5DF976D1BCEE46C30B5E79AFCF5233F3E4FE05EE6E5AA17A0E44BD67B1ED69F51F5EF287E531FA51B4FA545BC0C3EFB16D8424518AE27498DFBCBF79D129CA3AF38108C86266527435FC27AFA4201609B974EC1CEF0741BC478676736135E5E2BA6297C061E585CE267A99CB411505FC26A2E54209C94D6757CA9B71127B401DEB364D0A86C4C22A5A65CDD2504C57602959D2DB6E8BAC42720A76B8910D08852AE79D91F195A046D86BC3D88660ECC6BAB9CA26B765B45C6DC2571685EE8F25EEBC7B7FEE5AE00B492CF90CFC2C2348F92D2C0D4776FC611CB1F7064E40230E74302CF83A93F177A53CE7DED3CFBB
-20210515111047 2 6 100 8191 2 DD4A2D5D7B10514C9CBEB91330C309D38566FF0D418584030168693F4060DE64CC996D4F9D446AEF0F5C78E4BCFD2067A117FF78EDB5E248F494F0F6AAF718220D801EE111F50E6FD20092C3C4CFF0452384E6EF948624A85ACB5A40280F32E0C1824BF0D7215F20DC356DCF39DB382083F4CAB942564DEDA2B38211789A707CA0388E27191F3238E75B8FA352A37BA743CB80351DB5DC8F4F5CFD79C920102A838B5EE973E4F95253B43B0E327F31CBBBD7932E13C2DB0F43CCE1FB609DFE4140CA3B048CFB3C929AB9685EBFFD09F08625727583AE0E4AB61DDE47807E124D84F3FCA43FC92A7AA931FBE193CC609611FC30E873F1988D92251DF49C1E2A9126C63FA3FE19C4D9066FEC94693CBCC0951624C3F410F729F9539D35C848D924C29CF512ED032AA4B5AC4A2440197C81D5EBA6A5A9CBC11F4660FFE7597F60E6AF25944E425D724606ABFCB84878D66CE017D3ED6B07CA4FCA5B5CFA57C82FCCF1172850678F63F6F2277F242C1DACB5D16D2BC5EC611C45751A8AFC3179CEFA82334172D326B3CFCB9FB43B2E981AB6BC4033CC2E7BB57E6A19A74953E1E5E7A2E4463E3C3C950ACC5128D1DC543A6BB34C3AE3F4C33818923C1911329D5BA8D6AF1ED5915E1A1E0824CC612898AF0B0EBB553D5760AD00913D60A5649C860B3FCA1049A55BC24045298537BAA1E47B9C779FF24654889FF6162DFF3DF787E53CE4D1355AAF425B9B7CACE1C9FE076D61BD6A1887155813C7C922ABF8D161B546A94D091365D7EF693532B7CB2352F73EB8E4CB75E5771E21C2691C1AB114880E0AB104869DA6425900EF55A5B95FED252DC1D70B2473B26AEFFBCD5569F895D16B50F030B7EB2846985D185880F2B4624622F28CDD73CAEBBC318187AD69432EF31B38831E67222CCBA64DFBF0937A297E3473421506E7AA1D30DABE3841E8F58D6C6B1D0596867D80ADA9A9ADD06A1FB634DBF7B1FEF67DBABFF52538C4563B90FD343F711822EA17054A9FD1D61B9FD78CD083345E7544853B5D284CC73082C2042BFF6C2614FB1F129F7B7E2C07DFF784DCC5859A8306A33807ED27958C3FFD25F13537F869248BE6E4B3ADD9F03E5DF976D1BCEE46C30B5E79AFCF5233F3E4FE05EE6E5AA17A0E44BD67B1ED69F51F5EF287E531FA51B4FA545BC0C3EFB16D8424518AE27498DFBCBF79D129CA3AF38108C86266527435FC27AFA4201609B974EC1CEF0741BC478676736135E5E2BA6297C061E585CE267A99CB411505FC26A2E54209C94D6757CA9B71127B401DEB364D0A86C4C22A5A65CDD2504C57602959D2DB6E8BAC42720A76B8910D08852AE79D91F195A046D86BC3D88660ECC6BAB9CA26B765B45C6DC2571685EE8F25EEBC7B7FEE5AE00B492CF90CFC2C2348F92D2C0D4776FC611CB1F7064E40230E74302CF83A93F177A53CE7E218ED8B
-20210515112711 2 6 100 8191 2 DD4A2D5D7B10514C9CBEB91330C309D38566FF0D418584030168693F4060DE64CC996D4F9D446AEF0F5C78E4BCFD2067A117FF78EDB5E248F494F0F6AAF718220D801EE111F50E6FD20092C3C4CFF0452384E6EF948624A85ACB5A40280F32E0C1824BF0D7215F20DC356DCF39DB382083F4CAB942564DEDA2B38211789A707CA0388E27191F3238E75B8FA352A37BA743CB80351DB5DC8F4F5CFD79C920102A838B5EE973E4F95253B43B0E327F31CBBBD7932E13C2DB0F43CCE1FB609DFE4140CA3B048CFB3C929AB9685EBFFD09F08625727583AE0E4AB61DDE47807E124D84F3FCA43FC92A7AA931FBE193CC609611FC30E873F1988D92251DF49C1E2A9126C63FA3FE19C4D9066FEC94693CBCC0951624C3F410F729F9539D35C848D924C29CF512ED032AA4B5AC4A2440197C81D5EBA6A5A9CBC11F4660FFE7597F60E6AF25944E425D724606ABFCB84878D66CE017D3ED6B07CA4FCA5B5CFA57C82FCCF1172850678F63F6F2277F242C1DACB5D16D2BC5EC611C45751A8AFC3179CEFA82334172D326B3CFCB9FB43B2E981AB6BC4033CC2E7BB57E6A19A74953E1E5E7A2E4463E3C3C950ACC5128D1DC543A6BB34C3AE3F4C33818923C1911329D5BA8D6AF1ED5915E1A1E0824CC612898AF0B0EBB553D5760AD00913D60A5649C860B3FCA1049A55BC24045298537BAA1E47B9C779FF24654889FF6162DFF3DF787E53CE4D1355AAF425B9B7CACE1C9FE076D61BD6A1887155813C7C922ABF8D161B546A94D091365D7EF693532B7CB2352F73EB8E4CB75E5771E21C2691C1AB114880E0AB104869DA6425900EF55A5B95FED252DC1D70B2473B26AEFFBCD5569F895D16B50F030B7EB2846985D185880F2B4624622F28CDD73CAEBBC318187AD69432EF31B38831E67222CCBA64DFBF0937A297E3473421506E7AA1D30DABE3841E8F58D6C6B1D0596867D80ADA9A9ADD06A1FB634DBF7B1FEF67DBABFF52538C4563B90FD343F711822EA17054A9FD1D61B9FD78CD083345E7544853B5D284CC73082C2042BFF6C2614FB1F129F7B7E2C07DFF784DCC5859A8306A33807ED27958C3FFD25F13537F869248BE6E4B3ADD9F03E5DF976D1BCEE46C30B5E79AFCF5233F3E4FE05EE6E5AA17A0E44BD67B1ED69F51F5EF287E531FA51B4FA545BC0C3EFB16D8424518AE27498DFBCBF79D129CA3AF38108C86266527435FC27AFA4201609B974EC1CEF0741BC478676736135E5E2BA6297C061E585CE267A99CB411505FC26A2E54209C94D6757CA9B71127B401DEB364D0A86C4C22A5A65CDD2504C57602959D2DB6E8BAC42720A76B8910D08852AE79D91F195A046D86BC3D88660ECC6BAB9CA26B765B45C6DC2571685EE8F25EEBC7B7FEE5AE00B492CF90CFC2C2348F92D2C0D4776FC611CB1F7064E40230E74302CF83A93F177A53CE7E32683E3
-20210515130646 2 6 100 8191 5 DD4A2D5D7B10514C9CBEB91330C309D38566FF0D418584030168693F4060DE64CC996D4F9D446AEF0F5C78E4BCFD2067A117FF78EDB5E248F494F0F6AAF718220D801EE111F50E6FD20092C3C4CFF0452384E6EF948624A85ACB5A40280F32E0C1824BF0D7215F20DC356DCF39DB382083F4CAB942564DEDA2B38211789A707CA0388E27191F3238E75B8FA352A37BA743CB80351DB5DC8F4F5CFD79C920102A838B5EE973E4F95253B43B0E327F31CBBBD7932E13C2DB0F43CCE1FB609DFE4140CA3B048CFB3C929AB9685EBFFD09F08625727583AE0E4AB61DDE47807E124D84F3FCA43FC92A7AA931FBE193CC609611FC30E873F1988D92251DF49C1E2A9126C63FA3FE19C4D9066FEC94693CBCC0951624C3F410F729F9539D35C848D924C29CF512ED032AA4B5AC4A2440197C81D5EBA6A5A9CBC11F4660FFE7597F60E6AF25944E425D724606ABFCB84878D66CE017D3ED6B07CA4FCA5B5CFA57C82FCCF1172850678F63F6F2277F242C1DACB5D16D2BC5EC611C45751A8AFC3179CEFA82334172D326B3CFCB9FB43B2E981AB6BC4033CC2E7BB57E6A19A74953E1E5E7A2E4463E3C3C950ACC5128D1DC543A6BB34C3AE3F4C33818923C1911329D5BA8D6AF1ED5915E1A1E0824CC612898AF0B0EBB553D5760AD00913D60A5649C860B3FCA1049A55BC24045298537BAA1E47B9C779FF24654889FF6162DFF3DF787E53CE4D1355AAF425B9B7CACE1C9FE076D61BD6A1887155813C7C922ABF8D161B546A94D091365D7EF693532B7CB2352F73EB8E4CB75E5771E21C2691C1AB114880E0AB104869DA6425900EF55A5B95FED252DC1D70B2473B26AEFFBCD5569F895D16B50F030B7EB2846985D185880F2B4624622F28CDD73CAEBBC318187AD69432EF31B38831E67222CCBA64DFBF0937A297E3473421506E7AA1D30DABE3841E8F58D6C6B1D0596867D80ADA9A9ADD06A1FB634DBF7B1FEF67DBABFF52538C4563B90FD343F711822EA17054A9FD1D61B9FD78CD083345E7544853B5D284CC73082C2042BFF6C2614FB1F129F7B7E2C07DFF784DCC5859A8306A33807ED27958C3FFD25F13537F869248BE6E4B3ADD9F03E5DF976D1BCEE46C30B5E79AFCF5233F3E4FE05EE6E5AA17A0E44BD67B1ED69F51F5EF287E531FA51B4FA545BC0C3EFB16D8424518AE27498DFBCBF79D129CA3AF38108C86266527435FC27AFA4201609B974EC1CEF0741BC478676736135E5E2BA6297C061E585CE267A99CB411505FC26A2E54209C94D6757CA9B71127B401DEB364D0A86C4C22A5A65CDD2504C57602959D2DB6E8BAC42720A76B8910D08852AE79D91F195A046D86BC3D88660ECC6BAB9CA26B765B45C6DC2571685EE8F25EEBC7B7FEE5AE00B492CF90CFC2C2348F92D2C0D4776FC611CB1F7064E40230E74302CF83A93F177A53CE7E9836B47
-20210515144634 2 6 100 8191 5 DD4A2D5D7B10514C9CBEB91330C309D38566FF0D418584030168693F4060DE64CC996D4F9D446AEF0F5C78E4BCFD2067A117FF78EDB5E248F494F0F6AAF718220D801EE111F50E6FD20092C3C4CFF0452384E6EF948624A85ACB5A40280F32E0C1824BF0D7215F20DC356DCF39DB382083F4CAB942564DEDA2B38211789A707CA0388E27191F3238E75B8FA352A37BA743CB80351DB5DC8F4F5CFD79C920102A838B5EE973E4F95253B43B0E327F31CBBBD7932E13C2DB0F43CCE1FB609DFE4140CA3B048CFB3C929AB9685EBFFD09F08625727583AE0E4AB61DDE47807E124D84F3FCA43FC92A7AA931FBE193CC609611FC30E873F1988D92251DF49C1E2A9126C63FA3FE19C4D9066FEC94693CBCC0951624C3F410F729F9539D35C848D924C29CF512ED032AA4B5AC4A2440197C81D5EBA6A5A9CBC11F4660FFE7597F60E6AF25944E425D724606ABFCB84878D66CE017D3ED6B07CA4FCA5B5CFA57C82FCCF1172850678F63F6F2277F242C1DACB5D16D2BC5EC611C45751A8AFC3179CEFA82334172D326B3CFCB9FB43B2E981AB6BC4033CC2E7BB57E6A19A74953E1E5E7A2E4463E3C3C950ACC5128D1DC543A6BB34C3AE3F4C33818923C1911329D5BA8D6AF1ED5915E1A1E0824CC612898AF0B0EBB553D5760AD00913D60A5649C860B3FCA1049A55BC24045298537BAA1E47B9C779FF24654889FF6162DFF3DF787E53CE4D1355AAF425B9B7CACE1C9FE076D61BD6A1887155813C7C922ABF8D161B546A94D091365D7EF693532B7CB2352F73EB8E4CB75E5771E21C2691C1AB114880E0AB104869DA6425900EF55A5B95FED252DC1D70B2473B26AEFFBCD5569F895D16B50F030B7EB2846985D185880F2B4624622F28CDD73CAEBBC318187AD69432EF31B38831E67222CCBA64DFBF0937A297E3473421506E7AA1D30DABE3841E8F58D6C6B1D0596867D80ADA9A9ADD06A1FB634DBF7B1FEF67DBABFF52538C4563B90FD343F711822EA17054A9FD1D61B9FD78CD083345E7544853B5D284CC73082C2042BFF6C2614FB1F129F7B7E2C07DFF784DCC5859A8306A33807ED27958C3FFD25F13537F869248BE6E4B3ADD9F03E5DF976D1BCEE46C30B5E79AFCF5233F3E4FE05EE6E5AA17A0E44BD67B1ED69F51F5EF287E531FA51B4FA545BC0C3EFB16D8424518AE27498DFBCBF79D129CA3AF38108C86266527435FC27AFA4201609B974EC1CEF0741BC478676736135E5E2BA6297C061E585CE267A99CB411505FC26A2E54209C94D6757CA9B71127B401DEB364D0A86C4C22A5A65CDD2504C57602959D2DB6E8BAC42720A76B8910D08852AE79D91F195A046D86BC3D88660ECC6BAB9CA26B765B45C6DC2571685EE8F25EEBC7B7FEE5AE00B492CF90CFC2C2348F92D2C0D4776FC611CB1F7064E40230E74302CF83A93F177A53CE7EFF3474F
-20210515145430 2 6 100 8191 5 DD4A2D5D7B10514C9CBEB91330C309D38566FF0D418584030168693F4060DE64CC996D4F9D446AEF0F5C78E4BCFD2067A117FF78EDB5E248F494F0F6AAF718220D801EE111F50E6FD20092C3C4CFF0452384E6EF948624A85ACB5A40280F32E0C1824BF0D7215F20DC356DCF39DB382083F4CAB942564DEDA2B38211789A707CA0388E27191F3238E75B8FA352A37BA743CB80351DB5DC8F4F5CFD79C920102A838B5EE973E4F95253B43B0E327F31CBBBD7932E13C2DB0F43CCE1FB609DFE4140CA3B048CFB3C929AB9685EBFFD09F08625727583AE0E4AB61DDE47807E124D84F3FCA43FC92A7AA931FBE193CC609611FC30E873F1988D92251DF49C1E2A9126C63FA3FE19C4D9066FEC94693CBCC0951624C3F410F729F9539D35C848D924C29CF512ED032AA4B5AC4A2440197C81D5EBA6A5A9CBC11F4660FFE7597F60E6AF25944E425D724606ABFCB84878D66CE017D3ED6B07CA4FCA5B5CFA57C82FCCF1172850678F63F6F2277F242C1DACB5D16D2BC5EC611C45751A8AFC3179CEFA82334172D326B3CFCB9FB43B2E981AB6BC4033CC2E7BB57E6A19A74953E1E5E7A2E4463E3C3C950ACC5128D1DC543A6BB34C3AE3F4C33818923C1911329D5BA8D6AF1ED5915E1A1E0824CC612898AF0B0EBB553D5760AD00913D60A5649C860B3FCA1049A55BC24045298537BAA1E47B9C779FF24654889FF6162DFF3DF787E53CE4D1355AAF425B9B7CACE1C9FE076D61BD6A1887155813C7C922ABF8D161B546A94D091365D7EF693532B7CB2352F73EB8E4CB75E5771E21C2691C1AB114880E0AB104869DA6425900EF55A5B95FED252DC1D70B2473B26AEFFBCD5569F895D16B50F030B7EB2846985D185880F2B4624622F28CDD73CAEBBC318187AD69432EF31B38831E67222CCBA64DFBF0937A297E3473421506E7AA1D30DABE3841E8F58D6C6B1D0596867D80ADA9A9ADD06A1FB634DBF7B1FEF67DBABFF52538C4563B90FD343F711822EA17054A9FD1D61B9FD78CD083345E7544853B5D284CC73082C2042BFF6C2614FB1F129F7B7E2C07DFF784DCC5859A8306A33807ED27958C3FFD25F13537F869248BE6E4B3ADD9F03E5DF976D1BCEE46C30B5E79AFCF5233F3E4FE05EE6E5AA17A0E44BD67B1ED69F51F5EF287E531FA51B4FA545BC0C3EFB16D8424518AE27498DFBCBF79D129CA3AF38108C86266527435FC27AFA4201609B974EC1CEF0741BC478676736135E5E2BA6297C061E585CE267A99CB411505FC26A2E54209C94D6757CA9B71127B401DEB364D0A86C4C22A5A65CDD2504C57602959D2DB6E8BAC42720A76B8910D08852AE79D91F195A046D86BC3D88660ECC6BAB9CA26B765B45C6DC2571685EE8F25EEBC7B7FEE5AE00B492CF90CFC2C2348F92D2C0D4776FC611CB1F7064E40230E74302CF83A93F177A53CE7F06C080F
-20210515151337 2 6 100 8191 5 DD4A2D5D7B10514C9CBEB91330C309D38566FF0D418584030168693F4060DE64CC996D4F9D446AEF0F5C78E4BCFD2067A117FF78EDB5E248F494F0F6AAF718220D801EE111F50E6FD20092C3C4CFF0452384E6EF948624A85ACB5A40280F32E0C1824BF0D7215F20DC356DCF39DB382083F4CAB942564DEDA2B38211789A707CA0388E27191F3238E75B8FA352A37BA743CB80351DB5DC8F4F5CFD79C920102A838B5EE973E4F95253B43B0E327F31CBBBD7932E13C2DB0F43CCE1FB609DFE4140CA3B048CFB3C929AB9685EBFFD09F08625727583AE0E4AB61DDE47807E124D84F3FCA43FC92A7AA931FBE193CC609611FC30E873F1988D92251DF49C1E2A9126C63FA3FE19C4D9066FEC94693CBCC0951624C3F410F729F9539D35C848D924C29CF512ED032AA4B5AC4A2440197C81D5EBA6A5A9CBC11F4660FFE7597F60E6AF25944E425D724606ABFCB84878D66CE017D3ED6B07CA4FCA5B5CFA57C82FCCF1172850678F63F6F2277F242C1DACB5D16D2BC5EC611C45751A8AFC3179CEFA82334172D326B3CFCB9FB43B2E981AB6BC4033CC2E7BB57E6A19A74953E1E5E7A2E4463E3C3C950ACC5128D1DC543A6BB34C3AE3F4C33818923C1911329D5BA8D6AF1ED5915E1A1E0824CC612898AF0B0EBB553D5760AD00913D60A5649C860B3FCA1049A55BC24045298537BAA1E47B9C779FF24654889FF6162DFF3DF787E53CE4D1355AAF425B9B7CACE1C9FE076D61BD6A1887155813C7C922ABF8D161B546A94D091365D7EF693532B7CB2352F73EB8E4CB75E5771E21C2691C1AB114880E0AB104869DA6425900EF55A5B95FED252DC1D70B2473B26AEFFBCD5569F895D16B50F030B7EB2846985D185880F2B4624622F28CDD73CAEBBC318187AD69432EF31B38831E67222CCBA64DFBF0937A297E3473421506E7AA1D30DABE3841E8F58D6C6B1D0596867D80ADA9A9ADD06A1FB634DBF7B1FEF67DBABFF52538C4563B90FD343F711822EA17054A9FD1D61B9FD78CD083345E7544853B5D284CC73082C2042BFF6C2614FB1F129F7B7E2C07DFF784DCC5859A8306A33807ED27958C3FFD25F13537F869248BE6E4B3ADD9F03E5DF976D1BCEE46C30B5E79AFCF5233F3E4FE05EE6E5AA17A0E44BD67B1ED69F51F5EF287E531FA51B4FA545BC0C3EFB16D8424518AE27498DFBCBF79D129CA3AF38108C86266527435FC27AFA4201609B974EC1CEF0741BC478676736135E5E2BA6297C061E585CE267A99CB411505FC26A2E54209C94D6757CA9B71127B401DEB364D0A86C4C22A5A65CDD2504C57602959D2DB6E8BAC42720A76B8910D08852AE79D91F195A046D86BC3D88660ECC6BAB9CA26B765B45C6DC2571685EE8F25EEBC7B7FEE5AE00B492CF90CFC2C2348F92D2C0D4776FC611CB1F7064E40230E74302CF83A93F177A53CE7F1A0735F
-20210515155550 2 6 100 8191 2 DD4A2D5D7B10514C9CBEB91330C309D38566FF0D418584030168693F4060DE64CC996D4F9D446AEF0F5C78E4BCFD2067A117FF78EDB5E248F494F0F6AAF718220D801EE111F50E6FD20092C3C4CFF0452384E6EF948624A85ACB5A40280F32E0C1824BF0D7215F20DC356DCF39DB382083F4CAB942564DEDA2B38211789A707CA0388E27191F3238E75B8FA352A37BA743CB80351DB5DC8F4F5CFD79C920102A838B5EE973E4F95253B43B0E327F31CBBBD7932E13C2DB0F43CCE1FB609DFE4140CA3B048CFB3C929AB9685EBFFD09F08625727583AE0E4AB61DDE47807E124D84F3FCA43FC92A7AA931FBE193CC609611FC30E873F1988D92251DF49C1E2A9126C63FA3FE19C4D9066FEC94693CBCC0951624C3F410F729F9539D35C848D924C29CF512ED032AA4B5AC4A2440197C81D5EBA6A5A9CBC11F4660FFE7597F60E6AF25944E425D724606ABFCB84878D66CE017D3ED6B07CA4FCA5B5CFA57C82FCCF1172850678F63F6F2277F242C1DACB5D16D2BC5EC611C45751A8AFC3179CEFA82334172D326B3CFCB9FB43B2E981AB6BC4033CC2E7BB57E6A19A74953E1E5E7A2E4463E3C3C950ACC5128D1DC543A6BB34C3AE3F4C33818923C1911329D5BA8D6AF1ED5915E1A1E0824CC612898AF0B0EBB553D5760AD00913D60A5649C860B3FCA1049A55BC24045298537BAA1E47B9C779FF24654889FF6162DFF3DF787E53CE4D1355AAF425B9B7CACE1C9FE076D61BD6A1887155813C7C922ABF8D161B546A94D091365D7EF693532B7CB2352F73EB8E4CB75E5771E21C2691C1AB114880E0AB104869DA6425900EF55A5B95FED252DC1D70B2473B26AEFFBCD5569F895D16B50F030B7EB2846985D185880F2B4624622F28CDD73CAEBBC318187AD69432EF31B38831E67222CCBA64DFBF0937A297E3473421506E7AA1D30DABE3841E8F58D6C6B1D0596867D80ADA9A9ADD06A1FB634DBF7B1FEF67DBABFF52538C4563B90FD343F711822EA17054A9FD1D61B9FD78CD083345E7544853B5D284CC73082C2042BFF6C2614FB1F129F7B7E2C07DFF784DCC5859A8306A33807ED27958C3FFD25F13537F869248BE6E4B3ADD9F03E5DF976D1BCEE46C30B5E79AFCF5233F3E4FE05EE6E5AA17A0E44BD67B1ED69F51F5EF287E531FA51B4FA545BC0C3EFB16D8424518AE27498DFBCBF79D129CA3AF38108C86266527435FC27AFA4201609B974EC1CEF0741BC478676736135E5E2BA6297C061E585CE267A99CB411505FC26A2E54209C94D6757CA9B71127B401DEB364D0A86C4C22A5A65CDD2504C57602959D2DB6E8BAC42720A76B8910D08852AE79D91F195A046D86BC3D88660ECC6BAB9CA26B765B45C6DC2571685EE8F25EEBC7B7FEE5AE00B492CF90CFC2C2348F92D2C0D4776FC611CB1F7064E40230E74302CF83A93F177A53CE7F4535AFB
-20210515170646 2 6 100 8191 2 DD4A2D5D7B10514C9CBEB91330C309D38566FF0D418584030168693F4060DE64CC996D4F9D446AEF0F5C78E4BCFD2067A117FF78EDB5E248F494F0F6AAF718220D801EE111F50E6FD20092C3C4CFF0452384E6EF948624A85ACB5A40280F32E0C1824BF0D7215F20DC356DCF39DB382083F4CAB942564DEDA2B38211789A707CA0388E27191F3238E75B8FA352A37BA743CB80351DB5DC8F4F5CFD79C920102A838B5EE973E4F95253B43B0E327F31CBBBD7932E13C2DB0F43CCE1FB609DFE4140CA3B048CFB3C929AB9685EBFFD09F08625727583AE0E4AB61DDE47807E124D84F3FCA43FC92A7AA931FBE193CC609611FC30E873F1988D92251DF49C1E2A9126C63FA3FE19C4D9066FEC94693CBCC0951624C3F410F729F9539D35C848D924C29CF512ED032AA4B5AC4A2440197C81D5EBA6A5A9CBC11F4660FFE7597F60E6AF25944E425D724606ABFCB84878D66CE017D3ED6B07CA4FCA5B5CFA57C82FCCF1172850678F63F6F2277F242C1DACB5D16D2BC5EC611C45751A8AFC3179CEFA82334172D326B3CFCB9FB43B2E981AB6BC4033CC2E7BB57E6A19A74953E1E5E7A2E4463E3C3C950ACC5128D1DC543A6BB34C3AE3F4C33818923C1911329D5BA8D6AF1ED5915E1A1E0824CC612898AF0B0EBB553D5760AD00913D60A5649C860B3FCA1049A55BC24045298537BAA1E47B9C779FF24654889FF6162DFF3DF787E53CE4D1355AAF425B9B7CACE1C9FE076D61BD6A1887155813C7C922ABF8D161B546A94D091365D7EF693532B7CB2352F73EB8E4CB75E5771E21C2691C1AB114880E0AB104869DA6425900EF55A5B95FED252DC1D70B2473B26AEFFBCD5569F895D16B50F030B7EB2846985D185880F2B4624622F28CDD73CAEBBC318187AD69432EF31B38831E67222CCBA64DFBF0937A297E3473421506E7AA1D30DABE3841E8F58D6C6B1D0596867D80ADA9A9ADD06A1FB634DBF7B1FEF67DBABFF52538C4563B90FD343F711822EA17054A9FD1D61B9FD78CD083345E7544853B5D284CC73082C2042BFF6C2614FB1F129F7B7E2C07DFF784DCC5859A8306A33807ED27958C3FFD25F13537F869248BE6E4B3ADD9F03E5DF976D1BCEE46C30B5E79AFCF5233F3E4FE05EE6E5AA17A0E44BD67B1ED69F51F5EF287E531FA51B4FA545BC0C3EFB16D8424518AE27498DFBCBF79D129CA3AF38108C86266527435FC27AFA4201609B974EC1CEF0741BC478676736135E5E2BA6297C061E585CE267A99CB411505FC26A2E54209C94D6757CA9B71127B401DEB364D0A86C4C22A5A65CDD2504C57602959D2DB6E8BAC42720A76B8910D08852AE79D91F195A046D86BC3D88660ECC6BAB9CA26B765B45C6DC2571685EE8F25EEBC7B7FEE5AE00B492CF90CFC2C2348F92D2C0D4776FC611CB1F7064E40230E74302CF83A93F177A53CE7F8D31C5B
-20210515182201 2 6 100 8191 2 DD4A2D5D7B10514C9CBEB91330C309D38566FF0D418584030168693F4060DE64CC996D4F9D446AEF0F5C78E4BCFD2067A117FF78EDB5E248F494F0F6AAF718220D801EE111F50E6FD20092C3C4CFF0452384E6EF948624A85ACB5A40280F32E0C1824BF0D7215F20DC356DCF39DB382083F4CAB942564DEDA2B38211789A707CA0388E27191F3238E75B8FA352A37BA743CB80351DB5DC8F4F5CFD79C920102A838B5EE973E4F95253B43B0E327F31CBBBD7932E13C2DB0F43CCE1FB609DFE4140CA3B048CFB3C929AB9685EBFFD09F08625727583AE0E4AB61DDE47807E124D84F3FCA43FC92A7AA931FBE193CC609611FC30E873F1988D92251DF49C1E2A9126C63FA3FE19C4D9066FEC94693CBCC0951624C3F410F729F9539D35C848D924C29CF512ED032AA4B5AC4A2440197C81D5EBA6A5A9CBC11F4660FFE7597F60E6AF25944E425D724606ABFCB84878D66CE017D3ED6B07CA4FCA5B5CFA57C82FCCF1172850678F63F6F2277F242C1DACB5D16D2BC5EC611C45751A8AFC3179CEFA82334172D326B3CFCB9FB43B2E981AB6BC4033CC2E7BB57E6A19A74953E1E5E7A2E4463E3C3C950ACC5128D1DC543A6BB34C3AE3F4C33818923C1911329D5BA8D6AF1ED5915E1A1E0824CC612898AF0B0EBB553D5760AD00913D60A5649C860B3FCA1049A55BC24045298537BAA1E47B9C779FF24654889FF6162DFF3DF787E53CE4D1355AAF425B9B7CACE1C9FE076D61BD6A1887155813C7C922ABF8D161B546A94D091365D7EF693532B7CB2352F73EB8E4CB75E5771E21C2691C1AB114880E0AB104869DA6425900EF55A5B95FED252DC1D70B2473B26AEFFBCD5569F895D16B50F030B7EB2846985D185880F2B4624622F28CDD73CAEBBC318187AD69432EF31B38831E67222CCBA64DFBF0937A297E3473421506E7AA1D30DABE3841E8F58D6C6B1D0596867D80ADA9A9ADD06A1FB634DBF7B1FEF67DBABFF52538C4563B90FD343F711822EA17054A9FD1D61B9FD78CD083345E7544853B5D284CC73082C2042BFF6C2614FB1F129F7B7E2C07DFF784DCC5859A8306A33807ED27958C3FFD25F13537F869248BE6E4B3ADD9F03E5DF976D1BCEE46C30B5E79AFCF5233F3E4FE05EE6E5AA17A0E44BD67B1ED69F51F5EF287E531FA51B4FA545BC0C3EFB16D8424518AE27498DFBCBF79D129CA3AF38108C86266527435FC27AFA4201609B974EC1CEF0741BC478676736135E5E2BA6297C061E585CE267A99CB411505FC26A2E54209C94D6757CA9B71127B401DEB364D0A86C4C22A5A65CDD2504C57602959D2DB6E8BAC42720A76B8910D08852AE79D91F195A046D86BC3D88660ECC6BAB9CA26B765B45C6DC2571685EE8F25EEBC7B7FEE5AE00B492CF90CFC2C2348F92D2C0D4776FC611CB1F7064E40230E74302CF83A93F177A53CE7FD9B5FC3
-20210515190839 2 6 100 8191 5 DD4A2D5D7B10514C9CBEB91330C309D38566FF0D418584030168693F4060DE64CC996D4F9D446AEF0F5C78E4BCFD2067A117FF78EDB5E248F494F0F6AAF718220D801EE111F50E6FD20092C3C4CFF0452384E6EF948624A85ACB5A40280F32E0C1824BF0D7215F20DC356DCF39DB382083F4CAB942564DEDA2B38211789A707CA0388E27191F3238E75B8FA352A37BA743CB80351DB5DC8F4F5CFD79C920102A838B5EE973E4F95253B43B0E327F31CBBBD7932E13C2DB0F43CCE1FB609DFE4140CA3B048CFB3C929AB9685EBFFD09F08625727583AE0E4AB61DDE47807E124D84F3FCA43FC92A7AA931FBE193CC609611FC30E873F1988D92251DF49C1E2A9126C63FA3FE19C4D9066FEC94693CBCC0951624C3F410F729F9539D35C848D924C29CF512ED032AA4B5AC4A2440197C81D5EBA6A5A9CBC11F4660FFE7597F60E6AF25944E425D724606ABFCB84878D66CE017D3ED6B07CA4FCA5B5CFA57C82FCCF1172850678F63F6F2277F242C1DACB5D16D2BC5EC611C45751A8AFC3179CEFA82334172D326B3CFCB9FB43B2E981AB6BC4033CC2E7BB57E6A19A74953E1E5E7A2E4463E3C3C950ACC5128D1DC543A6BB34C3AE3F4C33818923C1911329D5BA8D6AF1ED5915E1A1E0824CC612898AF0B0EBB553D5760AD00913D60A5649C860B3FCA1049A55BC24045298537BAA1E47B9C779FF24654889FF6162DFF3DF787E53CE4D1355AAF425B9B7CACE1C9FE076D61BD6A1887155813C7C922ABF8D161B546A94D091365D7EF693532B7CB2352F73EB8E4CB75E5771E21C2691C1AB114880E0AB104869DA6425900EF55A5B95FED252DC1D70B2473B26AEFFBCD5569F895D16B50F030B7EB2846985D185880F2B4624622F28CDD73CAEBBC318187AD69432EF31B38831E67222CCBA64DFBF0937A297E3473421506E7AA1D30DABE3841E8F58D6C6B1D0596867D80ADA9A9ADD06A1FB634DBF7B1FEF67DBABFF52538C4563B90FD343F711822EA17054A9FD1D61B9FD78CD083345E7544853B5D284CC73082C2042BFF6C2614FB1F129F7B7E2C07DFF784DCC5859A8306A33807ED27958C3FFD25F13537F869248BE6E4B3ADD9F03E5DF976D1BCEE46C30B5E79AFCF5233F3E4FE05EE6E5AA17A0E44BD67B1ED69F51F5EF287E531FA51B4FA545BC0C3EFB16D8424518AE27498DFBCBF79D129CA3AF38108C86266527435FC27AFA4201609B974EC1CEF0741BC478676736135E5E2BA6297C061E585CE267A99CB411505FC26A2E54209C94D6757CA9B71127B401DEB364D0A86C4C22A5A65CDD2504C57602959D2DB6E8BAC42720A76B8910D08852AE79D91F195A046D86BC3D88660ECC6BAB9CA26B765B45C6DC2571685EE8F25EEBC7B7FEE5AE00B492CF90CFC2C2348F92D2C0D4776FC611CB1F7064E40230E74302CF83A93F177A53CE80086B9E7
-20210515195013 2 6 100 8191 5 DD4A2D5D7B10514C9CBEB91330C309D38566FF0D418584030168693F4060DE64CC996D4F9D446AEF0F5C78E4BCFD2067A117FF78EDB5E248F494F0F6AAF718220D801EE111F50E6FD20092C3C4CFF0452384E6EF948624A85ACB5A40280F32E0C1824BF0D7215F20DC356DCF39DB382083F4CAB942564DEDA2B38211789A707CA0388E27191F3238E75B8FA352A37BA743CB80351DB5DC8F4F5CFD79C920102A838B5EE973E4F95253B43B0E327F31CBBBD7932E13C2DB0F43CCE1FB609DFE4140CA3B048CFB3C929AB9685EBFFD09F08625727583AE0E4AB61DDE47807E124D84F3FCA43FC92A7AA931FBE193CC609611FC30E873F1988D92251DF49C1E2A9126C63FA3FE19C4D9066FEC94693CBCC0951624C3F410F729F9539D35C848D924C29CF512ED032AA4B5AC4A2440197C81D5EBA6A5A9CBC11F4660FFE7597F60E6AF25944E425D724606ABFCB84878D66CE017D3ED6B07CA4FCA5B5CFA57C82FCCF1172850678F63F6F2277F242C1DACB5D16D2BC5EC611C45751A8AFC3179CEFA82334172D326B3CFCB9FB43B2E981AB6BC4033CC2E7BB57E6A19A74953E1E5E7A2E4463E3C3C950ACC5128D1DC543A6BB34C3AE3F4C33818923C1911329D5BA8D6AF1ED5915E1A1E0824CC612898AF0B0EBB553D5760AD00913D60A5649C860B3FCA1049A55BC24045298537BAA1E47B9C779FF24654889FF6162DFF3DF787E53CE4D1355AAF425B9B7CACE1C9FE076D61BD6A1887155813C7C922ABF8D161B546A94D091365D7EF693532B7CB2352F73EB8E4CB75E5771E21C2691C1AB114880E0AB104869DA6425900EF55A5B95FED252DC1D70B2473B26AEFFBCD5569F895D16B50F030B7EB2846985D185880F2B4624622F28CDD73CAEBBC318187AD69432EF31B38831E67222CCBA64DFBF0937A297E3473421506E7AA1D30DABE3841E8F58D6C6B1D0596867D80ADA9A9ADD06A1FB634DBF7B1FEF67DBABFF52538C4563B90FD343F711822EA17054A9FD1D61B9FD78CD083345E7544853B5D284CC73082C2042BFF6C2614FB1F129F7B7E2C07DFF784DCC5859A8306A33807ED27958C3FFD25F13537F869248BE6E4B3ADD9F03E5DF976D1BCEE46C30B5E79AFCF5233F3E4FE05EE6E5AA17A0E44BD67B1ED69F51F5EF287E531FA51B4FA545BC0C3EFB16D8424518AE27498DFBCBF79D129CA3AF38108C86266527435FC27AFA4201609B974EC1CEF0741BC478676736135E5E2BA6297C061E585CE267A99CB411505FC26A2E54209C94D6757CA9B71127B401DEB364D0A86C4C22A5A65CDD2504C57602959D2DB6E8BAC42720A76B8910D08852AE79D91F195A046D86BC3D88660ECC6BAB9CA26B765B45C6DC2571685EE8F25EEBC7B7FEE5AE00B492CF90CFC2C2348F92D2C0D4776FC611CB1F7064E40230E74302CF83A93F177A53CE80312E5FF
-20210515215158 2 6 100 8191 2 DD4A2D5D7B10514C9CBEB91330C309D38566FF0D418584030168693F4060DE64CC996D4F9D446AEF0F5C78E4BCFD2067A117FF78EDB5E248F494F0F6AAF718220D801EE111F50E6FD20092C3C4CFF0452384E6EF948624A85ACB5A40280F32E0C1824BF0D7215F20DC356DCF39DB382083F4CAB942564DEDA2B38211789A707CA0388E27191F3238E75B8FA352A37BA743CB80351DB5DC8F4F5CFD79C920102A838B5EE973E4F95253B43B0E327F31CBBBD7932E13C2DB0F43CCE1FB609DFE4140CA3B048CFB3C929AB9685EBFFD09F08625727583AE0E4AB61DDE47807E124D84F3FCA43FC92A7AA931FBE193CC609611FC30E873F1988D92251DF49C1E2A9126C63FA3FE19C4D9066FEC94693CBCC0951624C3F410F729F9539D35C848D924C29CF512ED032AA4B5AC4A2440197C81D5EBA6A5A9CBC11F4660FFE7597F60E6AF25944E425D724606ABFCB84878D66CE017D3ED6B07CA4FCA5B5CFA57C82FCCF1172850678F63F6F2277F242C1DACB5D16D2BC5EC611C45751A8AFC3179CEFA82334172D326B3CFCB9FB43B2E981AB6BC4033CC2E7BB57E6A19A74953E1E5E7A2E4463E3C3C950ACC5128D1DC543A6BB34C3AE3F4C33818923C1911329D5BA8D6AF1ED5915E1A1E0824CC612898AF0B0EBB553D5760AD00913D60A5649C860B3FCA1049A55BC24045298537BAA1E47B9C779FF24654889FF6162DFF3DF787E53CE4D1355AAF425B9B7CACE1C9FE076D61BD6A1887155813C7C922ABF8D161B546A94D091365D7EF693532B7CB2352F73EB8E4CB75E5771E21C2691C1AB114880E0AB104869DA6425900EF55A5B95FED252DC1D70B2473B26AEFFBCD5569F895D16B50F030B7EB2846985D185880F2B4624622F28CDD73CAEBBC318187AD69432EF31B38831E67222CCBA64DFBF0937A297E3473421506E7AA1D30DABE3841E8F58D6C6B1D0596867D80ADA9A9ADD06A1FB634DBF7B1FEF67DBABFF52538C4563B90FD343F711822EA17054A9FD1D61B9FD78CD083345E7544853B5D284CC73082C2042BFF6C2614FB1F129F7B7E2C07DFF784DCC5859A8306A33807ED27958C3FFD25F13537F869248BE6E4B3ADD9F03E5DF976D1BCEE46C30B5E79AFCF5233F3E4FE05EE6E5AA17A0E44BD67B1ED69F51F5EF287E531FA51B4FA545BC0C3EFB16D8424518AE27498DFBCBF79D129CA3AF38108C86266527435FC27AFA4201609B974EC1CEF0741BC478676736135E5E2BA6297C061E585CE267A99CB411505FC26A2E54209C94D6757CA9B71127B401DEB364D0A86C4C22A5A65CDD2504C57602959D2DB6E8BAC42720A76B8910D08852AE79D91F195A046D86BC3D88660ECC6BAB9CA26B765B45C6DC2571685EE8F25EEBC7B7FEE5AE00B492CF90CFC2C2348F92D2C0D4776FC611CB1F7064E40230E74302CF83A93F177A53CE80ABDE71B
-20210515222330 2 6 100 8191 2 DD4A2D5D7B10514C9CBEB91330C309D38566FF0D418584030168693F4060DE64CC996D4F9D446AEF0F5C78E4BCFD2067A117FF78EDB5E248F494F0F6AAF718220D801EE111F50E6FD20092C3C4CFF0452384E6EF948624A85ACB5A40280F32E0C1824BF0D7215F20DC356DCF39DB382083F4CAB942564DEDA2B38211789A707CA0388E27191F3238E75B8FA352A37BA743CB80351DB5DC8F4F5CFD79C920102A838B5EE973E4F95253B43B0E327F31CBBBD7932E13C2DB0F43CCE1FB609DFE4140CA3B048CFB3C929AB9685EBFFD09F08625727583AE0E4AB61DDE47807E124D84F3FCA43FC92A7AA931FBE193CC609611FC30E873F1988D92251DF49C1E2A9126C63FA3FE19C4D9066FEC94693CBCC0951624C3F410F729F9539D35C848D924C29CF512ED032AA4B5AC4A2440197C81D5EBA6A5A9CBC11F4660FFE7597F60E6AF25944E425D724606ABFCB84878D66CE017D3ED6B07CA4FCA5B5CFA57C82FCCF1172850678F63F6F2277F242C1DACB5D16D2BC5EC611C45751A8AFC3179CEFA82334172D326B3CFCB9FB43B2E981AB6BC4033CC2E7BB57E6A19A74953E1E5E7A2E4463E3C3C950ACC5128D1DC543A6BB34C3AE3F4C33818923C1911329D5BA8D6AF1ED5915E1A1E0824CC612898AF0B0EBB553D5760AD00913D60A5649C860B3FCA1049A55BC24045298537BAA1E47B9C779FF24654889FF6162DFF3DF787E53CE4D1355AAF425B9B7CACE1C9FE076D61BD6A1887155813C7C922ABF8D161B546A94D091365D7EF693532B7CB2352F73EB8E4CB75E5771E21C2691C1AB114880E0AB104869DA6425900EF55A5B95FED252DC1D70B2473B26AEFFBCD5569F895D16B50F030B7EB2846985D185880F2B4624622F28CDD73CAEBBC318187AD69432EF31B38831E67222CCBA64DFBF0937A297E3473421506E7AA1D30DABE3841E8F58D6C6B1D0596867D80ADA9A9ADD06A1FB634DBF7B1FEF67DBABFF52538C4563B90FD343F711822EA17054A9FD1D61B9FD78CD083345E7544853B5D284CC73082C2042BFF6C2614FB1F129F7B7E2C07DFF784DCC5859A8306A33807ED27958C3FFD25F13537F869248BE6E4B3ADD9F03E5DF976D1BCEE46C30B5E79AFCF5233F3E4FE05EE6E5AA17A0E44BD67B1ED69F51F5EF287E531FA51B4FA545BC0C3EFB16D8424518AE27498DFBCBF79D129CA3AF38108C86266527435FC27AFA4201609B974EC1CEF0741BC478676736135E5E2BA6297C061E585CE267A99CB411505FC26A2E54209C94D6757CA9B71127B401DEB364D0A86C4C22A5A65CDD2504C57602959D2DB6E8BAC42720A76B8910D08852AE79D91F195A046D86BC3D88660ECC6BAB9CA26B765B45C6DC2571685EE8F25EEBC7B7FEE5AE00B492CF90CFC2C2348F92D2C0D4776FC611CB1F7064E40230E74302CF83A93F177A53CE80CB1A273
-20210515223057 2 6 100 8191 5 DD4A2D5D7B10514C9CBEB91330C309D38566FF0D418584030168693F4060DE64CC996D4F9D446AEF0F5C78E4BCFD2067A117FF78EDB5E248F494F0F6AAF718220D801EE111F50E6FD20092C3C4CFF0452384E6EF948624A85ACB5A40280F32E0C1824BF0D7215F20DC356DCF39DB382083F4CAB942564DEDA2B38211789A707CA0388E27191F3238E75B8FA352A37BA743CB80351DB5DC8F4F5CFD79C920102A838B5EE973E4F95253B43B0E327F31CBBBD7932E13C2DB0F43CCE1FB609DFE4140CA3B048CFB3C929AB9685EBFFD09F08625727583AE0E4AB61DDE47807E124D84F3FCA43FC92A7AA931FBE193CC609611FC30E873F1988D92251DF49C1E2A9126C63FA3FE19C4D9066FEC94693CBCC0951624C3F410F729F9539D35C848D924C29CF512ED032AA4B5AC4A2440197C81D5EBA6A5A9CBC11F4660FFE7597F60E6AF25944E425D724606ABFCB84878D66CE017D3ED6B07CA4FCA5B5CFA57C82FCCF1172850678F63F6F2277F242C1DACB5D16D2BC5EC611C45751A8AFC3179CEFA82334172D326B3CFCB9FB43B2E981AB6BC4033CC2E7BB57E6A19A74953E1E5E7A2E4463E3C3C950ACC5128D1DC543A6BB34C3AE3F4C33818923C1911329D5BA8D6AF1ED5915E1A1E0824CC612898AF0B0EBB553D5760AD00913D60A5649C860B3FCA1049A55BC24045298537BAA1E47B9C779FF24654889FF6162DFF3DF787E53CE4D1355AAF425B9B7CACE1C9FE076D61BD6A1887155813C7C922ABF8D161B546A94D091365D7EF693532B7CB2352F73EB8E4CB75E5771E21C2691C1AB114880E0AB104869DA6425900EF55A5B95FED252DC1D70B2473B26AEFFBCD5569F895D16B50F030B7EB2846985D185880F2B4624622F28CDD73CAEBBC318187AD69432EF31B38831E67222CCBA64DFBF0937A297E3473421506E7AA1D30DABE3841E8F58D6C6B1D0596867D80ADA9A9ADD06A1FB634DBF7B1FEF67DBABFF52538C4563B90FD343F711822EA17054A9FD1D61B9FD78CD083345E7544853B5D284CC73082C2042BFF6C2614FB1F129F7B7E2C07DFF784DCC5859A8306A33807ED27958C3FFD25F13537F869248BE6E4B3ADD9F03E5DF976D1BCEE46C30B5E79AFCF5233F3E4FE05EE6E5AA17A0E44BD67B1ED69F51F5EF287E531FA51B4FA545BC0C3EFB16D8424518AE27498DFBCBF79D129CA3AF38108C86266527435FC27AFA4201609B974EC1CEF0741BC478676736135E5E2BA6297C061E585CE267A99CB411505FC26A2E54209C94D6757CA9B71127B401DEB364D0A86C4C22A5A65CDD2504C57602959D2DB6E8BAC42720A76B8910D08852AE79D91F195A046D86BC3D88660ECC6BAB9CA26B765B45C6DC2571685EE8F25EEBC7B7FEE5AE00B492CF90CFC2C2348F92D2C0D4776FC611CB1F7064E40230E74302CF83A93F177A53CE80D1F22DF
-20210516000343 2 6 100 8191 2 DD4A2D5D7B10514C9CBEB91330C309D38566FF0D418584030168693F4060DE64CC996D4F9D446AEF0F5C78E4BCFD2067A117FF78EDB5E248F494F0F6AAF718220D801EE111F50E6FD20092C3C4CFF0452384E6EF948624A85ACB5A40280F32E0C1824BF0D7215F20DC356DCF39DB382083F4CAB942564DEDA2B38211789A707CA0388E27191F3238E75B8FA352A37BA743CB80351DB5DC8F4F5CFD79C920102A838B5EE973E4F95253B43B0E327F31CBBBD7932E13C2DB0F43CCE1FB609DFE4140CA3B048CFB3C929AB9685EBFFD09F08625727583AE0E4AB61DDE47807E124D84F3FCA43FC92A7AA931FBE193CC609611FC30E873F1988D92251DF49C1E2A9126C63FA3FE19C4D9066FEC94693CBCC0951624C3F410F729F9539D35C848D924C29CF512ED032AA4B5AC4A2440197C81D5EBA6A5A9CBC11F4660FFE7597F60E6AF25944E425D724606ABFCB84878D66CE017D3ED6B07CA4FCA5B5CFA57C82FCCF1172850678F63F6F2277F242C1DACB5D16D2BC5EC611C45751A8AFC3179CEFA82334172D326B3CFCB9FB43B2E981AB6BC4033CC2E7BB57E6A19A74953E1E5E7A2E4463E3C3C950ACC5128D1DC543A6BB34C3AE3F4C33818923C1911329D5BA8D6AF1ED5915E1A1E0824CC612898AF0B0EBB553D5760AD00913D60A5649C860B3FCA1049A55BC24045298537BAA1E47B9C779FF24654889FF6162DFF3DF787E53CE4D1355AAF425B9B7CACE1C9FE076D61BD6A1887155813C7C922ABF8D161B546A94D091365D7EF693532B7CB2352F73EB8E4CB75E5771E21C2691C1AB114880E0AB104869DA6425900EF55A5B95FED252DC1D70B2473B26AEFFBCD5569F895D16B50F030B7EB2846985D185880F2B4624622F28CDD73CAEBBC318187AD69432EF31B38831E67222CCBA64DFBF0937A297E3473421506E7AA1D30DABE3841E8F58D6C6B1D0596867D80ADA9A9ADD06A1FB634DBF7B1FEF67DBABFF52538C4563B90FD343F711822EA17054A9FD1D61B9FD78CD083345E7544853B5D284CC73082C2042BFF6C2614FB1F129F7B7E2C07DFF784DCC5859A8306A33807ED27958C3FFD25F13537F869248BE6E4B3ADD9F03E5DF976D1BCEE46C30B5E79AFCF5233F3E4FE05EE6E5AA17A0E44BD67B1ED69F51F5EF287E531FA51B4FA545BC0C3EFB16D8424518AE27498DFBCBF79D129CA3AF38108C86266527435FC27AFA4201609B974EC1CEF0741BC478676736135E5E2BA6297C061E585CE267A99CB411505FC26A2E54209C94D6757CA9B71127B401DEB364D0A86C4C22A5A65CDD2504C57602959D2DB6E8BAC42720A76B8910D08852AE79D91F195A046D86BC3D88660ECC6BAB9CA26B765B45C6DC2571685EE8F25EEBC7B7FEE5AE00B492CF90CFC2C2348F92D2C0D4776FC611CB1F7064E40230E74302CF83A93F177A53CE812D0CF63
-20210516001402 2 6 100 8191 5 DD4A2D5D7B10514C9CBEB91330C309D38566FF0D418584030168693F4060DE64CC996D4F9D446AEF0F5C78E4BCFD2067A117FF78EDB5E248F494F0F6AAF718220D801EE111F50E6FD20092C3C4CFF0452384E6EF948624A85ACB5A40280F32E0C1824BF0D7215F20DC356DCF39DB382083F4CAB942564DEDA2B38211789A707CA0388E27191F3238E75B8FA352A37BA743CB80351DB5DC8F4F5CFD79C920102A838B5EE973E4F95253B43B0E327F31CBBBD7932E13C2DB0F43CCE1FB609DFE4140CA3B048CFB3C929AB9685EBFFD09F08625727583AE0E4AB61DDE47807E124D84F3FCA43FC92A7AA931FBE193CC609611FC30E873F1988D92251DF49C1E2A9126C63FA3FE19C4D9066FEC94693CBCC0951624C3F410F729F9539D35C848D924C29CF512ED032AA4B5AC4A2440197C81D5EBA6A5A9CBC11F4660FFE7597F60E6AF25944E425D724606ABFCB84878D66CE017D3ED6B07CA4FCA5B5CFA57C82FCCF1172850678F63F6F2277F242C1DACB5D16D2BC5EC611C45751A8AFC3179CEFA82334172D326B3CFCB9FB43B2E981AB6BC4033CC2E7BB57E6A19A74953E1E5E7A2E4463E3C3C950ACC5128D1DC543A6BB34C3AE3F4C33818923C1911329D5BA8D6AF1ED5915E1A1E0824CC612898AF0B0EBB553D5760AD00913D60A5649C860B3FCA1049A55BC24045298537BAA1E47B9C779FF24654889FF6162DFF3DF787E53CE4D1355AAF425B9B7CACE1C9FE076D61BD6A1887155813C7C922ABF8D161B546A94D091365D7EF693532B7CB2352F73EB8E4CB75E5771E21C2691C1AB114880E0AB104869DA6425900EF55A5B95FED252DC1D70B2473B26AEFFBCD5569F895D16B50F030B7EB2846985D185880F2B4624622F28CDD73CAEBBC318187AD69432EF31B38831E67222CCBA64DFBF0937A297E3473421506E7AA1D30DABE3841E8F58D6C6B1D0596867D80ADA9A9ADD06A1FB634DBF7B1FEF67DBABFF52538C4563B90FD343F711822EA17054A9FD1D61B9FD78CD083345E7544853B5D284CC73082C2042BFF6C2614FB1F129F7B7E2C07DFF784DCC5859A8306A33807ED27958C3FFD25F13537F869248BE6E4B3ADD9F03E5DF976D1BCEE46C30B5E79AFCF5233F3E4FE05EE6E5AA17A0E44BD67B1ED69F51F5EF287E531FA51B4FA545BC0C3EFB16D8424518AE27498DFBCBF79D129CA3AF38108C86266527435FC27AFA4201609B974EC1CEF0741BC478676736135E5E2BA6297C061E585CE267A99CB411505FC26A2E54209C94D6757CA9B71127B401DEB364D0A86C4C22A5A65CDD2504C57602959D2DB6E8BAC42720A76B8910D08852AE79D91F195A046D86BC3D88660ECC6BAB9CA26B765B45C6DC2571685EE8F25EEBC7B7FEE5AE00B492CF90CFC2C2348F92D2C0D4776FC611CB1F7064E40230E74302CF83A93F177A53CE813696F87
-20210516033418 2 6 100 8191 2 DD4A2D5D7B10514C9CBEB91330C309D38566FF0D418584030168693F4060DE64CC996D4F9D446AEF0F5C78E4BCFD2067A117FF78EDB5E248F494F0F6AAF718220D801EE111F50E6FD20092C3C4CFF0452384E6EF948624A85ACB5A40280F32E0C1824BF0D7215F20DC356DCF39DB382083F4CAB942564DEDA2B38211789A707CA0388E27191F3238E75B8FA352A37BA743CB80351DB5DC8F4F5CFD79C920102A838B5EE973E4F95253B43B0E327F31CBBBD7932E13C2DB0F43CCE1FB609DFE4140CA3B048CFB3C929AB9685EBFFD09F08625727583AE0E4AB61DDE47807E124D84F3FCA43FC92A7AA931FBE193CC609611FC30E873F1988D92251DF49C1E2A9126C63FA3FE19C4D9066FEC94693CBCC0951624C3F410F729F9539D35C848D924C29CF512ED032AA4B5AC4A2440197C81D5EBA6A5A9CBC11F4660FFE7597F60E6AF25944E425D724606ABFCB84878D66CE017D3ED6B07CA4FCA5B5CFA57C82FCCF1172850678F63F6F2277F242C1DACB5D16D2BC5EC611C45751A8AFC3179CEFA82334172D326B3CFCB9FB43B2E981AB6BC4033CC2E7BB57E6A19A74953E1E5E7A2E4463E3C3C950ACC5128D1DC543A6BB34C3AE3F4C33818923C1911329D5BA8D6AF1ED5915E1A1E0824CC612898AF0B0EBB553D5760AD00913D60A5649C860B3FCA1049A55BC24045298537BAA1E47B9C779FF24654889FF6162DFF3DF787E53CE4D1355AAF425B9B7CACE1C9FE076D61BD6A1887155813C7C922ABF8D161B546A94D091365D7EF693532B7CB2352F73EB8E4CB75E5771E21C2691C1AB114880E0AB104869DA6425900EF55A5B95FED252DC1D70B2473B26AEFFBCD5569F895D16B50F030B7EB2846985D185880F2B4624622F28CDD73CAEBBC318187AD69432EF31B38831E67222CCBA64DFBF0937A297E3473421506E7AA1D30DABE3841E8F58D6C6B1D0596867D80ADA9A9ADD06A1FB634DBF7B1FEF67DBABFF52538C4563B90FD343F711822EA17054A9FD1D61B9FD78CD083345E7544853B5D284CC73082C2042BFF6C2614FB1F129F7B7E2C07DFF784DCC5859A8306A33807ED27958C3FFD25F13537F869248BE6E4B3ADD9F03E5DF976D1BCEE46C30B5E79AFCF5233F3E4FE05EE6E5AA17A0E44BD67B1ED69F51F5EF287E531FA51B4FA545BC0C3EFB16D8424518AE27498DFBCBF79D129CA3AF38108C86266527435FC27AFA4201609B974EC1CEF0741BC478676736135E5E2BA6297C061E585CE267A99CB411505FC26A2E54209C94D6757CA9B71127B401DEB364D0A86C4C22A5A65CDD2504C57602959D2DB6E8BAC42720A76B8910D08852AE79D91F195A046D86BC3D88660ECC6BAB9CA26B765B45C6DC2571685EE8F25EEBC7B7FEE5AE00B492CF90CFC2C2348F92D2C0D4776FC611CB1F7064E40230E74302CF83A93F177A53CE81F94FB1B
-20210516034751 2 6 100 8191 2 DD4A2D5D7B10514C9CBEB91330C309D38566FF0D418584030168693F4060DE64CC996D4F9D446AEF0F5C78E4BCFD2067A117FF78EDB5E248F494F0F6AAF718220D801EE111F50E6FD20092C3C4CFF0452384E6EF948624A85ACB5A40280F32E0C1824BF0D7215F20DC356DCF39DB382083F4CAB942564DEDA2B38211789A707CA0388E27191F3238E75B8FA352A37BA743CB80351DB5DC8F4F5CFD79C920102A838B5EE973E4F95253B43B0E327F31CBBBD7932E13C2DB0F43CCE1FB609DFE4140CA3B048CFB3C929AB9685EBFFD09F08625727583AE0E4AB61DDE47807E124D84F3FCA43FC92A7AA931FBE193CC609611FC30E873F1988D92251DF49C1E2A9126C63FA3FE19C4D9066FEC94693CBCC0951624C3F410F729F9539D35C848D924C29CF512ED032AA4B5AC4A2440197C81D5EBA6A5A9CBC11F4660FFE7597F60E6AF25944E425D724606ABFCB84878D66CE017D3ED6B07CA4FCA5B5CFA57C82FCCF1172850678F63F6F2277F242C1DACB5D16D2BC5EC611C45751A8AFC3179CEFA82334172D326B3CFCB9FB43B2E981AB6BC4033CC2E7BB57E6A19A74953E1E5E7A2E4463E3C3C950ACC5128D1DC543A6BB34C3AE3F4C33818923C1911329D5BA8D6AF1ED5915E1A1E0824CC612898AF0B0EBB553D5760AD00913D60A5649C860B3FCA1049A55BC24045298537BAA1E47B9C779FF24654889FF6162DFF3DF787E53CE4D1355AAF425B9B7CACE1C9FE076D61BD6A1887155813C7C922ABF8D161B546A94D091365D7EF693532B7CB2352F73EB8E4CB75E5771E21C2691C1AB114880E0AB104869DA6425900EF55A5B95FED252DC1D70B2473B26AEFFBCD5569F895D16B50F030B7EB2846985D185880F2B4624622F28CDD73CAEBBC318187AD69432EF31B38831E67222CCBA64DFBF0937A297E3473421506E7AA1D30DABE3841E8F58D6C6B1D0596867D80ADA9A9ADD06A1FB634DBF7B1FEF67DBABFF52538C4563B90FD343F711822EA17054A9FD1D61B9FD78CD083345E7544853B5D284CC73082C2042BFF6C2614FB1F129F7B7E2C07DFF784DCC5859A8306A33807ED27958C3FFD25F13537F869248BE6E4B3ADD9F03E5DF976D1BCEE46C30B5E79AFCF5233F3E4FE05EE6E5AA17A0E44BD67B1ED69F51F5EF287E531FA51B4FA545BC0C3EFB16D8424518AE27498DFBCBF79D129CA3AF38108C86266527435FC27AFA4201609B974EC1CEF0741BC478676736135E5E2BA6297C061E585CE267A99CB411505FC26A2E54209C94D6757CA9B71127B401DEB364D0A86C4C22A5A65CDD2504C57602959D2DB6E8BAC42720A76B8910D08852AE79D91F195A046D86BC3D88660ECC6BAB9CA26B765B45C6DC2571685EE8F25EEBC7B7FEE5AE00B492CF90CFC2C2348F92D2C0D4776FC611CB1F7064E40230E74302CF83A93F177A53CE820609413
-20210516043347 2 6 100 8191 2 DD4A2D5D7B10514C9CBEB91330C309D38566FF0D418584030168693F4060DE64CC996D4F9D446AEF0F5C78E4BCFD2067A117FF78EDB5E248F494F0F6AAF718220D801EE111F50E6FD20092C3C4CFF0452384E6EF948624A85ACB5A40280F32E0C1824BF0D7215F20DC356DCF39DB382083F4CAB942564DEDA2B38211789A707CA0388E27191F3238E75B8FA352A37BA743CB80351DB5DC8F4F5CFD79C920102A838B5EE973E4F95253B43B0E327F31CBBBD7932E13C2DB0F43CCE1FB609DFE4140CA3B048CFB3C929AB9685EBFFD09F08625727583AE0E4AB61DDE47807E124D84F3FCA43FC92A7AA931FBE193CC609611FC30E873F1988D92251DF49C1E2A9126C63FA3FE19C4D9066FEC94693CBCC0951624C3F410F729F9539D35C848D924C29CF512ED032AA4B5AC4A2440197C81D5EBA6A5A9CBC11F4660FFE7597F60E6AF25944E425D724606ABFCB84878D66CE017D3ED6B07CA4FCA5B5CFA57C82FCCF1172850678F63F6F2277F242C1DACB5D16D2BC5EC611C45751A8AFC3179CEFA82334172D326B3CFCB9FB43B2E981AB6BC4033CC2E7BB57E6A19A74953E1E5E7A2E4463E3C3C950ACC5128D1DC543A6BB34C3AE3F4C33818923C1911329D5BA8D6AF1ED5915E1A1E0824CC612898AF0B0EBB553D5760AD00913D60A5649C860B3FCA1049A55BC24045298537BAA1E47B9C779FF24654889FF6162DFF3DF787E53CE4D1355AAF425B9B7CACE1C9FE076D61BD6A1887155813C7C922ABF8D161B546A94D091365D7EF693532B7CB2352F73EB8E4CB75E5771E21C2691C1AB114880E0AB104869DA6425900EF55A5B95FED252DC1D70B2473B26AEFFBCD5569F895D16B50F030B7EB2846985D185880F2B4624622F28CDD73CAEBBC318187AD69432EF31B38831E67222CCBA64DFBF0937A297E3473421506E7AA1D30DABE3841E8F58D6C6B1D0596867D80ADA9A9ADD06A1FB634DBF7B1FEF67DBABFF52538C4563B90FD343F711822EA17054A9FD1D61B9FD78CD083345E7544853B5D284CC73082C2042BFF6C2614FB1F129F7B7E2C07DFF784DCC5859A8306A33807ED27958C3FFD25F13537F869248BE6E4B3ADD9F03E5DF976D1BCEE46C30B5E79AFCF5233F3E4FE05EE6E5AA17A0E44BD67B1ED69F51F5EF287E531FA51B4FA545BC0C3EFB16D8424518AE27498DFBCBF79D129CA3AF38108C86266527435FC27AFA4201609B974EC1CEF0741BC478676736135E5E2BA6297C061E585CE267A99CB411505FC26A2E54209C94D6757CA9B71127B401DEB364D0A86C4C22A5A65CDD2504C57602959D2DB6E8BAC42720A76B8910D08852AE79D91F195A046D86BC3D88660ECC6BAB9CA26B765B45C6DC2571685EE8F25EEBC7B7FEE5AE00B492CF90CFC2C2348F92D2C0D4776FC611CB1F7064E40230E74302CF83A93F177A53CE8232145B3
-20210516043651 2 6 100 8191 5 DD4A2D5D7B10514C9CBEB91330C309D38566FF0D418584030168693F4060DE64CC996D4F9D446AEF0F5C78E4BCFD2067A117FF78EDB5E248F494F0F6AAF718220D801EE111F50E6FD20092C3C4CFF0452384E6EF948624A85ACB5A40280F32E0C1824BF0D7215F20DC356DCF39DB382083F4CAB942564DEDA2B38211789A707CA0388E27191F3238E75B8FA352A37BA743CB80351DB5DC8F4F5CFD79C920102A838B5EE973E4F95253B43B0E327F31CBBBD7932E13C2DB0F43CCE1FB609DFE4140CA3B048CFB3C929AB9685EBFFD09F08625727583AE0E4AB61DDE47807E124D84F3FCA43FC92A7AA931FBE193CC609611FC30E873F1988D92251DF49C1E2A9126C63FA3FE19C4D9066FEC94693CBCC0951624C3F410F729F9539D35C848D924C29CF512ED032AA4B5AC4A2440197C81D5EBA6A5A9CBC11F4660FFE7597F60E6AF25944E425D724606ABFCB84878D66CE017D3ED6B07CA4FCA5B5CFA57C82FCCF1172850678F63F6F2277F242C1DACB5D16D2BC5EC611C45751A8AFC3179CEFA82334172D326B3CFCB9FB43B2E981AB6BC4033CC2E7BB57E6A19A74953E1E5E7A2E4463E3C3C950ACC5128D1DC543A6BB34C3AE3F4C33818923C1911329D5BA8D6AF1ED5915E1A1E0824CC612898AF0B0EBB553D5760AD00913D60A5649C860B3FCA1049A55BC24045298537BAA1E47B9C779FF24654889FF6162DFF3DF787E53CE4D1355AAF425B9B7CACE1C9FE076D61BD6A1887155813C7C922ABF8D161B546A94D091365D7EF693532B7CB2352F73EB8E4CB75E5771E21C2691C1AB114880E0AB104869DA6425900EF55A5B95FED252DC1D70B2473B26AEFFBCD5569F895D16B50F030B7EB2846985D185880F2B4624622F28CDD73CAEBBC318187AD69432EF31B38831E67222CCBA64DFBF0937A297E3473421506E7AA1D30DABE3841E8F58D6C6B1D0596867D80ADA9A9ADD06A1FB634DBF7B1FEF67DBABFF52538C4563B90FD343F711822EA17054A9FD1D61B9FD78CD083345E7544853B5D284CC73082C2042BFF6C2614FB1F129F7B7E2C07DFF784DCC5859A8306A33807ED27958C3FFD25F13537F869248BE6E4B3ADD9F03E5DF976D1BCEE46C30B5E79AFCF5233F3E4FE05EE6E5AA17A0E44BD67B1ED69F51F5EF287E531FA51B4FA545BC0C3EFB16D8424518AE27498DFBCBF79D129CA3AF38108C86266527435FC27AFA4201609B974EC1CEF0741BC478676736135E5E2BA6297C061E585CE267A99CB411505FC26A2E54209C94D6757CA9B71127B401DEB364D0A86C4C22A5A65CDD2504C57602959D2DB6E8BAC42720A76B8910D08852AE79D91F195A046D86BC3D88660ECC6BAB9CA26B765B45C6DC2571685EE8F25EEBC7B7FEE5AE00B492CF90CFC2C2348F92D2C0D4776FC611CB1F7064E40230E74302CF83A93F177A53CE82348D01F
-20210516052501 2 6 100 8191 5 DD4A2D5D7B10514C9CBEB91330C309D38566FF0D418584030168693F4060DE64CC996D4F9D446AEF0F5C78E4BCFD2067A117FF78EDB5E248F494F0F6AAF718220D801EE111F50E6FD20092C3C4CFF0452384E6EF948624A85ACB5A40280F32E0C1824BF0D7215F20DC356DCF39DB382083F4CAB942564DEDA2B38211789A707CA0388E27191F3238E75B8FA352A37BA743CB80351DB5DC8F4F5CFD79C920102A838B5EE973E4F95253B43B0E327F31CBBBD7932E13C2DB0F43CCE1FB609DFE4140CA3B048CFB3C929AB9685EBFFD09F08625727583AE0E4AB61DDE47807E124D84F3FCA43FC92A7AA931FBE193CC609611FC30E873F1988D92251DF49C1E2A9126C63FA3FE19C4D9066FEC94693CBCC0951624C3F410F729F9539D35C848D924C29CF512ED032AA4B5AC4A2440197C81D5EBA6A5A9CBC11F4660FFE7597F60E6AF25944E425D724606ABFCB84878D66CE017D3ED6B07CA4FCA5B5CFA57C82FCCF1172850678F63F6F2277F242C1DACB5D16D2BC5EC611C45751A8AFC3179CEFA82334172D326B3CFCB9FB43B2E981AB6BC4033CC2E7BB57E6A19A74953E1E5E7A2E4463E3C3C950ACC5128D1DC543A6BB34C3AE3F4C33818923C1911329D5BA8D6AF1ED5915E1A1E0824CC612898AF0B0EBB553D5760AD00913D60A5649C860B3FCA1049A55BC24045298537BAA1E47B9C779FF24654889FF6162DFF3DF787E53CE4D1355AAF425B9B7CACE1C9FE076D61BD6A1887155813C7C922ABF8D161B546A94D091365D7EF693532B7CB2352F73EB8E4CB75E5771E21C2691C1AB114880E0AB104869DA6425900EF55A5B95FED252DC1D70B2473B26AEFFBCD5569F895D16B50F030B7EB2846985D185880F2B4624622F28CDD73CAEBBC318187AD69432EF31B38831E67222CCBA64DFBF0937A297E3473421506E7AA1D30DABE3841E8F58D6C6B1D0596867D80ADA9A9ADD06A1FB634DBF7B1FEF67DBABFF52538C4563B90FD343F711822EA17054A9FD1D61B9FD78CD083345E7544853B5D284CC73082C2042BFF6C2614FB1F129F7B7E2C07DFF784DCC5859A8306A33807ED27958C3FFD25F13537F869248BE6E4B3ADD9F03E5DF976D1BCEE46C30B5E79AFCF5233F3E4FE05EE6E5AA17A0E44BD67B1ED69F51F5EF287E531FA51B4FA545BC0C3EFB16D8424518AE27498DFBCBF79D129CA3AF38108C86266527435FC27AFA4201609B974EC1CEF0741BC478676736135E5E2BA6297C061E585CE267A99CB411505FC26A2E54209C94D6757CA9B71127B401DEB364D0A86C4C22A5A65CDD2504C57602959D2DB6E8BAC42720A76B8910D08852AE79D91F195A046D86BC3D88660ECC6BAB9CA26B765B45C6DC2571685EE8F25EEBC7B7FEE5AE00B492CF90CFC2C2348F92D2C0D4776FC611CB1F7064E40230E74302CF83A93F177A53CE8262E1FE7
-20210516061031 2 6 100 8191 2 DD4A2D5D7B10514C9CBEB91330C309D38566FF0D418584030168693F4060DE64CC996D4F9D446AEF0F5C78E4BCFD2067A117FF78EDB5E248F494F0F6AAF718220D801EE111F50E6FD20092C3C4CFF0452384E6EF948624A85ACB5A40280F32E0C1824BF0D7215F20DC356DCF39DB382083F4CAB942564DEDA2B38211789A707CA0388E27191F3238E75B8FA352A37BA743CB80351DB5DC8F4F5CFD79C920102A838B5EE973E4F95253B43B0E327F31CBBBD7932E13C2DB0F43CCE1FB609DFE4140CA3B048CFB3C929AB9685EBFFD09F08625727583AE0E4AB61DDE47807E124D84F3FCA43FC92A7AA931FBE193CC609611FC30E873F1988D92251DF49C1E2A9126C63FA3FE19C4D9066FEC94693CBCC0951624C3F410F729F9539D35C848D924C29CF512ED032AA4B5AC4A2440197C81D5EBA6A5A9CBC11F4660FFE7597F60E6AF25944E425D724606ABFCB84878D66CE017D3ED6B07CA4FCA5B5CFA57C82FCCF1172850678F63F6F2277F242C1DACB5D16D2BC5EC611C45751A8AFC3179CEFA82334172D326B3CFCB9FB43B2E981AB6BC4033CC2E7BB57E6A19A74953E1E5E7A2E4463E3C3C950ACC5128D1DC543A6BB34C3AE3F4C33818923C1911329D5BA8D6AF1ED5915E1A1E0824CC612898AF0B0EBB553D5760AD00913D60A5649C860B3FCA1049A55BC24045298537BAA1E47B9C779FF24654889FF6162DFF3DF787E53CE4D1355AAF425B9B7CACE1C9FE076D61BD6A1887155813C7C922ABF8D161B546A94D091365D7EF693532B7CB2352F73EB8E4CB75E5771E21C2691C1AB114880E0AB104869DA6425900EF55A5B95FED252DC1D70B2473B26AEFFBCD5569F895D16B50F030B7EB2846985D185880F2B4624622F28CDD73CAEBBC318187AD69432EF31B38831E67222CCBA64DFBF0937A297E3473421506E7AA1D30DABE3841E8F58D6C6B1D0596867D80ADA9A9ADD06A1FB634DBF7B1FEF67DBABFF52538C4563B90FD343F711822EA17054A9FD1D61B9FD78CD083345E7544853B5D284CC73082C2042BFF6C2614FB1F129F7B7E2C07DFF784DCC5859A8306A33807ED27958C3FFD25F13537F869248BE6E4B3ADD9F03E5DF976D1BCEE46C30B5E79AFCF5233F3E4FE05EE6E5AA17A0E44BD67B1ED69F51F5EF287E531FA51B4FA545BC0C3EFB16D8424518AE27498DFBCBF79D129CA3AF38108C86266527435FC27AFA4201609B974EC1CEF0741BC478676736135E5E2BA6297C061E585CE267A99CB411505FC26A2E54209C94D6757CA9B71127B401DEB364D0A86C4C22A5A65CDD2504C57602959D2DB6E8BAC42720A76B8910D08852AE79D91F195A046D86BC3D88660ECC6BAB9CA26B765B45C6DC2571685EE8F25EEBC7B7FEE5AE00B492CF90CFC2C2348F92D2C0D4776FC611CB1F7064E40230E74302CF83A93F177A53CE828E7F28B
-20210516070338 2 6 100 8191 2 DD4A2D5D7B10514C9CBEB91330C309D38566FF0D418584030168693F4060DE64CC996D4F9D446AEF0F5C78E4BCFD2067A117FF78EDB5E248F494F0F6AAF718220D801EE111F50E6FD20092C3C4CFF0452384E6EF948624A85ACB5A40280F32E0C1824BF0D7215F20DC356DCF39DB382083F4CAB942564DEDA2B38211789A707CA0388E27191F3238E75B8FA352A37BA743CB80351DB5DC8F4F5CFD79C920102A838B5EE973E4F95253B43B0E327F31CBBBD7932E13C2DB0F43CCE1FB609DFE4140CA3B048CFB3C929AB9685EBFFD09F08625727583AE0E4AB61DDE47807E124D84F3FCA43FC92A7AA931FBE193CC609611FC30E873F1988D92251DF49C1E2A9126C63FA3FE19C4D9066FEC94693CBCC0951624C3F410F729F9539D35C848D924C29CF512ED032AA4B5AC4A2440197C81D5EBA6A5A9CBC11F4660FFE7597F60E6AF25944E425D724606ABFCB84878D66CE017D3ED6B07CA4FCA5B5CFA57C82FCCF1172850678F63F6F2277F242C1DACB5D16D2BC5EC611C45751A8AFC3179CEFA82334172D326B3CFCB9FB43B2E981AB6BC4033CC2E7BB57E6A19A74953E1E5E7A2E4463E3C3C950ACC5128D1DC543A6BB34C3AE3F4C33818923C1911329D5BA8D6AF1ED5915E1A1E0824CC612898AF0B0EBB553D5760AD00913D60A5649C860B3FCA1049A55BC24045298537BAA1E47B9C779FF24654889FF6162DFF3DF787E53CE4D1355AAF425B9B7CACE1C9FE076D61BD6A1887155813C7C922ABF8D161B546A94D091365D7EF693532B7CB2352F73EB8E4CB75E5771E21C2691C1AB114880E0AB104869DA6425900EF55A5B95FED252DC1D70B2473B26AEFFBCD5569F895D16B50F030B7EB2846985D185880F2B4624622F28CDD73CAEBBC318187AD69432EF31B38831E67222CCBA64DFBF0937A297E3473421506E7AA1D30DABE3841E8F58D6C6B1D0596867D80ADA9A9ADD06A1FB634DBF7B1FEF67DBABFF52538C4563B90FD343F711822EA17054A9FD1D61B9FD78CD083345E7544853B5D284CC73082C2042BFF6C2614FB1F129F7B7E2C07DFF784DCC5859A8306A33807ED27958C3FFD25F13537F869248BE6E4B3ADD9F03E5DF976D1BCEE46C30B5E79AFCF5233F3E4FE05EE6E5AA17A0E44BD67B1ED69F51F5EF287E531FA51B4FA545BC0C3EFB16D8424518AE27498DFBCBF79D129CA3AF38108C86266527435FC27AFA4201609B974EC1CEF0741BC478676736135E5E2BA6297C061E585CE267A99CB411505FC26A2E54209C94D6757CA9B71127B401DEB364D0A86C4C22A5A65CDD2504C57602959D2DB6E8BAC42720A76B8910D08852AE79D91F195A046D86BC3D88660ECC6BAB9CA26B765B45C6DC2571685EE8F25EEBC7B7FEE5AE00B492CF90CFC2C2348F92D2C0D4776FC611CB1F7064E40230E74302CF83A93F177A53CE82C2463FB
+20210524220022 2 6 100 2047 2 C117F4B631CA032FD2F00AC0D9A5473D8E56DA246FC44FD594BF5657D399E453728341CC920EE9127729637683D268CA3B62F5CB61C7D4F08D3F202D67DBBBD88498043861190549649D82E7793A1874FE0E8ED0B460E3442DD4DFC2301A1B6D8FA36C7CAD084B2FFEF2205E3CE46B030E4618C7B50656BF9FB60592B1FA32E91E0D536A12E601317F0562F547FF44DF33377ABAB2A2991EC99887712BFD9C78BBAA8759B09577706493F50A416F472D6F7B9532959A8899FACEB55B012E8FE8131AA45E1851FFAA3572E489FF4AAE89ECB583C98CC29ADBB1E9677AE2517D6BC1BC13C5A18A232FAD4CDC6E580FEC730D070D49E88A23C528A4985F806ABBEB
+20210524220025 2 6 100 2047 2 C117F4B631CA032FD2F00AC0D9A5473D8E56DA246FC44FD594BF5657D399E453728341CC920EE9127729637683D268CA3B62F5CB61C7D4F08D3F202D67DBBBD88498043861190549649D82E7793A1874FE0E8ED0B460E3442DD4DFC2301A1B6D8FA36C7CAD084B2FFEF2205E3CE46B030E4618C7B50656BF9FB60592B1FA32E91E0D536A12E601317F0562F547FF44DF33377ABAB2A2991EC99887712BFD9C78BBAA8759B09577706493F50A416F472D6F7B9532959A8899FACEB55B012E8FE8131AA45E1851FFAA3572E489FF4AAE89ECB583C98CC29ADBB1E9677AE2517D6BC1BC13C5A18A232FAD4CDC6E580FEC730D070D49E88A23C528A4985F807D248B
+20210524220034 2 6 100 2047 5 C117F4B631CA032FD2F00AC0D9A5473D8E56DA246FC44FD594BF5657D399E453728341CC920EE9127729637683D268CA3B62F5CB61C7D4F08D3F202D67DBBBD88498043861190549649D82E7793A1874FE0E8ED0B460E3442DD4DFC2301A1B6D8FA36C7CAD084B2FFEF2205E3CE46B030E4618C7B50656BF9FB60592B1FA32E91E0D536A12E601317F0562F547FF44DF33377ABAB2A2991EC99887712BFD9C78BBAA8759B09577706493F50A416F472D6F7B9532959A8899FACEB55B012E8FE8131AA45E1851FFAA3572E489FF4AAE89ECB583C98CC29ADBB1E9677AE2517D6BC1BC13C5A18A232FAD4CDC6E580FEC730D070D49E88A23C528A4985F80D9BC9F
+20210524220041 2 6 100 2047 5 C117F4B631CA032FD2F00AC0D9A5473D8E56DA246FC44FD594BF5657D399E453728341CC920EE9127729637683D268CA3B62F5CB61C7D4F08D3F202D67DBBBD88498043861190549649D82E7793A1874FE0E8ED0B460E3442DD4DFC2301A1B6D8FA36C7CAD084B2FFEF2205E3CE46B030E4618C7B50656BF9FB60592B1FA32E91E0D536A12E601317F0562F547FF44DF33377ABAB2A2991EC99887712BFD9C78BBAA8759B09577706493F50A416F472D6F7B9532959A8899FACEB55B012E8FE8131AA45E1851FFAA3572E489FF4AAE89ECB583C98CC29ADBB1E9677AE2517D6BC1BC13C5A18A232FAD4CDC6E580FEC730D070D49E88A23C528A4985F812A0A37
+20210524220046 2 6 100 2047 5 C117F4B631CA032FD2F00AC0D9A5473D8E56DA246FC44FD594BF5657D399E453728341CC920EE9127729637683D268CA3B62F5CB61C7D4F08D3F202D67DBBBD88498043861190549649D82E7793A1874FE0E8ED0B460E3442DD4DFC2301A1B6D8FA36C7CAD084B2FFEF2205E3CE46B030E4618C7B50656BF9FB60592B1FA32E91E0D536A12E601317F0562F547FF44DF33377ABAB2A2991EC99887712BFD9C78BBAA8759B09577706493F50A416F472D6F7B9532959A8899FACEB55B012E8FE8131AA45E1851FFAA3572E489FF4AAE89ECB583C98CC29ADBB1E9677AE2517D6BC1BC13C5A18A232FAD4CDC6E580FEC730D070D49E88A23C528A4985F8155AB97
+20210524220054 2 6 100 2047 2 C117F4B631CA032FD2F00AC0D9A5473D8E56DA246FC44FD594BF5657D399E453728341CC920EE9127729637683D268CA3B62F5CB61C7D4F08D3F202D67DBBBD88498043861190549649D82E7793A1874FE0E8ED0B460E3442DD4DFC2301A1B6D8FA36C7CAD084B2FFEF2205E3CE46B030E4618C7B50656BF9FB60592B1FA32E91E0D536A12E601317F0562F547FF44DF33377ABAB2A2991EC99887712BFD9C78BBAA8759B09577706493F50A416F472D6F7B9532959A8899FACEB55B012E8FE8131AA45E1851FFAA3572E489FF4AAE89ECB583C98CC29ADBB1E9677AE2517D6BC1BC13C5A18A232FAD4CDC6E580FEC730D070D49E88A23C528A4985F81B2848B
+20210524220056 2 6 100 2047 5 C117F4B631CA032FD2F00AC0D9A5473D8E56DA246FC44FD594BF5657D399E453728341CC920EE9127729637683D268CA3B62F5CB61C7D4F08D3F202D67DBBBD88498043861190549649D82E7793A1874FE0E8ED0B460E3442DD4DFC2301A1B6D8FA36C7CAD084B2FFEF2205E3CE46B030E4618C7B50656BF9FB60592B1FA32E91E0D536A12E601317F0562F547FF44DF33377ABAB2A2991EC99887712BFD9C78BBAA8759B09577706493F50A416F472D6F7B9532959A8899FACEB55B012E8FE8131AA45E1851FFAA3572E489FF4AAE89ECB583C98CC29ADBB1E9677AE2517D6BC1BC13C5A18A232FAD4CDC6E580FEC730D070D49E88A23C528A4985F81C13007
+20210524220118 2 6 100 2047 2 C117F4B631CA032FD2F00AC0D9A5473D8E56DA246FC44FD594BF5657D399E453728341CC920EE9127729637683D268CA3B62F5CB61C7D4F08D3F202D67DBBBD88498043861190549649D82E7793A1874FE0E8ED0B460E3442DD4DFC2301A1B6D8FA36C7CAD084B2FFEF2205E3CE46B030E4618C7B50656BF9FB60592B1FA32E91E0D536A12E601317F0562F547FF44DF33377ABAB2A2991EC99887712BFD9C78BBAA8759B09577706493F50A416F472D6F7B9532959A8899FACEB55B012E8FE8131AA45E1851FFAA3572E489FF4AAE89ECB583C98CC29ADBB1E9677AE2517D6BC1BC13C5A18A232FAD4CDC6E580FEC730D070D49E88A23C528A4985F82930D03
+20210524220122 2 6 100 2047 2 C117F4B631CA032FD2F00AC0D9A5473D8E56DA246FC44FD594BF5657D399E453728341CC920EE9127729637683D268CA3B62F5CB61C7D4F08D3F202D67DBBBD88498043861190549649D82E7793A1874FE0E8ED0B460E3442DD4DFC2301A1B6D8FA36C7CAD084B2FFEF2205E3CE46B030E4618C7B50656BF9FB60592B1FA32E91E0D536A12E601317F0562F547FF44DF33377ABAB2A2991EC99887712BFD9C78BBAA8759B09577706493F50A416F472D6F7B9532959A8899FACEB55B012E8FE8131AA45E1851FFAA3572E489FF4AAE89ECB583C98CC29ADBB1E9677AE2517D6BC1BC13C5A18A232FAD4CDC6E580FEC730D070D49E88A23C528A4985F82BE877B
+20210524220127 2 6 100 2047 5 C117F4B631CA032FD2F00AC0D9A5473D8E56DA246FC44FD594BF5657D399E453728341CC920EE9127729637683D268CA3B62F5CB61C7D4F08D3F202D67DBBBD88498043861190549649D82E7793A1874FE0E8ED0B460E3442DD4DFC2301A1B6D8FA36C7CAD084B2FFEF2205E3CE46B030E4618C7B50656BF9FB60592B1FA32E91E0D536A12E601317F0562F547FF44DF33377ABAB2A2991EC99887712BFD9C78BBAA8759B09577706493F50A416F472D6F7B9532959A8899FACEB55B012E8FE8131AA45E1851FFAA3572E489FF4AAE89ECB583C98CC29ADBB1E9677AE2517D6BC1BC13C5A18A232FAD4CDC6E580FEC730D070D49E88A23C528A4985F82EBBF97
+20210524220132 2 6 100 2047 2 C117F4B631CA032FD2F00AC0D9A5473D8E56DA246FC44FD594BF5657D399E453728341CC920EE9127729637683D268CA3B62F5CB61C7D4F08D3F202D67DBBBD88498043861190549649D82E7793A1874FE0E8ED0B460E3442DD4DFC2301A1B6D8FA36C7CAD084B2FFEF2205E3CE46B030E4618C7B50656BF9FB60592B1FA32E91E0D536A12E601317F0562F547FF44DF33377ABAB2A2991EC99887712BFD9C78BBAA8759B09577706493F50A416F472D6F7B9532959A8899FACEB55B012E8FE8131AA45E1851FFAA3572E489FF4AAE89ECB583C98CC29ADBB1E9677AE2517D6BC1BC13C5A18A232FAD4CDC6E580FEC730D070D49E88A23C528A4985F8320C043
+20210524220137 2 6 100 2047 2 C117F4B631CA032FD2F00AC0D9A5473D8E56DA246FC44FD594BF5657D399E453728341CC920EE9127729637683D268CA3B62F5CB61C7D4F08D3F202D67DBBBD88498043861190549649D82E7793A1874FE0E8ED0B460E3442DD4DFC2301A1B6D8FA36C7CAD084B2FFEF2205E3CE46B030E4618C7B50656BF9FB60592B1FA32E91E0D536A12E601317F0562F547FF44DF33377ABAB2A2991EC99887712BFD9C78BBAA8759B09577706493F50A416F472D6F7B9532959A8899FACEB55B012E8FE8131AA45E1851FFAA3572E489FF4AAE89ECB583C98CC29ADBB1E9677AE2517D6BC1BC13C5A18A232FAD4CDC6E580FEC730D070D49E88A23C528A4985F83476BCB
+20210524220154 2 6 100 2047 2 C117F4B631CA032FD2F00AC0D9A5473D8E56DA246FC44FD594BF5657D399E453728341CC920EE9127729637683D268CA3B62F5CB61C7D4F08D3F202D67DBBBD88498043861190549649D82E7793A1874FE0E8ED0B460E3442DD4DFC2301A1B6D8FA36C7CAD084B2FFEF2205E3CE46B030E4618C7B50656BF9FB60592B1FA32E91E0D536A12E601317F0562F547FF44DF33377ABAB2A2991EC99887712BFD9C78BBAA8759B09577706493F50A416F472D6F7B9532959A8899FACEB55B012E8FE8131AA45E1851FFAA3572E489FF4AAE89ECB583C98CC29ADBB1E9677AE2517D6BC1BC13C5A18A232FAD4CDC6E580FEC730D070D49E88A23C528A4985F83FA204B
+20210524220159 2 6 100 2047 2 C117F4B631CA032FD2F00AC0D9A5473D8E56DA246FC44FD594BF5657D399E453728341CC920EE9127729637683D268CA3B62F5CB61C7D4F08D3F202D67DBBBD88498043861190549649D82E7793A1874FE0E8ED0B460E3442DD4DFC2301A1B6D8FA36C7CAD084B2FFEF2205E3CE46B030E4618C7B50656BF9FB60592B1FA32E91E0D536A12E601317F0562F547FF44DF33377ABAB2A2991EC99887712BFD9C78BBAA8759B09577706493F50A416F472D6F7B9532959A8899FACEB55B012E8FE8131AA45E1851FFAA3572E489FF4AAE89ECB583C98CC29ADBB1E9677AE2517D6BC1BC13C5A18A232FAD4CDC6E580FEC730D070D49E88A23C528A4985F842A67EB
+20210524220217 2 6 100 2047 2 C117F4B631CA032FD2F00AC0D9A5473D8E56DA246FC44FD594BF5657D399E453728341CC920EE9127729637683D268CA3B62F5CB61C7D4F08D3F202D67DBBBD88498043861190549649D82E7793A1874FE0E8ED0B460E3442DD4DFC2301A1B6D8FA36C7CAD084B2FFEF2205E3CE46B030E4618C7B50656BF9FB60592B1FA32E91E0D536A12E601317F0562F547FF44DF33377ABAB2A2991EC99887712BFD9C78BBAA8759B09577706493F50A416F472D6F7B9532959A8899FACEB55B012E8FE8131AA45E1851FFAA3572E489FF4AAE89ECB583C98CC29ADBB1E9677AE2517D6BC1BC13C5A18A232FAD4CDC6E580FEC730D070D49E88A23C528A4985F84E7FEDB
+20210524220251 2 6 100 2047 5 C117F4B631CA032FD2F00AC0D9A5473D8E56DA246FC44FD594BF5657D399E453728341CC920EE9127729637683D268CA3B62F5CB61C7D4F08D3F202D67DBBBD88498043861190549649D82E7793A1874FE0E8ED0B460E3442DD4DFC2301A1B6D8FA36C7CAD084B2FFEF2205E3CE46B030E4618C7B50656BF9FB60592B1FA32E91E0D536A12E601317F0562F547FF44DF33377ABAB2A2991EC99887712BFD9C78BBAA8759B09577706493F50A416F472D6F7B9532959A8899FACEB55B012E8FE8131AA45E1851FFAA3572E489FF4AAE89ECB583C98CC29ADBB1E9677AE2517D6BC1BC13C5A18A232FAD4CDC6E580FEC730D070D49E88A23C528A4985F86503997
+20210524220256 2 6 100 2047 5 C117F4B631CA032FD2F00AC0D9A5473D8E56DA246FC44FD594BF5657D399E453728341CC920EE9127729637683D268CA3B62F5CB61C7D4F08D3F202D67DBBBD88498043861190549649D82E7793A1874FE0E8ED0B460E3442DD4DFC2301A1B6D8FA36C7CAD084B2FFEF2205E3CE46B030E4618C7B50656BF9FB60592B1FA32E91E0D536A12E601317F0562F547FF44DF33377ABAB2A2991EC99887712BFD9C78BBAA8759B09577706493F50A416F472D6F7B9532959A8899FACEB55B012E8FE8131AA45E1851FFAA3572E489FF4AAE89ECB583C98CC29ADBB1E9677AE2517D6BC1BC13C5A18A232FAD4CDC6E580FEC730D070D49E88A23C528A4985F867E7587
+20210524220301 2 6 100 2047 2 C117F4B631CA032FD2F00AC0D9A5473D8E56DA246FC44FD594BF5657D399E453728341CC920EE9127729637683D268CA3B62F5CB61C7D4F08D3F202D67DBBBD88498043861190549649D82E7793A1874FE0E8ED0B460E3442DD4DFC2301A1B6D8FA36C7CAD084B2FFEF2205E3CE46B030E4618C7B50656BF9FB60592B1FA32E91E0D536A12E601317F0562F547FF44DF33377ABAB2A2991EC99887712BFD9C78BBAA8759B09577706493F50A416F472D6F7B9532959A8899FACEB55B012E8FE8131AA45E1851FFAA3572E489FF4AAE89ECB583C98CC29ADBB1E9677AE2517D6BC1BC13C5A18A232FAD4CDC6E580FEC730D070D49E88A23C528A4985F86A47F7B
+20210524220302 2 6 100 2047 2 C117F4B631CA032FD2F00AC0D9A5473D8E56DA246FC44FD594BF5657D399E453728341CC920EE9127729637683D268CA3B62F5CB61C7D4F08D3F202D67DBBBD88498043861190549649D82E7793A1874FE0E8ED0B460E3442DD4DFC2301A1B6D8FA36C7CAD084B2FFEF2205E3CE46B030E4618C7B50656BF9FB60592B1FA32E91E0D536A12E601317F0562F547FF44DF33377ABAB2A2991EC99887712BFD9C78BBAA8759B09577706493F50A416F472D6F7B9532959A8899FACEB55B012E8FE8131AA45E1851FFAA3572E489FF4AAE89ECB583C98CC29ADBB1E9677AE2517D6BC1BC13C5A18A232FAD4CDC6E580FEC730D070D49E88A23C528A4985F86A754D3
+20210524220304 2 6 100 2047 5 C117F4B631CA032FD2F00AC0D9A5473D8E56DA246FC44FD594BF5657D399E453728341CC920EE9127729637683D268CA3B62F5CB61C7D4F08D3F202D67DBBBD88498043861190549649D82E7793A1874FE0E8ED0B460E3442DD4DFC2301A1B6D8FA36C7CAD084B2FFEF2205E3CE46B030E4618C7B50656BF9FB60592B1FA32E91E0D536A12E601317F0562F547FF44DF33377ABAB2A2991EC99887712BFD9C78BBAA8759B09577706493F50A416F472D6F7B9532959A8899FACEB55B012E8FE8131AA45E1851FFAA3572E489FF4AAE89ECB583C98CC29ADBB1E9677AE2517D6BC1BC13C5A18A232FAD4CDC6E580FEC730D070D49E88A23C528A4985F86BFB23F
+20210524220310 2 6 100 2047 2 C117F4B631CA032FD2F00AC0D9A5473D8E56DA246FC44FD594BF5657D399E453728341CC920EE9127729637683D268CA3B62F5CB61C7D4F08D3F202D67DBBBD88498043861190549649D82E7793A1874FE0E8ED0B460E3442DD4DFC2301A1B6D8FA36C7CAD084B2FFEF2205E3CE46B030E4618C7B50656BF9FB60592B1FA32E91E0D536A12E601317F0562F547FF44DF33377ABAB2A2991EC99887712BFD9C78BBAA8759B09577706493F50A416F472D6F7B9532959A8899FACEB55B012E8FE8131AA45E1851FFAA3572E489FF4AAE89ECB583C98CC29ADBB1E9677AE2517D6BC1BC13C5A18A232FAD4CDC6E580FEC730D070D49E88A23C528A4985F86F871FB
+20210524220313 2 6 100 2047 5 C117F4B631CA032FD2F00AC0D9A5473D8E56DA246FC44FD594BF5657D399E453728341CC920EE9127729637683D268CA3B62F5CB61C7D4F08D3F202D67DBBBD88498043861190549649D82E7793A1874FE0E8ED0B460E3442DD4DFC2301A1B6D8FA36C7CAD084B2FFEF2205E3CE46B030E4618C7B50656BF9FB60592B1FA32E91E0D536A12E601317F0562F547FF44DF33377ABAB2A2991EC99887712BFD9C78BBAA8759B09577706493F50A416F472D6F7B9532959A8899FACEB55B012E8FE8131AA45E1851FFAA3572E489FF4AAE89ECB583C98CC29ADBB1E9677AE2517D6BC1BC13C5A18A232FAD4CDC6E580FEC730D070D49E88A23C528A4985F87125B7F
+20210524220316 2 6 100 2047 5 C117F4B631CA032FD2F00AC0D9A5473D8E56DA246FC44FD594BF5657D399E453728341CC920EE9127729637683D268CA3B62F5CB61C7D4F08D3F202D67DBBBD88498043861190549649D82E7793A1874FE0E8ED0B460E3442DD4DFC2301A1B6D8FA36C7CAD084B2FFEF2205E3CE46B030E4618C7B50656BF9FB60592B1FA32E91E0D536A12E601317F0562F547FF44DF33377ABAB2A2991EC99887712BFD9C78BBAA8759B09577706493F50A416F472D6F7B9532959A8899FACEB55B012E8FE8131AA45E1851FFAA3572E489FF4AAE89ECB583C98CC29ADBB1E9677AE2517D6BC1BC13C5A18A232FAD4CDC6E580FEC730D070D49E88A23C528A4985F87290AD7
+20210524220323 2 6 100 2047 2 C117F4B631CA032FD2F00AC0D9A5473D8E56DA246FC44FD594BF5657D399E453728341CC920EE9127729637683D268CA3B62F5CB61C7D4F08D3F202D67DBBBD88498043861190549649D82E7793A1874FE0E8ED0B460E3442DD4DFC2301A1B6D8FA36C7CAD084B2FFEF2205E3CE46B030E4618C7B50656BF9FB60592B1FA32E91E0D536A12E601317F0562F547FF44DF33377ABAB2A2991EC99887712BFD9C78BBAA8759B09577706493F50A416F472D6F7B9532959A8899FACEB55B012E8FE8131AA45E1851FFAA3572E489FF4AAE89ECB583C98CC29ADBB1E9677AE2517D6BC1BC13C5A18A232FAD4CDC6E580FEC730D070D49E88A23C528A4985F876DECFB
+20210524220330 2 6 100 2047 2 C117F4B631CA032FD2F00AC0D9A5473D8E56DA246FC44FD594BF5657D399E453728341CC920EE9127729637683D268CA3B62F5CB61C7D4F08D3F202D67DBBBD88498043861190549649D82E7793A1874FE0E8ED0B460E3442DD4DFC2301A1B6D8FA36C7CAD084B2FFEF2205E3CE46B030E4618C7B50656BF9FB60592B1FA32E91E0D536A12E601317F0562F547FF44DF33377ABAB2A2991EC99887712BFD9C78BBAA8759B09577706493F50A416F472D6F7B9532959A8899FACEB55B012E8FE8131AA45E1851FFAA3572E489FF4AAE89ECB583C98CC29ADBB1E9677AE2517D6BC1BC13C5A18A232FAD4CDC6E580FEC730D070D49E88A23C528A4985F87B31B33
+20210524220332 2 6 100 2047 5 C117F4B631CA032FD2F00AC0D9A5473D8E56DA246FC44FD594BF5657D399E453728341CC920EE9127729637683D268CA3B62F5CB61C7D4F08D3F202D67DBBBD88498043861190549649D82E7793A1874FE0E8ED0B460E3442DD4DFC2301A1B6D8FA36C7CAD084B2FFEF2205E3CE46B030E4618C7B50656BF9FB60592B1FA32E91E0D536A12E601317F0562F547FF44DF33377ABAB2A2991EC99887712BFD9C78BBAA8759B09577706493F50A416F472D6F7B9532959A8899FACEB55B012E8FE8131AA45E1851FFAA3572E489FF4AAE89ECB583C98CC29ADBB1E9677AE2517D6BC1BC13C5A18A232FAD4CDC6E580FEC730D070D49E88A23C528A4985F87BD0977
+20210524220333 2 6 100 2047 5 C117F4B631CA032FD2F00AC0D9A5473D8E56DA246FC44FD594BF5657D399E453728341CC920EE9127729637683D268CA3B62F5CB61C7D4F08D3F202D67DBBBD88498043861190549649D82E7793A1874FE0E8ED0B460E3442DD4DFC2301A1B6D8FA36C7CAD084B2FFEF2205E3CE46B030E4618C7B50656BF9FB60592B1FA32E91E0D536A12E601317F0562F547FF44DF33377ABAB2A2991EC99887712BFD9C78BBAA8759B09577706493F50A416F472D6F7B9532959A8899FACEB55B012E8FE8131AA45E1851FFAA3572E489FF4AAE89ECB583C98CC29ADBB1E9677AE2517D6BC1BC13C5A18A232FAD4CDC6E580FEC730D070D49E88A23C528A4985F87C5168F
+20210524220335 2 6 100 2047 2 C117F4B631CA032FD2F00AC0D9A5473D8E56DA246FC44FD594BF5657D399E453728341CC920EE9127729637683D268CA3B62F5CB61C7D4F08D3F202D67DBBBD88498043861190549649D82E7793A1874FE0E8ED0B460E3442DD4DFC2301A1B6D8FA36C7CAD084B2FFEF2205E3CE46B030E4618C7B50656BF9FB60592B1FA32E91E0D536A12E601317F0562F547FF44DF33377ABAB2A2991EC99887712BFD9C78BBAA8759B09577706493F50A416F472D6F7B9532959A8899FACEB55B012E8FE8131AA45E1851FFAA3572E489FF4AAE89ECB583C98CC29ADBB1E9677AE2517D6BC1BC13C5A18A232FAD4CDC6E580FEC730D070D49E88A23C528A4985F87D5CCB3
+20210524220337 2 6 100 2047 2 C117F4B631CA032FD2F00AC0D9A5473D8E56DA246FC44FD594BF5657D399E453728341CC920EE9127729637683D268CA3B62F5CB61C7D4F08D3F202D67DBBBD88498043861190549649D82E7793A1874FE0E8ED0B460E3442DD4DFC2301A1B6D8FA36C7CAD084B2FFEF2205E3CE46B030E4618C7B50656BF9FB60592B1FA32E91E0D536A12E601317F0562F547FF44DF33377ABAB2A2991EC99887712BFD9C78BBAA8759B09577706493F50A416F472D6F7B9532959A8899FACEB55B012E8FE8131AA45E1851FFAA3572E489FF4AAE89ECB583C98CC29ADBB1E9677AE2517D6BC1BC13C5A18A232FAD4CDC6E580FEC730D070D49E88A23C528A4985F87DBEA23
+20210524220355 2 6 100 2047 2 CDA33E2E7179C731632DFF6272815DAAC78E971B46095FA70FD7153B8FEC3061C37064D6D6961EA44D04D20222E7071AF123319EE4B70C6C6C7F5EC5BF6F4556A9636794FE249A109E9292CAE57FE40829089D99A5731AC08639F090500DAA9ECD8D56C83368EA05DEB9A1C37C82C0E84396128BF47B2222A7312DC06F7220DB671F16302E8C9ACEB9034E4955EC08E27C9E708FF81884B81CFB3DD2D662D0A60A5DAA91EBD69F564B8B2A565637663A4D444BA4BBEE7F029BB44AE1EA2182F39A1E2ABFDE297432932295FCF1DB704EFCD3A30A9EF881D6090480232D8893B9F7608037E1B5A2A09DD9E590C63ED28A82EFF89135E05E010710FC01A44F8E93
+20210524220404 2 6 100 2047 5 CDA33E2E7179C731632DFF6272815DAAC78E971B46095FA70FD7153B8FEC3061C37064D6D6961EA44D04D20222E7071AF123319EE4B70C6C6C7F5EC5BF6F4556A9636794FE249A109E9292CAE57FE40829089D99A5731AC08639F090500DAA9ECD8D56C83368EA05DEB9A1C37C82C0E84396128BF47B2222A7312DC06F7220DB671F16302E8C9ACEB9034E4955EC08E27C9E708FF81884B81CFB3DD2D662D0A60A5DAA91EBD69F564B8B2A565637663A4D444BA4BBEE7F029BB44AE1EA2182F39A1E2ABFDE297432932295FCF1DB704EFCD3A30A9EF881D6090480232D8893B9F7608037E1B5A2A09DD9E590C63ED28A82EFF89135E05E010710FC01A4A0C6AF
+20210524220412 2 6 100 2047 2 CDA33E2E7179C731632DFF6272815DAAC78E971B46095FA70FD7153B8FEC3061C37064D6D6961EA44D04D20222E7071AF123319EE4B70C6C6C7F5EC5BF6F4556A9636794FE249A109E9292CAE57FE40829089D99A5731AC08639F090500DAA9ECD8D56C83368EA05DEB9A1C37C82C0E84396128BF47B2222A7312DC06F7220DB671F16302E8C9ACEB9034E4955EC08E27C9E708FF81884B81CFB3DD2D662D0A60A5DAA91EBD69F564B8B2A565637663A4D444BA4BBEE7F029BB44AE1EA2182F39A1E2ABFDE297432932295FCF1DB704EFCD3A30A9EF881D6090480232D8893B9F7608037E1B5A2A09DD9E590C63ED28A82EFF89135E05E010710FC01A4EF1E03
+20210524220414 2 6 100 2047 2 CDA33E2E7179C731632DFF6272815DAAC78E971B46095FA70FD7153B8FEC3061C37064D6D6961EA44D04D20222E7071AF123319EE4B70C6C6C7F5EC5BF6F4556A9636794FE249A109E9292CAE57FE40829089D99A5731AC08639F090500DAA9ECD8D56C83368EA05DEB9A1C37C82C0E84396128BF47B2222A7312DC06F7220DB671F16302E8C9ACEB9034E4955EC08E27C9E708FF81884B81CFB3DD2D662D0A60A5DAA91EBD69F564B8B2A565637663A4D444BA4BBEE7F029BB44AE1EA2182F39A1E2ABFDE297432932295FCF1DB704EFCD3A30A9EF881D6090480232D8893B9F7608037E1B5A2A09DD9E590C63ED28A82EFF89135E05E010710FC01A4F93C23
+20210524220420 2 6 100 2047 2 CDA33E2E7179C731632DFF6272815DAAC78E971B46095FA70FD7153B8FEC3061C37064D6D6961EA44D04D20222E7071AF123319EE4B70C6C6C7F5EC5BF6F4556A9636794FE249A109E9292CAE57FE40829089D99A5731AC08639F090500DAA9ECD8D56C83368EA05DEB9A1C37C82C0E84396128BF47B2222A7312DC06F7220DB671F16302E8C9ACEB9034E4955EC08E27C9E708FF81884B81CFB3DD2D662D0A60A5DAA91EBD69F564B8B2A565637663A4D444BA4BBEE7F029BB44AE1EA2182F39A1E2ABFDE297432932295FCF1DB704EFCD3A30A9EF881D6090480232D8893B9F7608037E1B5A2A09DD9E590C63ED28A82EFF89135E05E010710FC01A535963B
+20210524220424 2 6 100 2047 2 CDA33E2E7179C731632DFF6272815DAAC78E971B46095FA70FD7153B8FEC3061C37064D6D6961EA44D04D20222E7071AF123319EE4B70C6C6C7F5EC5BF6F4556A9636794FE249A109E9292CAE57FE40829089D99A5731AC08639F090500DAA9ECD8D56C83368EA05DEB9A1C37C82C0E84396128BF47B2222A7312DC06F7220DB671F16302E8C9ACEB9034E4955EC08E27C9E708FF81884B81CFB3DD2D662D0A60A5DAA91EBD69F564B8B2A565637663A4D444BA4BBEE7F029BB44AE1EA2182F39A1E2ABFDE297432932295FCF1DB704EFCD3A30A9EF881D6090480232D8893B9F7608037E1B5A2A09DD9E590C63ED28A82EFF89135E05E010710FC01A5566833
+20210524220425 2 6 100 2047 5 CDA33E2E7179C731632DFF6272815DAAC78E971B46095FA70FD7153B8FEC3061C37064D6D6961EA44D04D20222E7071AF123319EE4B70C6C6C7F5EC5BF6F4556A9636794FE249A109E9292CAE57FE40829089D99A5731AC08639F090500DAA9ECD8D56C83368EA05DEB9A1C37C82C0E84396128BF47B2222A7312DC06F7220DB671F16302E8C9ACEB9034E4955EC08E27C9E708FF81884B81CFB3DD2D662D0A60A5DAA91EBD69F564B8B2A565637663A4D444BA4BBEE7F029BB44AE1EA2182F39A1E2ABFDE297432932295FCF1DB704EFCD3A30A9EF881D6090480232D8893B9F7608037E1B5A2A09DD9E590C63ED28A82EFF89135E05E010710FC01A5599617
+20210524220426 2 6 100 2047 5 CDA33E2E7179C731632DFF6272815DAAC78E971B46095FA70FD7153B8FEC3061C37064D6D6961EA44D04D20222E7071AF123319EE4B70C6C6C7F5EC5BF6F4556A9636794FE249A109E9292CAE57FE40829089D99A5731AC08639F090500DAA9ECD8D56C83368EA05DEB9A1C37C82C0E84396128BF47B2222A7312DC06F7220DB671F16302E8C9ACEB9034E4955EC08E27C9E708FF81884B81CFB3DD2D662D0A60A5DAA91EBD69F564B8B2A565637663A4D444BA4BBEE7F029BB44AE1EA2182F39A1E2ABFDE297432932295FCF1DB704EFCD3A30A9EF881D6090480232D8893B9F7608037E1B5A2A09DD9E590C63ED28A82EFF89135E05E010710FC01A55EC4A7
+20210524220436 2 6 100 2047 5 CDA33E2E7179C731632DFF6272815DAAC78E971B46095FA70FD7153B8FEC3061C37064D6D6961EA44D04D20222E7071AF123319EE4B70C6C6C7F5EC5BF6F4556A9636794FE249A109E9292CAE57FE40829089D99A5731AC08639F090500DAA9ECD8D56C83368EA05DEB9A1C37C82C0E84396128BF47B2222A7312DC06F7220DB671F16302E8C9ACEB9034E4955EC08E27C9E708FF81884B81CFB3DD2D662D0A60A5DAA91EBD69F564B8B2A565637663A4D444BA4BBEE7F029BB44AE1EA2182F39A1E2ABFDE297432932295FCF1DB704EFCD3A30A9EF881D6090480232D8893B9F7608037E1B5A2A09DD9E590C63ED28A82EFF89135E05E010710FC01A5BD5EB7
+20210524220445 2 6 100 2047 2 CDA33E2E7179C731632DFF6272815DAAC78E971B46095FA70FD7153B8FEC3061C37064D6D6961EA44D04D20222E7071AF123319EE4B70C6C6C7F5EC5BF6F4556A9636794FE249A109E9292CAE57FE40829089D99A5731AC08639F090500DAA9ECD8D56C83368EA05DEB9A1C37C82C0E84396128BF47B2222A7312DC06F7220DB671F16302E8C9ACEB9034E4955EC08E27C9E708FF81884B81CFB3DD2D662D0A60A5DAA91EBD69F564B8B2A565637663A4D444BA4BBEE7F029BB44AE1EA2182F39A1E2ABFDE297432932295FCF1DB704EFCD3A30A9EF881D6090480232D8893B9F7608037E1B5A2A09DD9E590C63ED28A82EFF89135E05E010710FC01A619258B
+20210524220451 2 6 100 2047 2 CDA33E2E7179C731632DFF6272815DAAC78E971B46095FA70FD7153B8FEC3061C37064D6D6961EA44D04D20222E7071AF123319EE4B70C6C6C7F5EC5BF6F4556A9636794FE249A109E9292CAE57FE40829089D99A5731AC08639F090500DAA9ECD8D56C83368EA05DEB9A1C37C82C0E84396128BF47B2222A7312DC06F7220DB671F16302E8C9ACEB9034E4955EC08E27C9E708FF81884B81CFB3DD2D662D0A60A5DAA91EBD69F564B8B2A565637663A4D444BA4BBEE7F029BB44AE1EA2182F39A1E2ABFDE297432932295FCF1DB704EFCD3A30A9EF881D6090480232D8893B9F7608037E1B5A2A09DD9E590C63ED28A82EFF89135E05E010710FC01A650122B
+20210524220501 2 6 100 2047 5 CDA33E2E7179C731632DFF6272815DAAC78E971B46095FA70FD7153B8FEC3061C37064D6D6961EA44D04D20222E7071AF123319EE4B70C6C6C7F5EC5BF6F4556A9636794FE249A109E9292CAE57FE40829089D99A5731AC08639F090500DAA9ECD8D56C83368EA05DEB9A1C37C82C0E84396128BF47B2222A7312DC06F7220DB671F16302E8C9ACEB9034E4955EC08E27C9E708FF81884B81CFB3DD2D662D0A60A5DAA91EBD69F564B8B2A565637663A4D444BA4BBEE7F029BB44AE1EA2182F39A1E2ABFDE297432932295FCF1DB704EFCD3A30A9EF881D6090480232D8893B9F7608037E1B5A2A09DD9E590C63ED28A82EFF89135E05E010710FC01A6B04DA7
+20210524220513 2 6 100 2047 5 CDA33E2E7179C731632DFF6272815DAAC78E971B46095FA70FD7153B8FEC3061C37064D6D6961EA44D04D20222E7071AF123319EE4B70C6C6C7F5EC5BF6F4556A9636794FE249A109E9292CAE57FE40829089D99A5731AC08639F090500DAA9ECD8D56C83368EA05DEB9A1C37C82C0E84396128BF47B2222A7312DC06F7220DB671F16302E8C9ACEB9034E4955EC08E27C9E708FF81884B81CFB3DD2D662D0A60A5DAA91EBD69F564B8B2A565637663A4D444BA4BBEE7F029BB44AE1EA2182F39A1E2ABFDE297432932295FCF1DB704EFCD3A30A9EF881D6090480232D8893B9F7608037E1B5A2A09DD9E590C63ED28A82EFF89135E05E010710FC01A725B467
+20210524220528 2 6 100 2047 2 CDA33E2E7179C731632DFF6272815DAAC78E971B46095FA70FD7153B8FEC3061C37064D6D6961EA44D04D20222E7071AF123319EE4B70C6C6C7F5EC5BF6F4556A9636794FE249A109E9292CAE57FE40829089D99A5731AC08639F090500DAA9ECD8D56C83368EA05DEB9A1C37C82C0E84396128BF47B2222A7312DC06F7220DB671F16302E8C9ACEB9034E4955EC08E27C9E708FF81884B81CFB3DD2D662D0A60A5DAA91EBD69F564B8B2A565637663A4D444BA4BBEE7F029BB44AE1EA2182F39A1E2ABFDE297432932295FCF1DB704EFCD3A30A9EF881D6090480232D8893B9F7608037E1B5A2A09DD9E590C63ED28A82EFF89135E05E010710FC01A7C40A4B
+20210524220537 2 6 100 2047 5 CDA33E2E7179C731632DFF6272815DAAC78E971B46095FA70FD7153B8FEC3061C37064D6D6961EA44D04D20222E7071AF123319EE4B70C6C6C7F5EC5BF6F4556A9636794FE249A109E9292CAE57FE40829089D99A5731AC08639F090500DAA9ECD8D56C83368EA05DEB9A1C37C82C0E84396128BF47B2222A7312DC06F7220DB671F16302E8C9ACEB9034E4955EC08E27C9E708FF81884B81CFB3DD2D662D0A60A5DAA91EBD69F564B8B2A565637663A4D444BA4BBEE7F029BB44AE1EA2182F39A1E2ABFDE297432932295FCF1DB704EFCD3A30A9EF881D6090480232D8893B9F7608037E1B5A2A09DD9E590C63ED28A82EFF89135E05E010710FC01A825DA4F
+20210524220559 2 6 100 2047 5 CDA33E2E7179C731632DFF6272815DAAC78E971B46095FA70FD7153B8FEC3061C37064D6D6961EA44D04D20222E7071AF123319EE4B70C6C6C7F5EC5BF6F4556A9636794FE249A109E9292CAE57FE40829089D99A5731AC08639F090500DAA9ECD8D56C83368EA05DEB9A1C37C82C0E84396128BF47B2222A7312DC06F7220DB671F16302E8C9ACEB9034E4955EC08E27C9E708FF81884B81CFB3DD2D662D0A60A5DAA91EBD69F564B8B2A565637663A4D444BA4BBEE7F029BB44AE1EA2182F39A1E2ABFDE297432932295FCF1DB704EFCD3A30A9EF881D6090480232D8893B9F7608037E1B5A2A09DD9E590C63ED28A82EFF89135E05E010710FC01A906849F
+20210524220603 2 6 100 2047 2 CDA33E2E7179C731632DFF6272815DAAC78E971B46095FA70FD7153B8FEC3061C37064D6D6961EA44D04D20222E7071AF123319EE4B70C6C6C7F5EC5BF6F4556A9636794FE249A109E9292CAE57FE40829089D99A5731AC08639F090500DAA9ECD8D56C83368EA05DEB9A1C37C82C0E84396128BF47B2222A7312DC06F7220DB671F16302E8C9ACEB9034E4955EC08E27C9E708FF81884B81CFB3DD2D662D0A60A5DAA91EBD69F564B8B2A565637663A4D444BA4BBEE7F029BB44AE1EA2182F39A1E2ABFDE297432932295FCF1DB704EFCD3A30A9EF881D6090480232D8893B9F7608037E1B5A2A09DD9E590C63ED28A82EFF89135E05E010710FC01A92B2543
+20210524220606 2 6 100 2047 2 CDA33E2E7179C731632DFF6272815DAAC78E971B46095FA70FD7153B8FEC3061C37064D6D6961EA44D04D20222E7071AF123319EE4B70C6C6C7F5EC5BF6F4556A9636794FE249A109E9292CAE57FE40829089D99A5731AC08639F090500DAA9ECD8D56C83368EA05DEB9A1C37C82C0E84396128BF47B2222A7312DC06F7220DB671F16302E8C9ACEB9034E4955EC08E27C9E708FF81884B81CFB3DD2D662D0A60A5DAA91EBD69F564B8B2A565637663A4D444BA4BBEE7F029BB44AE1EA2182F39A1E2ABFDE297432932295FCF1DB704EFCD3A30A9EF881D6090480232D8893B9F7608037E1B5A2A09DD9E590C63ED28A82EFF89135E05E010710FC01A946A62B
+20210524220611 2 6 100 2047 2 CDA33E2E7179C731632DFF6272815DAAC78E971B46095FA70FD7153B8FEC3061C37064D6D6961EA44D04D20222E7071AF123319EE4B70C6C6C7F5EC5BF6F4556A9636794FE249A109E9292CAE57FE40829089D99A5731AC08639F090500DAA9ECD8D56C83368EA05DEB9A1C37C82C0E84396128BF47B2222A7312DC06F7220DB671F16302E8C9ACEB9034E4955EC08E27C9E708FF81884B81CFB3DD2D662D0A60A5DAA91EBD69F564B8B2A565637663A4D444BA4BBEE7F029BB44AE1EA2182F39A1E2ABFDE297432932295FCF1DB704EFCD3A30A9EF881D6090480232D8893B9F7608037E1B5A2A09DD9E590C63ED28A82EFF89135E05E010710FC01A96E9F73
+20210524220612 2 6 100 2047 5 CDA33E2E7179C731632DFF6272815DAAC78E971B46095FA70FD7153B8FEC3061C37064D6D6961EA44D04D20222E7071AF123319EE4B70C6C6C7F5EC5BF6F4556A9636794FE249A109E9292CAE57FE40829089D99A5731AC08639F090500DAA9ECD8D56C83368EA05DEB9A1C37C82C0E84396128BF47B2222A7312DC06F7220DB671F16302E8C9ACEB9034E4955EC08E27C9E708FF81884B81CFB3DD2D662D0A60A5DAA91EBD69F564B8B2A565637663A4D444BA4BBEE7F029BB44AE1EA2182F39A1E2ABFDE297432932295FCF1DB704EFCD3A30A9EF881D6090480232D8893B9F7608037E1B5A2A09DD9E590C63ED28A82EFF89135E05E010710FC01A9741957
+20210524220613 2 6 100 2047 2 CDA33E2E7179C731632DFF6272815DAAC78E971B46095FA70FD7153B8FEC3061C37064D6D6961EA44D04D20222E7071AF123319EE4B70C6C6C7F5EC5BF6F4556A9636794FE249A109E9292CAE57FE40829089D99A5731AC08639F090500DAA9ECD8D56C83368EA05DEB9A1C37C82C0E84396128BF47B2222A7312DC06F7220DB671F16302E8C9ACEB9034E4955EC08E27C9E708FF81884B81CFB3DD2D662D0A60A5DAA91EBD69F564B8B2A565637663A4D444BA4BBEE7F029BB44AE1EA2182F39A1E2ABFDE297432932295FCF1DB704EFCD3A30A9EF881D6090480232D8893B9F7608037E1B5A2A09DD9E590C63ED28A82EFF89135E05E010710FC01A977BF53
+20210524220614 2 6 100 2047 2 CDA33E2E7179C731632DFF6272815DAAC78E971B46095FA70FD7153B8FEC3061C37064D6D6961EA44D04D20222E7071AF123319EE4B70C6C6C7F5EC5BF6F4556A9636794FE249A109E9292CAE57FE40829089D99A5731AC08639F090500DAA9ECD8D56C83368EA05DEB9A1C37C82C0E84396128BF47B2222A7312DC06F7220DB671F16302E8C9ACEB9034E4955EC08E27C9E708FF81884B81CFB3DD2D662D0A60A5DAA91EBD69F564B8B2A565637663A4D444BA4BBEE7F029BB44AE1EA2182F39A1E2ABFDE297432932295FCF1DB704EFCD3A30A9EF881D6090480232D8893B9F7608037E1B5A2A09DD9E590C63ED28A82EFF89135E05E010710FC01A9808FE3
+20210524220616 2 6 100 2047 2 CDA33E2E7179C731632DFF6272815DAAC78E971B46095FA70FD7153B8FEC3061C37064D6D6961EA44D04D20222E7071AF123319EE4B70C6C6C7F5EC5BF6F4556A9636794FE249A109E9292CAE57FE40829089D99A5731AC08639F090500DAA9ECD8D56C83368EA05DEB9A1C37C82C0E84396128BF47B2222A7312DC06F7220DB671F16302E8C9ACEB9034E4955EC08E27C9E708FF81884B81CFB3DD2D662D0A60A5DAA91EBD69F564B8B2A565637663A4D444BA4BBEE7F029BB44AE1EA2182F39A1E2ABFDE297432932295FCF1DB704EFCD3A30A9EF881D6090480232D8893B9F7608037E1B5A2A09DD9E590C63ED28A82EFF89135E05E010710FC01A994D8CB
+20210524220618 2 6 100 2047 2 CDA33E2E7179C731632DFF6272815DAAC78E971B46095FA70FD7153B8FEC3061C37064D6D6961EA44D04D20222E7071AF123319EE4B70C6C6C7F5EC5BF6F4556A9636794FE249A109E9292CAE57FE40829089D99A5731AC08639F090500DAA9ECD8D56C83368EA05DEB9A1C37C82C0E84396128BF47B2222A7312DC06F7220DB671F16302E8C9ACEB9034E4955EC08E27C9E708FF81884B81CFB3DD2D662D0A60A5DAA91EBD69F564B8B2A565637663A4D444BA4BBEE7F029BB44AE1EA2182F39A1E2ABFDE297432932295FCF1DB704EFCD3A30A9EF881D6090480232D8893B9F7608037E1B5A2A09DD9E590C63ED28A82EFF89135E05E010710FC01A99CAF0B
+20210524220624 2 6 100 2047 5 CDA33E2E7179C731632DFF6272815DAAC78E971B46095FA70FD7153B8FEC3061C37064D6D6961EA44D04D20222E7071AF123319EE4B70C6C6C7F5EC5BF6F4556A9636794FE249A109E9292CAE57FE40829089D99A5731AC08639F090500DAA9ECD8D56C83368EA05DEB9A1C37C82C0E84396128BF47B2222A7312DC06F7220DB671F16302E8C9ACEB9034E4955EC08E27C9E708FF81884B81CFB3DD2D662D0A60A5DAA91EBD69F564B8B2A565637663A4D444BA4BBEE7F029BB44AE1EA2182F39A1E2ABFDE297432932295FCF1DB704EFCD3A30A9EF881D6090480232D8893B9F7608037E1B5A2A09DD9E590C63ED28A82EFF89135E05E010710FC01A9D53ABF
+20210524220627 2 6 100 2047 2 CDA33E2E7179C731632DFF6272815DAAC78E971B46095FA70FD7153B8FEC3061C37064D6D6961EA44D04D20222E7071AF123319EE4B70C6C6C7F5EC5BF6F4556A9636794FE249A109E9292CAE57FE40829089D99A5731AC08639F090500DAA9ECD8D56C83368EA05DEB9A1C37C82C0E84396128BF47B2222A7312DC06F7220DB671F16302E8C9ACEB9034E4955EC08E27C9E708FF81884B81CFB3DD2D662D0A60A5DAA91EBD69F564B8B2A565637663A4D444BA4BBEE7F029BB44AE1EA2182F39A1E2ABFDE297432932295FCF1DB704EFCD3A30A9EF881D6090480232D8893B9F7608037E1B5A2A09DD9E590C63ED28A82EFF89135E05E010710FC01A9F1F75B
+20210524220644 2 6 100 2047 5 CDA33E2E7179C731632DFF6272815DAAC78E971B46095FA70FD7153B8FEC3061C37064D6D6961EA44D04D20222E7071AF123319EE4B70C6C6C7F5EC5BF6F4556A9636794FE249A109E9292CAE57FE40829089D99A5731AC08639F090500DAA9ECD8D56C83368EA05DEB9A1C37C82C0E84396128BF47B2222A7312DC06F7220DB671F16302E8C9ACEB9034E4955EC08E27C9E708FF81884B81CFB3DD2D662D0A60A5DAA91EBD69F564B8B2A565637663A4D444BA4BBEE7F029BB44AE1EA2182F39A1E2ABFDE297432932295FCF1DB704EFCD3A30A9EF881D6090480232D8893B9F7608037E1B5A2A09DD9E590C63ED28A82EFF89135E05E010710FC01AAB771E7
+20210524220645 2 6 100 2047 2 CDA33E2E7179C731632DFF6272815DAAC78E971B46095FA70FD7153B8FEC3061C37064D6D6961EA44D04D20222E7071AF123319EE4B70C6C6C7F5EC5BF6F4556A9636794FE249A109E9292CAE57FE40829089D99A5731AC08639F090500DAA9ECD8D56C83368EA05DEB9A1C37C82C0E84396128BF47B2222A7312DC06F7220DB671F16302E8C9ACEB9034E4955EC08E27C9E708FF81884B81CFB3DD2D662D0A60A5DAA91EBD69F564B8B2A565637663A4D444BA4BBEE7F029BB44AE1EA2182F39A1E2ABFDE297432932295FCF1DB704EFCD3A30A9EF881D6090480232D8893B9F7608037E1B5A2A09DD9E590C63ED28A82EFF89135E05E010710FC01AAB8D6C3
+20210524220650 2 6 100 2047 5 CDA33E2E7179C731632DFF6272815DAAC78E971B46095FA70FD7153B8FEC3061C37064D6D6961EA44D04D20222E7071AF123319EE4B70C6C6C7F5EC5BF6F4556A9636794FE249A109E9292CAE57FE40829089D99A5731AC08639F090500DAA9ECD8D56C83368EA05DEB9A1C37C82C0E84396128BF47B2222A7312DC06F7220DB671F16302E8C9ACEB9034E4955EC08E27C9E708FF81884B81CFB3DD2D662D0A60A5DAA91EBD69F564B8B2A565637663A4D444BA4BBEE7F029BB44AE1EA2182F39A1E2ABFDE297432932295FCF1DB704EFCD3A30A9EF881D6090480232D8893B9F7608037E1B5A2A09DD9E590C63ED28A82EFF89135E05E010710FC01AAE8CD27
+20210524220652 2 6 100 2047 5 CDA33E2E7179C731632DFF6272815DAAC78E971B46095FA70FD7153B8FEC3061C37064D6D6961EA44D04D20222E7071AF123319EE4B70C6C6C7F5EC5BF6F4556A9636794FE249A109E9292CAE57FE40829089D99A5731AC08639F090500DAA9ECD8D56C83368EA05DEB9A1C37C82C0E84396128BF47B2222A7312DC06F7220DB671F16302E8C9ACEB9034E4955EC08E27C9E708FF81884B81CFB3DD2D662D0A60A5DAA91EBD69F564B8B2A565637663A4D444BA4BBEE7F029BB44AE1EA2182F39A1E2ABFDE297432932295FCF1DB704EFCD3A30A9EF881D6090480232D8893B9F7608037E1B5A2A09DD9E590C63ED28A82EFF89135E05E010710FC01AAFAE557
+20210524220656 2 6 100 2047 2 CDA33E2E7179C731632DFF6272815DAAC78E971B46095FA70FD7153B8FEC3061C37064D6D6961EA44D04D20222E7071AF123319EE4B70C6C6C7F5EC5BF6F4556A9636794FE249A109E9292CAE57FE40829089D99A5731AC08639F090500DAA9ECD8D56C83368EA05DEB9A1C37C82C0E84396128BF47B2222A7312DC06F7220DB671F16302E8C9ACEB9034E4955EC08E27C9E708FF81884B81CFB3DD2D662D0A60A5DAA91EBD69F564B8B2A565637663A4D444BA4BBEE7F029BB44AE1EA2182F39A1E2ABFDE297432932295FCF1DB704EFCD3A30A9EF881D6090480232D8893B9F7608037E1B5A2A09DD9E590C63ED28A82EFF89135E05E010710FC01AB231D03
+20210524220658 2 6 100 2047 5 CDA33E2E7179C731632DFF6272815DAAC78E971B46095FA70FD7153B8FEC3061C37064D6D6961EA44D04D20222E7071AF123319EE4B70C6C6C7F5EC5BF6F4556A9636794FE249A109E9292CAE57FE40829089D99A5731AC08639F090500DAA9ECD8D56C83368EA05DEB9A1C37C82C0E84396128BF47B2222A7312DC06F7220DB671F16302E8C9ACEB9034E4955EC08E27C9E708FF81884B81CFB3DD2D662D0A60A5DAA91EBD69F564B8B2A565637663A4D444BA4BBEE7F029BB44AE1EA2182F39A1E2ABFDE297432932295FCF1DB704EFCD3A30A9EF881D6090480232D8893B9F7608037E1B5A2A09DD9E590C63ED28A82EFF89135E05E010710FC01AB2F512F
+20210524220700 2 6 100 2047 5 CDA33E2E7179C731632DFF6272815DAAC78E971B46095FA70FD7153B8FEC3061C37064D6D6961EA44D04D20222E7071AF123319EE4B70C6C6C7F5EC5BF6F4556A9636794FE249A109E9292CAE57FE40829089D99A5731AC08639F090500DAA9ECD8D56C83368EA05DEB9A1C37C82C0E84396128BF47B2222A7312DC06F7220DB671F16302E8C9ACEB9034E4955EC08E27C9E708FF81884B81CFB3DD2D662D0A60A5DAA91EBD69F564B8B2A565637663A4D444BA4BBEE7F029BB44AE1EA2182F39A1E2ABFDE297432932295FCF1DB704EFCD3A30A9EF881D6090480232D8893B9F7608037E1B5A2A09DD9E590C63ED28A82EFF89135E05E010710FC01AB3ED6AF
+20210524220706 2 6 100 2047 5 CDA33E2E7179C731632DFF6272815DAAC78E971B46095FA70FD7153B8FEC3061C37064D6D6961EA44D04D20222E7071AF123319EE4B70C6C6C7F5EC5BF6F4556A9636794FE249A109E9292CAE57FE40829089D99A5731AC08639F090500DAA9ECD8D56C83368EA05DEB9A1C37C82C0E84396128BF47B2222A7312DC06F7220DB671F16302E8C9ACEB9034E4955EC08E27C9E708FF81884B81CFB3DD2D662D0A60A5DAA91EBD69F564B8B2A565637663A4D444BA4BBEE7F029BB44AE1EA2182F39A1E2ABFDE297432932295FCF1DB704EFCD3A30A9EF881D6090480232D8893B9F7608037E1B5A2A09DD9E590C63ED28A82EFF89135E05E010710FC01AB7A3DDF
+20210524220712 2 6 100 2047 2 CDA33E2E7179C731632DFF6272815DAAC78E971B46095FA70FD7153B8FEC3061C37064D6D6961EA44D04D20222E7071AF123319EE4B70C6C6C7F5EC5BF6F4556A9636794FE249A109E9292CAE57FE40829089D99A5731AC08639F090500DAA9ECD8D56C83368EA05DEB9A1C37C82C0E84396128BF47B2222A7312DC06F7220DB671F16302E8C9ACEB9034E4955EC08E27C9E708FF81884B81CFB3DD2D662D0A60A5DAA91EBD69F564B8B2A565637663A4D444BA4BBEE7F029BB44AE1EA2182F39A1E2ABFDE297432932295FCF1DB704EFCD3A30A9EF881D6090480232D8893B9F7608037E1B5A2A09DD9E590C63ED28A82EFF89135E05E010710FC01ABB48B1B
+20210524221547 2 6 100 3071 2 C1064E3791D96D66CA94320FDDA0DD731891FE4D4E4BCB5C8C2A22E33BE0C071BDD6B55DF0A474F1123F6AA3CDBB043EE9972052E3422BAAF9CBB6C1E77E2817F0266F0018351110EE2017EDE4312F0E0ABECA6585F15630FE2228BC03E4DEC84F31650177D712CDE77D6D6D2B0B391F64CD792A6C14BF9A16011EE673183465882595613087535464AC29A1138E1FB2B1024693A368700447307B43435E1BC718CD239396943F22BBF861EA0098069CAB7976B13C60A9CDD4BEDE6DF3659D61188E161D2D5A02CADDCCB547319E02211D00445BE47F5484F673239D7796CB1E1D3FF1558DA0ACD3AB17C6B3D8C3F00DFBBBF69F3B600E98DDC1FB0C0F79FC2E2F88C891F7BACAD4023331B623DF6835B2A7E881E59F0B7CE676208717E3AA51FBEDD7E9EE62527F253762C7B6A3D987DF800D2FB66DFE4F9588BEAA938DD9FAA5916186746FBC25A357F57D0E03442EEA6D067F19ABB96865474A250C73F66FE0FC5B5847CAB8F2CE25765A52A27223BD725C7ECFCF55EAAB8505902F721263
+20210524221723 2 6 100 3071 2 C1064E3791D96D66CA94320FDDA0DD731891FE4D4E4BCB5C8C2A22E33BE0C071BDD6B55DF0A474F1123F6AA3CDBB043EE9972052E3422BAAF9CBB6C1E77E2817F0266F0018351110EE2017EDE4312F0E0ABECA6585F15630FE2228BC03E4DEC84F31650177D712CDE77D6D6D2B0B391F64CD792A6C14BF9A16011EE673183465882595613087535464AC29A1138E1FB2B1024693A368700447307B43435E1BC718CD239396943F22BBF861EA0098069CAB7976B13C60A9CDD4BEDE6DF3659D61188E161D2D5A02CADDCCB547319E02211D00445BE47F5484F673239D7796CB1E1D3FF1558DA0ACD3AB17C6B3D8C3F00DFBBBF69F3B600E98DDC1FB0C0F79FC2E2F88C891F7BACAD4023331B623DF6835B2A7E881E59F0B7CE676208717E3AA51FBEDD7E9EE62527F253762C7B6A3D987DF800D2FB66DFE4F9588BEAA938DD9FAA5916186746FBC25A357F57D0E03442EEA6D067F19ABB96865474A250C73F66FE0FC5B5847CAB8F2CE25765A52A27223BD725C7ECFCF55EAAB85059030ED9F9B
+20210524221800 2 6 100 3071 5 C1064E3791D96D66CA94320FDDA0DD731891FE4D4E4BCB5C8C2A22E33BE0C071BDD6B55DF0A474F1123F6AA3CDBB043EE9972052E3422BAAF9CBB6C1E77E2817F0266F0018351110EE2017EDE4312F0E0ABECA6585F15630FE2228BC03E4DEC84F31650177D712CDE77D6D6D2B0B391F64CD792A6C14BF9A16011EE673183465882595613087535464AC29A1138E1FB2B1024693A368700447307B43435E1BC718CD239396943F22BBF861EA0098069CAB7976B13C60A9CDD4BEDE6DF3659D61188E161D2D5A02CADDCCB547319E02211D00445BE47F5484F673239D7796CB1E1D3FF1558DA0ACD3AB17C6B3D8C3F00DFBBBF69F3B600E98DDC1FB0C0F79FC2E2F88C891F7BACAD4023331B623DF6835B2A7E881E59F0B7CE676208717E3AA51FBEDD7E9EE62527F253762C7B6A3D987DF800D2FB66DFE4F9588BEAA938DD9FAA5916186746FBC25A357F57D0E03442EEA6D067F19ABB96865474A250C73F66FE0FC5B5847CAB8F2CE25765A52A27223BD725C7ECFCF55EAAB8505903179F84F
+20210524221940 2 6 100 3071 2 C1064E3791D96D66CA94320FDDA0DD731891FE4D4E4BCB5C8C2A22E33BE0C071BDD6B55DF0A474F1123F6AA3CDBB043EE9972052E3422BAAF9CBB6C1E77E2817F0266F0018351110EE2017EDE4312F0E0ABECA6585F15630FE2228BC03E4DEC84F31650177D712CDE77D6D6D2B0B391F64CD792A6C14BF9A16011EE673183465882595613087535464AC29A1138E1FB2B1024693A368700447307B43435E1BC718CD239396943F22BBF861EA0098069CAB7976B13C60A9CDD4BEDE6DF3659D61188E161D2D5A02CADDCCB547319E02211D00445BE47F5484F673239D7796CB1E1D3FF1558DA0ACD3AB17C6B3D8C3F00DFBBBF69F3B600E98DDC1FB0C0F79FC2E2F88C891F7BACAD4023331B623DF6835B2A7E881E59F0B7CE676208717E3AA51FBEDD7E9EE62527F253762C7B6A3D987DF800D2FB66DFE4F9588BEAA938DD9FAA5916186746FBC25A357F57D0E03442EEA6D067F19ABB96865474A250C73F66FE0FC5B5847CAB8F2CE25765A52A27223BD725C7ECFCF55EAAB850590331E399B
+20210524222007 2 6 100 3071 2 C1064E3791D96D66CA94320FDDA0DD731891FE4D4E4BCB5C8C2A22E33BE0C071BDD6B55DF0A474F1123F6AA3CDBB043EE9972052E3422BAAF9CBB6C1E77E2817F0266F0018351110EE2017EDE4312F0E0ABECA6585F15630FE2228BC03E4DEC84F31650177D712CDE77D6D6D2B0B391F64CD792A6C14BF9A16011EE673183465882595613087535464AC29A1138E1FB2B1024693A368700447307B43435E1BC718CD239396943F22BBF861EA0098069CAB7976B13C60A9CDD4BEDE6DF3659D61188E161D2D5A02CADDCCB547319E02211D00445BE47F5484F673239D7796CB1E1D3FF1558DA0ACD3AB17C6B3D8C3F00DFBBBF69F3B600E98DDC1FB0C0F79FC2E2F88C891F7BACAD4023331B623DF6835B2A7E881E59F0B7CE676208717E3AA51FBEDD7E9EE62527F253762C7B6A3D987DF800D2FB66DFE4F9588BEAA938DD9FAA5916186746FBC25A357F57D0E03442EEA6D067F19ABB96865474A250C73F66FE0FC5B5847CAB8F2CE25765A52A27223BD725C7ECFCF55EAAB850590338E4BEB
+20210524222013 2 6 100 3071 2 C1064E3791D96D66CA94320FDDA0DD731891FE4D4E4BCB5C8C2A22E33BE0C071BDD6B55DF0A474F1123F6AA3CDBB043EE9972052E3422BAAF9CBB6C1E77E2817F0266F0018351110EE2017EDE4312F0E0ABECA6585F15630FE2228BC03E4DEC84F31650177D712CDE77D6D6D2B0B391F64CD792A6C14BF9A16011EE673183465882595613087535464AC29A1138E1FB2B1024693A368700447307B43435E1BC718CD239396943F22BBF861EA0098069CAB7976B13C60A9CDD4BEDE6DF3659D61188E161D2D5A02CADDCCB547319E02211D00445BE47F5484F673239D7796CB1E1D3FF1558DA0ACD3AB17C6B3D8C3F00DFBBBF69F3B600E98DDC1FB0C0F79FC2E2F88C891F7BACAD4023331B623DF6835B2A7E881E59F0B7CE676208717E3AA51FBEDD7E9EE62527F253762C7B6A3D987DF800D2FB66DFE4F9588BEAA938DD9FAA5916186746FBC25A357F57D0E03442EEA6D067F19ABB96865474A250C73F66FE0FC5B5847CAB8F2CE25765A52A27223BD725C7ECFCF55EAAB850590339E72DB
+20210524222057 2 6 100 3071 5 C1064E3791D96D66CA94320FDDA0DD731891FE4D4E4BCB5C8C2A22E33BE0C071BDD6B55DF0A474F1123F6AA3CDBB043EE9972052E3422BAAF9CBB6C1E77E2817F0266F0018351110EE2017EDE4312F0E0ABECA6585F15630FE2228BC03E4DEC84F31650177D712CDE77D6D6D2B0B391F64CD792A6C14BF9A16011EE673183465882595613087535464AC29A1138E1FB2B1024693A368700447307B43435E1BC718CD239396943F22BBF861EA0098069CAB7976B13C60A9CDD4BEDE6DF3659D61188E161D2D5A02CADDCCB547319E02211D00445BE47F5484F673239D7796CB1E1D3FF1558DA0ACD3AB17C6B3D8C3F00DFBBBF69F3B600E98DDC1FB0C0F79FC2E2F88C891F7BACAD4023331B623DF6835B2A7E881E59F0B7CE676208717E3AA51FBEDD7E9EE62527F253762C7B6A3D987DF800D2FB66DFE4F9588BEAA938DD9FAA5916186746FBC25A357F57D0E03442EEA6D067F19ABB96865474A250C73F66FE0FC5B5847CAB8F2CE25765A52A27223BD725C7ECFCF55EAAB8505903458ADC7
+20210524222125 2 6 100 3071 2 C1064E3791D96D66CA94320FDDA0DD731891FE4D4E4BCB5C8C2A22E33BE0C071BDD6B55DF0A474F1123F6AA3CDBB043EE9972052E3422BAAF9CBB6C1E77E2817F0266F0018351110EE2017EDE4312F0E0ABECA6585F15630FE2228BC03E4DEC84F31650177D712CDE77D6D6D2B0B391F64CD792A6C14BF9A16011EE673183465882595613087535464AC29A1138E1FB2B1024693A368700447307B43435E1BC718CD239396943F22BBF861EA0098069CAB7976B13C60A9CDD4BEDE6DF3659D61188E161D2D5A02CADDCCB547319E02211D00445BE47F5484F673239D7796CB1E1D3FF1558DA0ACD3AB17C6B3D8C3F00DFBBBF69F3B600E98DDC1FB0C0F79FC2E2F88C891F7BACAD4023331B623DF6835B2A7E881E59F0B7CE676208717E3AA51FBEDD7E9EE62527F253762C7B6A3D987DF800D2FB66DFE4F9588BEAA938DD9FAA5916186746FBC25A357F57D0E03442EEA6D067F19ABB96865474A250C73F66FE0FC5B5847CAB8F2CE25765A52A27223BD725C7ECFCF55EAAB85059034C60DC3
+20210524222149 2 6 100 3071 5 C1064E3791D96D66CA94320FDDA0DD731891FE4D4E4BCB5C8C2A22E33BE0C071BDD6B55DF0A474F1123F6AA3CDBB043EE9972052E3422BAAF9CBB6C1E77E2817F0266F0018351110EE2017EDE4312F0E0ABECA6585F15630FE2228BC03E4DEC84F31650177D712CDE77D6D6D2B0B391F64CD792A6C14BF9A16011EE673183465882595613087535464AC29A1138E1FB2B1024693A368700447307B43435E1BC718CD239396943F22BBF861EA0098069CAB7976B13C60A9CDD4BEDE6DF3659D61188E161D2D5A02CADDCCB547319E02211D00445BE47F5484F673239D7796CB1E1D3FF1558DA0ACD3AB17C6B3D8C3F00DFBBBF69F3B600E98DDC1FB0C0F79FC2E2F88C891F7BACAD4023331B623DF6835B2A7E881E59F0B7CE676208717E3AA51FBEDD7E9EE62527F253762C7B6A3D987DF800D2FB66DFE4F9588BEAA938DD9FAA5916186746FBC25A357F57D0E03442EEA6D067F19ABB96865474A250C73F66FE0FC5B5847CAB8F2CE25765A52A27223BD725C7ECFCF55EAAB8505903527AD67
+20210524222206 2 6 100 3071 5 C1064E3791D96D66CA94320FDDA0DD731891FE4D4E4BCB5C8C2A22E33BE0C071BDD6B55DF0A474F1123F6AA3CDBB043EE9972052E3422BAAF9CBB6C1E77E2817F0266F0018351110EE2017EDE4312F0E0ABECA6585F15630FE2228BC03E4DEC84F31650177D712CDE77D6D6D2B0B391F64CD792A6C14BF9A16011EE673183465882595613087535464AC29A1138E1FB2B1024693A368700447307B43435E1BC718CD239396943F22BBF861EA0098069CAB7976B13C60A9CDD4BEDE6DF3659D61188E161D2D5A02CADDCCB547319E02211D00445BE47F5484F673239D7796CB1E1D3FF1558DA0ACD3AB17C6B3D8C3F00DFBBBF69F3B600E98DDC1FB0C0F79FC2E2F88C891F7BACAD4023331B623DF6835B2A7E881E59F0B7CE676208717E3AA51FBEDD7E9EE62527F253762C7B6A3D987DF800D2FB66DFE4F9588BEAA938DD9FAA5916186746FBC25A357F57D0E03442EEA6D067F19ABB96865474A250C73F66FE0FC5B5847CAB8F2CE25765A52A27223BD725C7ECFCF55EAAB850590356715BF
+20210524222226 2 6 100 3071 5 C1064E3791D96D66CA94320FDDA0DD731891FE4D4E4BCB5C8C2A22E33BE0C071BDD6B55DF0A474F1123F6AA3CDBB043EE9972052E3422BAAF9CBB6C1E77E2817F0266F0018351110EE2017EDE4312F0E0ABECA6585F15630FE2228BC03E4DEC84F31650177D712CDE77D6D6D2B0B391F64CD792A6C14BF9A16011EE673183465882595613087535464AC29A1138E1FB2B1024693A368700447307B43435E1BC718CD239396943F22BBF861EA0098069CAB7976B13C60A9CDD4BEDE6DF3659D61188E161D2D5A02CADDCCB547319E02211D00445BE47F5484F673239D7796CB1E1D3FF1558DA0ACD3AB17C6B3D8C3F00DFBBBF69F3B600E98DDC1FB0C0F79FC2E2F88C891F7BACAD4023331B623DF6835B2A7E881E59F0B7CE676208717E3AA51FBEDD7E9EE62527F253762C7B6A3D987DF800D2FB66DFE4F9588BEAA938DD9FAA5916186746FBC25A357F57D0E03442EEA6D067F19ABB96865474A250C73F66FE0FC5B5847CAB8F2CE25765A52A27223BD725C7ECFCF55EAAB85059035B2AF7F
+20210524222240 2 6 100 3071 2 C1064E3791D96D66CA94320FDDA0DD731891FE4D4E4BCB5C8C2A22E33BE0C071BDD6B55DF0A474F1123F6AA3CDBB043EE9972052E3422BAAF9CBB6C1E77E2817F0266F0018351110EE2017EDE4312F0E0ABECA6585F15630FE2228BC03E4DEC84F31650177D712CDE77D6D6D2B0B391F64CD792A6C14BF9A16011EE673183465882595613087535464AC29A1138E1FB2B1024693A368700447307B43435E1BC718CD239396943F22BBF861EA0098069CAB7976B13C60A9CDD4BEDE6DF3659D61188E161D2D5A02CADDCCB547319E02211D00445BE47F5484F673239D7796CB1E1D3FF1558DA0ACD3AB17C6B3D8C3F00DFBBBF69F3B600E98DDC1FB0C0F79FC2E2F88C891F7BACAD4023331B623DF6835B2A7E881E59F0B7CE676208717E3AA51FBEDD7E9EE62527F253762C7B6A3D987DF800D2FB66DFE4F9588BEAA938DD9FAA5916186746FBC25A357F57D0E03442EEA6D067F19ABB96865474A250C73F66FE0FC5B5847CAB8F2CE25765A52A27223BD725C7ECFCF55EAAB85059035E27D63
+20210524222530 2 6 100 3071 5 C1064E3791D96D66CA94320FDDA0DD731891FE4D4E4BCB5C8C2A22E33BE0C071BDD6B55DF0A474F1123F6AA3CDBB043EE9972052E3422BAAF9CBB6C1E77E2817F0266F0018351110EE2017EDE4312F0E0ABECA6585F15630FE2228BC03E4DEC84F31650177D712CDE77D6D6D2B0B391F64CD792A6C14BF9A16011EE673183465882595613087535464AC29A1138E1FB2B1024693A368700447307B43435E1BC718CD239396943F22BBF861EA0098069CAB7976B13C60A9CDD4BEDE6DF3659D61188E161D2D5A02CADDCCB547319E02211D00445BE47F5484F673239D7796CB1E1D3FF1558DA0ACD3AB17C6B3D8C3F00DFBBBF69F3B600E98DDC1FB0C0F79FC2E2F88C891F7BACAD4023331B623DF6835B2A7E881E59F0B7CE676208717E3AA51FBEDD7E9EE62527F253762C7B6A3D987DF800D2FB66DFE4F9588BEAA938DD9FAA5916186746FBC25A357F57D0E03442EEA6D067F19ABB96865474A250C73F66FE0FC5B5847CAB8F2CE25765A52A27223BD725C7ECFCF55EAAB85059038AD337F
+20210524222550 2 6 100 3071 5 C1064E3791D96D66CA94320FDDA0DD731891FE4D4E4BCB5C8C2A22E33BE0C071BDD6B55DF0A474F1123F6AA3CDBB043EE9972052E3422BAAF9CBB6C1E77E2817F0266F0018351110EE2017EDE4312F0E0ABECA6585F15630FE2228BC03E4DEC84F31650177D712CDE77D6D6D2B0B391F64CD792A6C14BF9A16011EE673183465882595613087535464AC29A1138E1FB2B1024693A368700447307B43435E1BC718CD239396943F22BBF861EA0098069CAB7976B13C60A9CDD4BEDE6DF3659D61188E161D2D5A02CADDCCB547319E02211D00445BE47F5484F673239D7796CB1E1D3FF1558DA0ACD3AB17C6B3D8C3F00DFBBBF69F3B600E98DDC1FB0C0F79FC2E2F88C891F7BACAD4023331B623DF6835B2A7E881E59F0B7CE676208717E3AA51FBEDD7E9EE62527F253762C7B6A3D987DF800D2FB66DFE4F9588BEAA938DD9FAA5916186746FBC25A357F57D0E03442EEA6D067F19ABB96865474A250C73F66FE0FC5B5847CAB8F2CE25765A52A27223BD725C7ECFCF55EAAB85059038FF50F7
+20210524222711 2 6 100 3071 2 C1064E3791D96D66CA94320FDDA0DD731891FE4D4E4BCB5C8C2A22E33BE0C071BDD6B55DF0A474F1123F6AA3CDBB043EE9972052E3422BAAF9CBB6C1E77E2817F0266F0018351110EE2017EDE4312F0E0ABECA6585F15630FE2228BC03E4DEC84F31650177D712CDE77D6D6D2B0B391F64CD792A6C14BF9A16011EE673183465882595613087535464AC29A1138E1FB2B1024693A368700447307B43435E1BC718CD239396943F22BBF861EA0098069CAB7976B13C60A9CDD4BEDE6DF3659D61188E161D2D5A02CADDCCB547319E02211D00445BE47F5484F673239D7796CB1E1D3FF1558DA0ACD3AB17C6B3D8C3F00DFBBBF69F3B600E98DDC1FB0C0F79FC2E2F88C891F7BACAD4023331B623DF6835B2A7E881E59F0B7CE676208717E3AA51FBEDD7E9EE62527F253762C7B6A3D987DF800D2FB66DFE4F9588BEAA938DD9FAA5916186746FBC25A357F57D0E03442EEA6D067F19ABB96865474A250C73F66FE0FC5B5847CAB8F2CE25765A52A27223BD725C7ECFCF55EAAB8505903A587DBB
+20210524222722 2 6 100 3071 2 C1064E3791D96D66CA94320FDDA0DD731891FE4D4E4BCB5C8C2A22E33BE0C071BDD6B55DF0A474F1123F6AA3CDBB043EE9972052E3422BAAF9CBB6C1E77E2817F0266F0018351110EE2017EDE4312F0E0ABECA6585F15630FE2228BC03E4DEC84F31650177D712CDE77D6D6D2B0B391F64CD792A6C14BF9A16011EE673183465882595613087535464AC29A1138E1FB2B1024693A368700447307B43435E1BC718CD239396943F22BBF861EA0098069CAB7976B13C60A9CDD4BEDE6DF3659D61188E161D2D5A02CADDCCB547319E02211D00445BE47F5484F673239D7796CB1E1D3FF1558DA0ACD3AB17C6B3D8C3F00DFBBBF69F3B600E98DDC1FB0C0F79FC2E2F88C891F7BACAD4023331B623DF6835B2A7E881E59F0B7CE676208717E3AA51FBEDD7E9EE62527F253762C7B6A3D987DF800D2FB66DFE4F9588BEAA938DD9FAA5916186746FBC25A357F57D0E03442EEA6D067F19ABB96865474A250C73F66FE0FC5B5847CAB8F2CE25765A52A27223BD725C7ECFCF55EAAB8505903A7E2593
+20210524222813 2 6 100 3071 5 C1064E3791D96D66CA94320FDDA0DD731891FE4D4E4BCB5C8C2A22E33BE0C071BDD6B55DF0A474F1123F6AA3CDBB043EE9972052E3422BAAF9CBB6C1E77E2817F0266F0018351110EE2017EDE4312F0E0ABECA6585F15630FE2228BC03E4DEC84F31650177D712CDE77D6D6D2B0B391F64CD792A6C14BF9A16011EE673183465882595613087535464AC29A1138E1FB2B1024693A368700447307B43435E1BC718CD239396943F22BBF861EA0098069CAB7976B13C60A9CDD4BEDE6DF3659D61188E161D2D5A02CADDCCB547319E02211D00445BE47F5484F673239D7796CB1E1D3FF1558DA0ACD3AB17C6B3D8C3F00DFBBBF69F3B600E98DDC1FB0C0F79FC2E2F88C891F7BACAD4023331B623DF6835B2A7E881E59F0B7CE676208717E3AA51FBEDD7E9EE62527F253762C7B6A3D987DF800D2FB66DFE4F9588BEAA938DD9FAA5916186746FBC25A357F57D0E03442EEA6D067F19ABB96865474A250C73F66FE0FC5B5847CAB8F2CE25765A52A27223BD725C7ECFCF55EAAB8505903B518C67
+20210524222821 2 6 100 3071 2 C1064E3791D96D66CA94320FDDA0DD731891FE4D4E4BCB5C8C2A22E33BE0C071BDD6B55DF0A474F1123F6AA3CDBB043EE9972052E3422BAAF9CBB6C1E77E2817F0266F0018351110EE2017EDE4312F0E0ABECA6585F15630FE2228BC03E4DEC84F31650177D712CDE77D6D6D2B0B391F64CD792A6C14BF9A16011EE673183465882595613087535464AC29A1138E1FB2B1024693A368700447307B43435E1BC718CD239396943F22BBF861EA0098069CAB7976B13C60A9CDD4BEDE6DF3659D61188E161D2D5A02CADDCCB547319E02211D00445BE47F5484F673239D7796CB1E1D3FF1558DA0ACD3AB17C6B3D8C3F00DFBBBF69F3B600E98DDC1FB0C0F79FC2E2F88C891F7BACAD4023331B623DF6835B2A7E881E59F0B7CE676208717E3AA51FBEDD7E9EE62527F253762C7B6A3D987DF800D2FB66DFE4F9588BEAA938DD9FAA5916186746FBC25A357F57D0E03442EEA6D067F19ABB96865474A250C73F66FE0FC5B5847CAB8F2CE25765A52A27223BD725C7ECFCF55EAAB8505903B6BA4B3
+20210524222927 2 6 100 3071 2 C1064E3791D96D66CA94320FDDA0DD731891FE4D4E4BCB5C8C2A22E33BE0C071BDD6B55DF0A474F1123F6AA3CDBB043EE9972052E3422BAAF9CBB6C1E77E2817F0266F0018351110EE2017EDE4312F0E0ABECA6585F15630FE2228BC03E4DEC84F31650177D712CDE77D6D6D2B0B391F64CD792A6C14BF9A16011EE673183465882595613087535464AC29A1138E1FB2B1024693A368700447307B43435E1BC718CD239396943F22BBF861EA0098069CAB7976B13C60A9CDD4BEDE6DF3659D61188E161D2D5A02CADDCCB547319E02211D00445BE47F5484F673239D7796CB1E1D3FF1558DA0ACD3AB17C6B3D8C3F00DFBBBF69F3B600E98DDC1FB0C0F79FC2E2F88C891F7BACAD4023331B623DF6835B2A7E881E59F0B7CE676208717E3AA51FBEDD7E9EE62527F253762C7B6A3D987DF800D2FB66DFE4F9588BEAA938DD9FAA5916186746FBC25A357F57D0E03442EEA6D067F19ABB96865474A250C73F66FE0FC5B5847CAB8F2CE25765A52A27223BD725C7ECFCF55EAAB8505903C7ADF53
+20210524222944 2 6 100 3071 5 C1064E3791D96D66CA94320FDDA0DD731891FE4D4E4BCB5C8C2A22E33BE0C071BDD6B55DF0A474F1123F6AA3CDBB043EE9972052E3422BAAF9CBB6C1E77E2817F0266F0018351110EE2017EDE4312F0E0ABECA6585F15630FE2228BC03E4DEC84F31650177D712CDE77D6D6D2B0B391F64CD792A6C14BF9A16011EE673183465882595613087535464AC29A1138E1FB2B1024693A368700447307B43435E1BC718CD239396943F22BBF861EA0098069CAB7976B13C60A9CDD4BEDE6DF3659D61188E161D2D5A02CADDCCB547319E02211D00445BE47F5484F673239D7796CB1E1D3FF1558DA0ACD3AB17C6B3D8C3F00DFBBBF69F3B600E98DDC1FB0C0F79FC2E2F88C891F7BACAD4023331B623DF6835B2A7E881E59F0B7CE676208717E3AA51FBEDD7E9EE62527F253762C7B6A3D987DF800D2FB66DFE4F9588BEAA938DD9FAA5916186746FBC25A357F57D0E03442EEA6D067F19ABB96865474A250C73F66FE0FC5B5847CAB8F2CE25765A52A27223BD725C7ECFCF55EAAB8505903CB9378F
+20210524223124 2 6 100 3071 2 C1064E3791D96D66CA94320FDDA0DD731891FE4D4E4BCB5C8C2A22E33BE0C071BDD6B55DF0A474F1123F6AA3CDBB043EE9972052E3422BAAF9CBB6C1E77E2817F0266F0018351110EE2017EDE4312F0E0ABECA6585F15630FE2228BC03E4DEC84F31650177D712CDE77D6D6D2B0B391F64CD792A6C14BF9A16011EE673183465882595613087535464AC29A1138E1FB2B1024693A368700447307B43435E1BC718CD239396943F22BBF861EA0098069CAB7976B13C60A9CDD4BEDE6DF3659D61188E161D2D5A02CADDCCB547319E02211D00445BE47F5484F673239D7796CB1E1D3FF1558DA0ACD3AB17C6B3D8C3F00DFBBBF69F3B600E98DDC1FB0C0F79FC2E2F88C891F7BACAD4023331B623DF6835B2A7E881E59F0B7CE676208717E3AA51FBEDD7E9EE62527F253762C7B6A3D987DF800D2FB66DFE4F9588BEAA938DD9FAA5916186746FBC25A357F57D0E03442EEA6D067F19ABB96865474A250C73F66FE0FC5B5847CAB8F2CE25765A52A27223BD725C7ECFCF55EAAB8505903E4E0F63
+20210524223132 2 6 100 3071 2 C1064E3791D96D66CA94320FDDA0DD731891FE4D4E4BCB5C8C2A22E33BE0C071BDD6B55DF0A474F1123F6AA3CDBB043EE9972052E3422BAAF9CBB6C1E77E2817F0266F0018351110EE2017EDE4312F0E0ABECA6585F15630FE2228BC03E4DEC84F31650177D712CDE77D6D6D2B0B391F64CD792A6C14BF9A16011EE673183465882595613087535464AC29A1138E1FB2B1024693A368700447307B43435E1BC718CD239396943F22BBF861EA0098069CAB7976B13C60A9CDD4BEDE6DF3659D61188E161D2D5A02CADDCCB547319E02211D00445BE47F5484F673239D7796CB1E1D3FF1558DA0ACD3AB17C6B3D8C3F00DFBBBF69F3B600E98DDC1FB0C0F79FC2E2F88C891F7BACAD4023331B623DF6835B2A7E881E59F0B7CE676208717E3AA51FBEDD7E9EE62527F253762C7B6A3D987DF800D2FB66DFE4F9588BEAA938DD9FAA5916186746FBC25A357F57D0E03442EEA6D067F19ABB96865474A250C73F66FE0FC5B5847CAB8F2CE25765A52A27223BD725C7ECFCF55EAAB8505903E680D03
+20210524223318 2 6 100 3071 2 C1064E3791D96D66CA94320FDDA0DD731891FE4D4E4BCB5C8C2A22E33BE0C071BDD6B55DF0A474F1123F6AA3CDBB043EE9972052E3422BAAF9CBB6C1E77E2817F0266F0018351110EE2017EDE4312F0E0ABECA6585F15630FE2228BC03E4DEC84F31650177D712CDE77D6D6D2B0B391F64CD792A6C14BF9A16011EE673183465882595613087535464AC29A1138E1FB2B1024693A368700447307B43435E1BC718CD239396943F22BBF861EA0098069CAB7976B13C60A9CDD4BEDE6DF3659D61188E161D2D5A02CADDCCB547319E02211D00445BE47F5484F673239D7796CB1E1D3FF1558DA0ACD3AB17C6B3D8C3F00DFBBBF69F3B600E98DDC1FB0C0F79FC2E2F88C891F7BACAD4023331B623DF6835B2A7E881E59F0B7CE676208717E3AA51FBEDD7E9EE62527F253762C7B6A3D987DF800D2FB66DFE4F9588BEAA938DD9FAA5916186746FBC25A357F57D0E03442EEA6D067F19ABB96865474A250C73F66FE0FC5B5847CAB8F2CE25765A52A27223BD725C7ECFCF55EAAB8505904017708B
+20210524223328 2 6 100 3071 2 C1064E3791D96D66CA94320FDDA0DD731891FE4D4E4BCB5C8C2A22E33BE0C071BDD6B55DF0A474F1123F6AA3CDBB043EE9972052E3422BAAF9CBB6C1E77E2817F0266F0018351110EE2017EDE4312F0E0ABECA6585F15630FE2228BC03E4DEC84F31650177D712CDE77D6D6D2B0B391F64CD792A6C14BF9A16011EE673183465882595613087535464AC29A1138E1FB2B1024693A368700447307B43435E1BC718CD239396943F22BBF861EA0098069CAB7976B13C60A9CDD4BEDE6DF3659D61188E161D2D5A02CADDCCB547319E02211D00445BE47F5484F673239D7796CB1E1D3FF1558DA0ACD3AB17C6B3D8C3F00DFBBBF69F3B600E98DDC1FB0C0F79FC2E2F88C891F7BACAD4023331B623DF6835B2A7E881E59F0B7CE676208717E3AA51FBEDD7E9EE62527F253762C7B6A3D987DF800D2FB66DFE4F9588BEAA938DD9FAA5916186746FBC25A357F57D0E03442EEA6D067F19ABB96865474A250C73F66FE0FC5B5847CAB8F2CE25765A52A27223BD725C7ECFCF55EAAB85059040391D6B
+20210524223340 2 6 100 3071 5 C1064E3791D96D66CA94320FDDA0DD731891FE4D4E4BCB5C8C2A22E33BE0C071BDD6B55DF0A474F1123F6AA3CDBB043EE9972052E3422BAAF9CBB6C1E77E2817F0266F0018351110EE2017EDE4312F0E0ABECA6585F15630FE2228BC03E4DEC84F31650177D712CDE77D6D6D2B0B391F64CD792A6C14BF9A16011EE673183465882595613087535464AC29A1138E1FB2B1024693A368700447307B43435E1BC718CD239396943F22BBF861EA0098069CAB7976B13C60A9CDD4BEDE6DF3659D61188E161D2D5A02CADDCCB547319E02211D00445BE47F5484F673239D7796CB1E1D3FF1558DA0ACD3AB17C6B3D8C3F00DFBBBF69F3B600E98DDC1FB0C0F79FC2E2F88C891F7BACAD4023331B623DF6835B2A7E881E59F0B7CE676208717E3AA51FBEDD7E9EE62527F253762C7B6A3D987DF800D2FB66DFE4F9588BEAA938DD9FAA5916186746FBC25A357F57D0E03442EEA6D067F19ABB96865474A250C73F66FE0FC5B5847CAB8F2CE25765A52A27223BD725C7ECFCF55EAAB8505904064990F
+20210524223418 2 6 100 3071 2 C1064E3791D96D66CA94320FDDA0DD731891FE4D4E4BCB5C8C2A22E33BE0C071BDD6B55DF0A474F1123F6AA3CDBB043EE9972052E3422BAAF9CBB6C1E77E2817F0266F0018351110EE2017EDE4312F0E0ABECA6585F15630FE2228BC03E4DEC84F31650177D712CDE77D6D6D2B0B391F64CD792A6C14BF9A16011EE673183465882595613087535464AC29A1138E1FB2B1024693A368700447307B43435E1BC718CD239396943F22BBF861EA0098069CAB7976B13C60A9CDD4BEDE6DF3659D61188E161D2D5A02CADDCCB547319E02211D00445BE47F5484F673239D7796CB1E1D3FF1558DA0ACD3AB17C6B3D8C3F00DFBBBF69F3B600E98DDC1FB0C0F79FC2E2F88C891F7BACAD4023331B623DF6835B2A7E881E59F0B7CE676208717E3AA51FBEDD7E9EE62527F253762C7B6A3D987DF800D2FB66DFE4F9588BEAA938DD9FAA5916186746FBC25A357F57D0E03442EEA6D067F19ABB96865474A250C73F66FE0FC5B5847CAB8F2CE25765A52A27223BD725C7ECFCF55EAAB85059040FCE473
+20210524223453 2 6 100 3071 2 C6D582E2863DD842704EDE65181452A2A54FD6112537B792F2AF066D30656086948D10BD502D46881AA1766656F36A4BDDCCAF0893BA661A1E7952ED0CC9FD481640C27E1513322DA51E6CF68B2659BFED70ACA5F3D45188E2DCE57C05479C7564EB1573D3A039E815105E5BED13E0810D70E388766005C2DE1ADA9855EB53BF83EFABFCB67D8BDC4156C639A547EBDCB3EB980DCD81A44255F1EFCEAE2367482CD7AC7C7B68CA9536B6548F5323C1F46C9ADB084274D82387B7005D7D964CF53F4FCD2EF3337466DEB47BF46DA8501BCDAC4579FE0512B1D6C2AFDF933E9C6B89B25CCD5066B103D59FF1CB96DD4E427520CC06DEE74325885FD48E20E6DA45009CFD337511AF8081C2BC4341306DB2F2BFEB6912F7176D07161162D1BF8B603B0500EDAE3985D29BE88F3F94E98F91A73BA3CCAD9F35EBF6F95F179DA44AD4255AE983FBF8A8BD9458ED7D3AC7E410735FF90ECB32029C5A7D562A33C295F6262E6E91AA15444B971D565A6F90CD898E700B4EE15FE1ADABD3EA6EB455657B
+20210524223634 2 6 100 3071 2 C6D582E2863DD842704EDE65181452A2A54FD6112537B792F2AF066D30656086948D10BD502D46881AA1766656F36A4BDDCCAF0893BA661A1E7952ED0CC9FD481640C27E1513322DA51E6CF68B2659BFED70ACA5F3D45188E2DCE57C05479C7564EB1573D3A039E815105E5BED13E0810D70E388766005C2DE1ADA9855EB53BF83EFABFCB67D8BDC4156C639A547EBDCB3EB980DCD81A44255F1EFCEAE2367482CD7AC7C7B68CA9536B6548F5323C1F46C9ADB084274D82387B7005D7D964CF53F4FCD2EF3337466DEB47BF46DA8501BCDAC4579FE0512B1D6C2AFDF933E9C6B89B25CCD5066B103D59FF1CB96DD4E427520CC06DEE74325885FD48E20E6DA45009CFD337511AF8081C2BC4341306DB2F2BFEB6912F7176D07161162D1BF8B603B0500EDAE3985D29BE88F3F94E98F91A73BA3CCAD9F35EBF6F95F179DA44AD4255AE983FBF8A8BD9458ED7D3AC7E410735FF90ECB32029C5A7D562A33C295F6262E6E91AA15444B971D565A6F90CD898E700B4EE15FE1ADABD3EA6EB5FCC833
+20210524223659 2 6 100 3071 2 C6D582E2863DD842704EDE65181452A2A54FD6112537B792F2AF066D30656086948D10BD502D46881AA1766656F36A4BDDCCAF0893BA661A1E7952ED0CC9FD481640C27E1513322DA51E6CF68B2659BFED70ACA5F3D45188E2DCE57C05479C7564EB1573D3A039E815105E5BED13E0810D70E388766005C2DE1ADA9855EB53BF83EFABFCB67D8BDC4156C639A547EBDCB3EB980DCD81A44255F1EFCEAE2367482CD7AC7C7B68CA9536B6548F5323C1F46C9ADB084274D82387B7005D7D964CF53F4FCD2EF3337466DEB47BF46DA8501BCDAC4579FE0512B1D6C2AFDF933E9C6B89B25CCD5066B103D59FF1CB96DD4E427520CC06DEE74325885FD48E20E6DA45009CFD337511AF8081C2BC4341306DB2F2BFEB6912F7176D07161162D1BF8B603B0500EDAE3985D29BE88F3F94E98F91A73BA3CCAD9F35EBF6F95F179DA44AD4255AE983FBF8A8BD9458ED7D3AC7E410735FF90ECB32029C5A7D562A33C295F6262E6E91AA15444B971D565A6F90CD898E700B4EE15FE1ADABD3EA6EB65DD6F3
+20210524223732 2 6 100 3071 2 C6D582E2863DD842704EDE65181452A2A54FD6112537B792F2AF066D30656086948D10BD502D46881AA1766656F36A4BDDCCAF0893BA661A1E7952ED0CC9FD481640C27E1513322DA51E6CF68B2659BFED70ACA5F3D45188E2DCE57C05479C7564EB1573D3A039E815105E5BED13E0810D70E388766005C2DE1ADA9855EB53BF83EFABFCB67D8BDC4156C639A547EBDCB3EB980DCD81A44255F1EFCEAE2367482CD7AC7C7B68CA9536B6548F5323C1F46C9ADB084274D82387B7005D7D964CF53F4FCD2EF3337466DEB47BF46DA8501BCDAC4579FE0512B1D6C2AFDF933E9C6B89B25CCD5066B103D59FF1CB96DD4E427520CC06DEE74325885FD48E20E6DA45009CFD337511AF8081C2BC4341306DB2F2BFEB6912F7176D07161162D1BF8B603B0500EDAE3985D29BE88F3F94E98F91A73BA3CCAD9F35EBF6F95F179DA44AD4255AE983FBF8A8BD9458ED7D3AC7E410735FF90ECB32029C5A7D562A33C295F6262E6E91AA15444B971D565A6F90CD898E700B4EE15FE1ADABD3EA6EB6E02573
+20210524223739 2 6 100 3071 5 C6D582E2863DD842704EDE65181452A2A54FD6112537B792F2AF066D30656086948D10BD502D46881AA1766656F36A4BDDCCAF0893BA661A1E7952ED0CC9FD481640C27E1513322DA51E6CF68B2659BFED70ACA5F3D45188E2DCE57C05479C7564EB1573D3A039E815105E5BED13E0810D70E388766005C2DE1ADA9855EB53BF83EFABFCB67D8BDC4156C639A547EBDCB3EB980DCD81A44255F1EFCEAE2367482CD7AC7C7B68CA9536B6548F5323C1F46C9ADB084274D82387B7005D7D964CF53F4FCD2EF3337466DEB47BF46DA8501BCDAC4579FE0512B1D6C2AFDF933E9C6B89B25CCD5066B103D59FF1CB96DD4E427520CC06DEE74325885FD48E20E6DA45009CFD337511AF8081C2BC4341306DB2F2BFEB6912F7176D07161162D1BF8B603B0500EDAE3985D29BE88F3F94E98F91A73BA3CCAD9F35EBF6F95F179DA44AD4255AE983FBF8A8BD9458ED7D3AC7E410735FF90ECB32029C5A7D562A33C295F6262E6E91AA15444B971D565A6F90CD898E700B4EE15FE1ADABD3EA6EB6F4ED87
+20210524223745 2 6 100 3071 2 C6D582E2863DD842704EDE65181452A2A54FD6112537B792F2AF066D30656086948D10BD502D46881AA1766656F36A4BDDCCAF0893BA661A1E7952ED0CC9FD481640C27E1513322DA51E6CF68B2659BFED70ACA5F3D45188E2DCE57C05479C7564EB1573D3A039E815105E5BED13E0810D70E388766005C2DE1ADA9855EB53BF83EFABFCB67D8BDC4156C639A547EBDCB3EB980DCD81A44255F1EFCEAE2367482CD7AC7C7B68CA9536B6548F5323C1F46C9ADB084274D82387B7005D7D964CF53F4FCD2EF3337466DEB47BF46DA8501BCDAC4579FE0512B1D6C2AFDF933E9C6B89B25CCD5066B103D59FF1CB96DD4E427520CC06DEE74325885FD48E20E6DA45009CFD337511AF8081C2BC4341306DB2F2BFEB6912F7176D07161162D1BF8B603B0500EDAE3985D29BE88F3F94E98F91A73BA3CCAD9F35EBF6F95F179DA44AD4255AE983FBF8A8BD9458ED7D3AC7E410735FF90ECB32029C5A7D562A33C295F6262E6E91AA15444B971D565A6F90CD898E700B4EE15FE1ADABD3EA6EB7068FBB
+20210524223826 2 6 100 3071 2 C6D582E2863DD842704EDE65181452A2A54FD6112537B792F2AF066D30656086948D10BD502D46881AA1766656F36A4BDDCCAF0893BA661A1E7952ED0CC9FD481640C27E1513322DA51E6CF68B2659BFED70ACA5F3D45188E2DCE57C05479C7564EB1573D3A039E815105E5BED13E0810D70E388766005C2DE1ADA9855EB53BF83EFABFCB67D8BDC4156C639A547EBDCB3EB980DCD81A44255F1EFCEAE2367482CD7AC7C7B68CA9536B6548F5323C1F46C9ADB084274D82387B7005D7D964CF53F4FCD2EF3337466DEB47BF46DA8501BCDAC4579FE0512B1D6C2AFDF933E9C6B89B25CCD5066B103D59FF1CB96DD4E427520CC06DEE74325885FD48E20E6DA45009CFD337511AF8081C2BC4341306DB2F2BFEB6912F7176D07161162D1BF8B603B0500EDAE3985D29BE88F3F94E98F91A73BA3CCAD9F35EBF6F95F179DA44AD4255AE983FBF8A8BD9458ED7D3AC7E410735FF90ECB32029C5A7D562A33C295F6262E6E91AA15444B971D565A6F90CD898E700B4EE15FE1ADABD3EA6EB7A2859B
+20210524223848 2 6 100 3071 2 C6D582E2863DD842704EDE65181452A2A54FD6112537B792F2AF066D30656086948D10BD502D46881AA1766656F36A4BDDCCAF0893BA661A1E7952ED0CC9FD481640C27E1513322DA51E6CF68B2659BFED70ACA5F3D45188E2DCE57C05479C7564EB1573D3A039E815105E5BED13E0810D70E388766005C2DE1ADA9855EB53BF83EFABFCB67D8BDC4156C639A547EBDCB3EB980DCD81A44255F1EFCEAE2367482CD7AC7C7B68CA9536B6548F5323C1F46C9ADB084274D82387B7005D7D964CF53F4FCD2EF3337466DEB47BF46DA8501BCDAC4579FE0512B1D6C2AFDF933E9C6B89B25CCD5066B103D59FF1CB96DD4E427520CC06DEE74325885FD48E20E6DA45009CFD337511AF8081C2BC4341306DB2F2BFEB6912F7176D07161162D1BF8B603B0500EDAE3985D29BE88F3F94E98F91A73BA3CCAD9F35EBF6F95F179DA44AD4255AE983FBF8A8BD9458ED7D3AC7E410735FF90ECB32029C5A7D562A33C295F6262E6E91AA15444B971D565A6F90CD898E700B4EE15FE1ADABD3EA6EB7EE3B1B
+20210524223936 2 6 100 3071 2 C6D582E2863DD842704EDE65181452A2A54FD6112537B792F2AF066D30656086948D10BD502D46881AA1766656F36A4BDDCCAF0893BA661A1E7952ED0CC9FD481640C27E1513322DA51E6CF68B2659BFED70ACA5F3D45188E2DCE57C05479C7564EB1573D3A039E815105E5BED13E0810D70E388766005C2DE1ADA9855EB53BF83EFABFCB67D8BDC4156C639A547EBDCB3EB980DCD81A44255F1EFCEAE2367482CD7AC7C7B68CA9536B6548F5323C1F46C9ADB084274D82387B7005D7D964CF53F4FCD2EF3337466DEB47BF46DA8501BCDAC4579FE0512B1D6C2AFDF933E9C6B89B25CCD5066B103D59FF1CB96DD4E427520CC06DEE74325885FD48E20E6DA45009CFD337511AF8081C2BC4341306DB2F2BFEB6912F7176D07161162D1BF8B603B0500EDAE3985D29BE88F3F94E98F91A73BA3CCAD9F35EBF6F95F179DA44AD4255AE983FBF8A8BD9458ED7D3AC7E410735FF90ECB32029C5A7D562A33C295F6262E6E91AA15444B971D565A6F90CD898E700B4EE15FE1ADABD3EA6EB8AE2333
+20210524224015 2 6 100 3071 2 C6D582E2863DD842704EDE65181452A2A54FD6112537B792F2AF066D30656086948D10BD502D46881AA1766656F36A4BDDCCAF0893BA661A1E7952ED0CC9FD481640C27E1513322DA51E6CF68B2659BFED70ACA5F3D45188E2DCE57C05479C7564EB1573D3A039E815105E5BED13E0810D70E388766005C2DE1ADA9855EB53BF83EFABFCB67D8BDC4156C639A547EBDCB3EB980DCD81A44255F1EFCEAE2367482CD7AC7C7B68CA9536B6548F5323C1F46C9ADB084274D82387B7005D7D964CF53F4FCD2EF3337466DEB47BF46DA8501BCDAC4579FE0512B1D6C2AFDF933E9C6B89B25CCD5066B103D59FF1CB96DD4E427520CC06DEE74325885FD48E20E6DA45009CFD337511AF8081C2BC4341306DB2F2BFEB6912F7176D07161162D1BF8B603B0500EDAE3985D29BE88F3F94E98F91A73BA3CCAD9F35EBF6F95F179DA44AD4255AE983FBF8A8BD9458ED7D3AC7E410735FF90ECB32029C5A7D562A33C295F6262E6E91AA15444B971D565A6F90CD898E700B4EE15FE1ADABD3EA6EB93EC75B
+20210524224018 2 6 100 3071 5 C6D582E2863DD842704EDE65181452A2A54FD6112537B792F2AF066D30656086948D10BD502D46881AA1766656F36A4BDDCCAF0893BA661A1E7952ED0CC9FD481640C27E1513322DA51E6CF68B2659BFED70ACA5F3D45188E2DCE57C05479C7564EB1573D3A039E815105E5BED13E0810D70E388766005C2DE1ADA9855EB53BF83EFABFCB67D8BDC4156C639A547EBDCB3EB980DCD81A44255F1EFCEAE2367482CD7AC7C7B68CA9536B6548F5323C1F46C9ADB084274D82387B7005D7D964CF53F4FCD2EF3337466DEB47BF46DA8501BCDAC4579FE0512B1D6C2AFDF933E9C6B89B25CCD5066B103D59FF1CB96DD4E427520CC06DEE74325885FD48E20E6DA45009CFD337511AF8081C2BC4341306DB2F2BFEB6912F7176D07161162D1BF8B603B0500EDAE3985D29BE88F3F94E98F91A73BA3CCAD9F35EBF6F95F179DA44AD4255AE983FBF8A8BD9458ED7D3AC7E410735FF90ECB32029C5A7D562A33C295F6262E6E91AA15444B971D565A6F90CD898E700B4EE15FE1ADABD3EA6EB944D10F
+20210524224136 2 6 100 3071 5 C6D582E2863DD842704EDE65181452A2A54FD6112537B792F2AF066D30656086948D10BD502D46881AA1766656F36A4BDDCCAF0893BA661A1E7952ED0CC9FD481640C27E1513322DA51E6CF68B2659BFED70ACA5F3D45188E2DCE57C05479C7564EB1573D3A039E815105E5BED13E0810D70E388766005C2DE1ADA9855EB53BF83EFABFCB67D8BDC4156C639A547EBDCB3EB980DCD81A44255F1EFCEAE2367482CD7AC7C7B68CA9536B6548F5323C1F46C9ADB084274D82387B7005D7D964CF53F4FCD2EF3337466DEB47BF46DA8501BCDAC4579FE0512B1D6C2AFDF933E9C6B89B25CCD5066B103D59FF1CB96DD4E427520CC06DEE74325885FD48E20E6DA45009CFD337511AF8081C2BC4341306DB2F2BFEB6912F7176D07161162D1BF8B603B0500EDAE3985D29BE88F3F94E98F91A73BA3CCAD9F35EBF6F95F179DA44AD4255AE983FBF8A8BD9458ED7D3AC7E410735FF90ECB32029C5A7D562A33C295F6262E6E91AA15444B971D565A6F90CD898E700B4EE15FE1ADABD3EA6EBA7C4FC7
+20210524224213 2 6 100 3071 5 C6D582E2863DD842704EDE65181452A2A54FD6112537B792F2AF066D30656086948D10BD502D46881AA1766656F36A4BDDCCAF0893BA661A1E7952ED0CC9FD481640C27E1513322DA51E6CF68B2659BFED70ACA5F3D45188E2DCE57C05479C7564EB1573D3A039E815105E5BED13E0810D70E388766005C2DE1ADA9855EB53BF83EFABFCB67D8BDC4156C639A547EBDCB3EB980DCD81A44255F1EFCEAE2367482CD7AC7C7B68CA9536B6548F5323C1F46C9ADB084274D82387B7005D7D964CF53F4FCD2EF3337466DEB47BF46DA8501BCDAC4579FE0512B1D6C2AFDF933E9C6B89B25CCD5066B103D59FF1CB96DD4E427520CC06DEE74325885FD48E20E6DA45009CFD337511AF8081C2BC4341306DB2F2BFEB6912F7176D07161162D1BF8B603B0500EDAE3985D29BE88F3F94E98F91A73BA3CCAD9F35EBF6F95F179DA44AD4255AE983FBF8A8BD9458ED7D3AC7E410735FF90ECB32029C5A7D562A33C295F6262E6E91AA15444B971D565A6F90CD898E700B4EE15FE1ADABD3EA6EBB023E7F
+20210524224228 2 6 100 3071 5 C6D582E2863DD842704EDE65181452A2A54FD6112537B792F2AF066D30656086948D10BD502D46881AA1766656F36A4BDDCCAF0893BA661A1E7952ED0CC9FD481640C27E1513322DA51E6CF68B2659BFED70ACA5F3D45188E2DCE57C05479C7564EB1573D3A039E815105E5BED13E0810D70E388766005C2DE1ADA9855EB53BF83EFABFCB67D8BDC4156C639A547EBDCB3EB980DCD81A44255F1EFCEAE2367482CD7AC7C7B68CA9536B6548F5323C1F46C9ADB084274D82387B7005D7D964CF53F4FCD2EF3337466DEB47BF46DA8501BCDAC4579FE0512B1D6C2AFDF933E9C6B89B25CCD5066B103D59FF1CB96DD4E427520CC06DEE74325885FD48E20E6DA45009CFD337511AF8081C2BC4341306DB2F2BFEB6912F7176D07161162D1BF8B603B0500EDAE3985D29BE88F3F94E98F91A73BA3CCAD9F35EBF6F95F179DA44AD4255AE983FBF8A8BD9458ED7D3AC7E410735FF90ECB32029C5A7D562A33C295F6262E6E91AA15444B971D565A6F90CD898E700B4EE15FE1ADABD3EA6EBB36560F
+20210524224236 2 6 100 3071 2 C6D582E2863DD842704EDE65181452A2A54FD6112537B792F2AF066D30656086948D10BD502D46881AA1766656F36A4BDDCCAF0893BA661A1E7952ED0CC9FD481640C27E1513322DA51E6CF68B2659BFED70ACA5F3D45188E2DCE57C05479C7564EB1573D3A039E815105E5BED13E0810D70E388766005C2DE1ADA9855EB53BF83EFABFCB67D8BDC4156C639A547EBDCB3EB980DCD81A44255F1EFCEAE2367482CD7AC7C7B68CA9536B6548F5323C1F46C9ADB084274D82387B7005D7D964CF53F4FCD2EF3337466DEB47BF46DA8501BCDAC4579FE0512B1D6C2AFDF933E9C6B89B25CCD5066B103D59FF1CB96DD4E427520CC06DEE74325885FD48E20E6DA45009CFD337511AF8081C2BC4341306DB2F2BFEB6912F7176D07161162D1BF8B603B0500EDAE3985D29BE88F3F94E98F91A73BA3CCAD9F35EBF6F95F179DA44AD4255AE983FBF8A8BD9458ED7D3AC7E410735FF90ECB32029C5A7D562A33C295F6262E6E91AA15444B971D565A6F90CD898E700B4EE15FE1ADABD3EA6EBB4F6853
+20210524224323 2 6 100 3071 2 C6D582E2863DD842704EDE65181452A2A54FD6112537B792F2AF066D30656086948D10BD502D46881AA1766656F36A4BDDCCAF0893BA661A1E7952ED0CC9FD481640C27E1513322DA51E6CF68B2659BFED70ACA5F3D45188E2DCE57C05479C7564EB1573D3A039E815105E5BED13E0810D70E388766005C2DE1ADA9855EB53BF83EFABFCB67D8BDC4156C639A547EBDCB3EB980DCD81A44255F1EFCEAE2367482CD7AC7C7B68CA9536B6548F5323C1F46C9ADB084274D82387B7005D7D964CF53F4FCD2EF3337466DEB47BF46DA8501BCDAC4579FE0512B1D6C2AFDF933E9C6B89B25CCD5066B103D59FF1CB96DD4E427520CC06DEE74325885FD48E20E6DA45009CFD337511AF8081C2BC4341306DB2F2BFEB6912F7176D07161162D1BF8B603B0500EDAE3985D29BE88F3F94E98F91A73BA3CCAD9F35EBF6F95F179DA44AD4255AE983FBF8A8BD9458ED7D3AC7E410735FF90ECB32029C5A7D562A33C295F6262E6E91AA15444B971D565A6F90CD898E700B4EE15FE1ADABD3EA6EBC0F75BB
+20210524224346 2 6 100 3071 2 C6D582E2863DD842704EDE65181452A2A54FD6112537B792F2AF066D30656086948D10BD502D46881AA1766656F36A4BDDCCAF0893BA661A1E7952ED0CC9FD481640C27E1513322DA51E6CF68B2659BFED70ACA5F3D45188E2DCE57C05479C7564EB1573D3A039E815105E5BED13E0810D70E388766005C2DE1ADA9855EB53BF83EFABFCB67D8BDC4156C639A547EBDCB3EB980DCD81A44255F1EFCEAE2367482CD7AC7C7B68CA9536B6548F5323C1F46C9ADB084274D82387B7005D7D964CF53F4FCD2EF3337466DEB47BF46DA8501BCDAC4579FE0512B1D6C2AFDF933E9C6B89B25CCD5066B103D59FF1CB96DD4E427520CC06DEE74325885FD48E20E6DA45009CFD337511AF8081C2BC4341306DB2F2BFEB6912F7176D07161162D1BF8B603B0500EDAE3985D29BE88F3F94E98F91A73BA3CCAD9F35EBF6F95F179DA44AD4255AE983FBF8A8BD9458ED7D3AC7E410735FF90ECB32029C5A7D562A33C295F6262E6E91AA15444B971D565A6F90CD898E700B4EE15FE1ADABD3EA6EBC62CB7B
+20210524224413 2 6 100 3071 2 C6D582E2863DD842704EDE65181452A2A54FD6112537B792F2AF066D30656086948D10BD502D46881AA1766656F36A4BDDCCAF0893BA661A1E7952ED0CC9FD481640C27E1513322DA51E6CF68B2659BFED70ACA5F3D45188E2DCE57C05479C7564EB1573D3A039E815105E5BED13E0810D70E388766005C2DE1ADA9855EB53BF83EFABFCB67D8BDC4156C639A547EBDCB3EB980DCD81A44255F1EFCEAE2367482CD7AC7C7B68CA9536B6548F5323C1F46C9ADB084274D82387B7005D7D964CF53F4FCD2EF3337466DEB47BF46DA8501BCDAC4579FE0512B1D6C2AFDF933E9C6B89B25CCD5066B103D59FF1CB96DD4E427520CC06DEE74325885FD48E20E6DA45009CFD337511AF8081C2BC4341306DB2F2BFEB6912F7176D07161162D1BF8B603B0500EDAE3985D29BE88F3F94E98F91A73BA3CCAD9F35EBF6F95F179DA44AD4255AE983FBF8A8BD9458ED7D3AC7E410735FF90ECB32029C5A7D562A33C295F6262E6E91AA15444B971D565A6F90CD898E700B4EE15FE1ADABD3EA6EBCC9AD0B
+20210524224441 2 6 100 3071 5 C6D582E2863DD842704EDE65181452A2A54FD6112537B792F2AF066D30656086948D10BD502D46881AA1766656F36A4BDDCCAF0893BA661A1E7952ED0CC9FD481640C27E1513322DA51E6CF68B2659BFED70ACA5F3D45188E2DCE57C05479C7564EB1573D3A039E815105E5BED13E0810D70E388766005C2DE1ADA9855EB53BF83EFABFCB67D8BDC4156C639A547EBDCB3EB980DCD81A44255F1EFCEAE2367482CD7AC7C7B68CA9536B6548F5323C1F46C9ADB084274D82387B7005D7D964CF53F4FCD2EF3337466DEB47BF46DA8501BCDAC4579FE0512B1D6C2AFDF933E9C6B89B25CCD5066B103D59FF1CB96DD4E427520CC06DEE74325885FD48E20E6DA45009CFD337511AF8081C2BC4341306DB2F2BFEB6912F7176D07161162D1BF8B603B0500EDAE3985D29BE88F3F94E98F91A73BA3CCAD9F35EBF6F95F179DA44AD4255AE983FBF8A8BD9458ED7D3AC7E410735FF90ECB32029C5A7D562A33C295F6262E6E91AA15444B971D565A6F90CD898E700B4EE15FE1ADABD3EA6EBD2F9967
+20210524224508 2 6 100 3071 5 C6D582E2863DD842704EDE65181452A2A54FD6112537B792F2AF066D30656086948D10BD502D46881AA1766656F36A4BDDCCAF0893BA661A1E7952ED0CC9FD481640C27E1513322DA51E6CF68B2659BFED70ACA5F3D45188E2DCE57C05479C7564EB1573D3A039E815105E5BED13E0810D70E388766005C2DE1ADA9855EB53BF83EFABFCB67D8BDC4156C639A547EBDCB3EB980DCD81A44255F1EFCEAE2367482CD7AC7C7B68CA9536B6548F5323C1F46C9ADB084274D82387B7005D7D964CF53F4FCD2EF3337466DEB47BF46DA8501BCDAC4579FE0512B1D6C2AFDF933E9C6B89B25CCD5066B103D59FF1CB96DD4E427520CC06DEE74325885FD48E20E6DA45009CFD337511AF8081C2BC4341306DB2F2BFEB6912F7176D07161162D1BF8B603B0500EDAE3985D29BE88F3F94E98F91A73BA3CCAD9F35EBF6F95F179DA44AD4255AE983FBF8A8BD9458ED7D3AC7E410735FF90ECB32029C5A7D562A33C295F6262E6E91AA15444B971D565A6F90CD898E700B4EE15FE1ADABD3EA6EBD92D627
+20210524224722 2 6 100 3071 2 C6D582E2863DD842704EDE65181452A2A54FD6112537B792F2AF066D30656086948D10BD502D46881AA1766656F36A4BDDCCAF0893BA661A1E7952ED0CC9FD481640C27E1513322DA51E6CF68B2659BFED70ACA5F3D45188E2DCE57C05479C7564EB1573D3A039E815105E5BED13E0810D70E388766005C2DE1ADA9855EB53BF83EFABFCB67D8BDC4156C639A547EBDCB3EB980DCD81A44255F1EFCEAE2367482CD7AC7C7B68CA9536B6548F5323C1F46C9ADB084274D82387B7005D7D964CF53F4FCD2EF3337466DEB47BF46DA8501BCDAC4579FE0512B1D6C2AFDF933E9C6B89B25CCD5066B103D59FF1CB96DD4E427520CC06DEE74325885FD48E20E6DA45009CFD337511AF8081C2BC4341306DB2F2BFEB6912F7176D07161162D1BF8B603B0500EDAE3985D29BE88F3F94E98F91A73BA3CCAD9F35EBF6F95F179DA44AD4255AE983FBF8A8BD9458ED7D3AC7E410735FF90ECB32029C5A7D562A33C295F6262E6E91AA15444B971D565A6F90CD898E700B4EE15FE1ADABD3EA6EBF92432B
+20210524224733 2 6 100 3071 5 C6D582E2863DD842704EDE65181452A2A54FD6112537B792F2AF066D30656086948D10BD502D46881AA1766656F36A4BDDCCAF0893BA661A1E7952ED0CC9FD481640C27E1513322DA51E6CF68B2659BFED70ACA5F3D45188E2DCE57C05479C7564EB1573D3A039E815105E5BED13E0810D70E388766005C2DE1ADA9855EB53BF83EFABFCB67D8BDC4156C639A547EBDCB3EB980DCD81A44255F1EFCEAE2367482CD7AC7C7B68CA9536B6548F5323C1F46C9ADB084274D82387B7005D7D964CF53F4FCD2EF3337466DEB47BF46DA8501BCDAC4579FE0512B1D6C2AFDF933E9C6B89B25CCD5066B103D59FF1CB96DD4E427520CC06DEE74325885FD48E20E6DA45009CFD337511AF8081C2BC4341306DB2F2BFEB6912F7176D07161162D1BF8B603B0500EDAE3985D29BE88F3F94E98F91A73BA3CCAD9F35EBF6F95F179DA44AD4255AE983FBF8A8BD9458ED7D3AC7E410735FF90ECB32029C5A7D562A33C295F6262E6E91AA15444B971D565A6F90CD898E700B4EE15FE1ADABD3EA6EBFB7A837
+20210524224832 2 6 100 3071 5 C6D582E2863DD842704EDE65181452A2A54FD6112537B792F2AF066D30656086948D10BD502D46881AA1766656F36A4BDDCCAF0893BA661A1E7952ED0CC9FD481640C27E1513322DA51E6CF68B2659BFED70ACA5F3D45188E2DCE57C05479C7564EB1573D3A039E815105E5BED13E0810D70E388766005C2DE1ADA9855EB53BF83EFABFCB67D8BDC4156C639A547EBDCB3EB980DCD81A44255F1EFCEAE2367482CD7AC7C7B68CA9536B6548F5323C1F46C9ADB084274D82387B7005D7D964CF53F4FCD2EF3337466DEB47BF46DA8501BCDAC4579FE0512B1D6C2AFDF933E9C6B89B25CCD5066B103D59FF1CB96DD4E427520CC06DEE74325885FD48E20E6DA45009CFD337511AF8081C2BC4341306DB2F2BFEB6912F7176D07161162D1BF8B603B0500EDAE3985D29BE88F3F94E98F91A73BA3CCAD9F35EBF6F95F179DA44AD4255AE983FBF8A8BD9458ED7D3AC7E410735FF90ECB32029C5A7D562A33C295F6262E6E91AA15444B971D565A6F90CD898E700B4EE15FE1ADABD3EA6EC09EA30F
+20210524224841 2 6 100 3071 2 C6D582E2863DD842704EDE65181452A2A54FD6112537B792F2AF066D30656086948D10BD502D46881AA1766656F36A4BDDCCAF0893BA661A1E7952ED0CC9FD481640C27E1513322DA51E6CF68B2659BFED70ACA5F3D45188E2DCE57C05479C7564EB1573D3A039E815105E5BED13E0810D70E388766005C2DE1ADA9855EB53BF83EFABFCB67D8BDC4156C639A547EBDCB3EB980DCD81A44255F1EFCEAE2367482CD7AC7C7B68CA9536B6548F5323C1F46C9ADB084274D82387B7005D7D964CF53F4FCD2EF3337466DEB47BF46DA8501BCDAC4579FE0512B1D6C2AFDF933E9C6B89B25CCD5066B103D59FF1CB96DD4E427520CC06DEE74325885FD48E20E6DA45009CFD337511AF8081C2BC4341306DB2F2BFEB6912F7176D07161162D1BF8B603B0500EDAE3985D29BE88F3F94E98F91A73BA3CCAD9F35EBF6F95F179DA44AD4255AE983FBF8A8BD9458ED7D3AC7E410735FF90ECB32029C5A7D562A33C295F6262E6E91AA15444B971D565A6F90CD898E700B4EE15FE1ADABD3EA6EC0B86AD3
+20210524224843 2 6 100 3071 5 C6D582E2863DD842704EDE65181452A2A54FD6112537B792F2AF066D30656086948D10BD502D46881AA1766656F36A4BDDCCAF0893BA661A1E7952ED0CC9FD481640C27E1513322DA51E6CF68B2659BFED70ACA5F3D45188E2DCE57C05479C7564EB1573D3A039E815105E5BED13E0810D70E388766005C2DE1ADA9855EB53BF83EFABFCB67D8BDC4156C639A547EBDCB3EB980DCD81A44255F1EFCEAE2367482CD7AC7C7B68CA9536B6548F5323C1F46C9ADB084274D82387B7005D7D964CF53F4FCD2EF3337466DEB47BF46DA8501BCDAC4579FE0512B1D6C2AFDF933E9C6B89B25CCD5066B103D59FF1CB96DD4E427520CC06DEE74325885FD48E20E6DA45009CFD337511AF8081C2BC4341306DB2F2BFEB6912F7176D07161162D1BF8B603B0500EDAE3985D29BE88F3F94E98F91A73BA3CCAD9F35EBF6F95F179DA44AD4255AE983FBF8A8BD9458ED7D3AC7E410735FF90ECB32029C5A7D562A33C295F6262E6E91AA15444B971D565A6F90CD898E700B4EE15FE1ADABD3EA6EC0B88DBF
+20210524225050 2 6 100 3071 2 C6D582E2863DD842704EDE65181452A2A54FD6112537B792F2AF066D30656086948D10BD502D46881AA1766656F36A4BDDCCAF0893BA661A1E7952ED0CC9FD481640C27E1513322DA51E6CF68B2659BFED70ACA5F3D45188E2DCE57C05479C7564EB1573D3A039E815105E5BED13E0810D70E388766005C2DE1ADA9855EB53BF83EFABFCB67D8BDC4156C639A547EBDCB3EB980DCD81A44255F1EFCEAE2367482CD7AC7C7B68CA9536B6548F5323C1F46C9ADB084274D82387B7005D7D964CF53F4FCD2EF3337466DEB47BF46DA8501BCDAC4579FE0512B1D6C2AFDF933E9C6B89B25CCD5066B103D59FF1CB96DD4E427520CC06DEE74325885FD48E20E6DA45009CFD337511AF8081C2BC4341306DB2F2BFEB6912F7176D07161162D1BF8B603B0500EDAE3985D29BE88F3F94E98F91A73BA3CCAD9F35EBF6F95F179DA44AD4255AE983FBF8A8BD9458ED7D3AC7E410735FF90ECB32029C5A7D562A33C295F6262E6E91AA15444B971D565A6F90CD898E700B4EE15FE1ADABD3EA6EC2C17DEB
+20210524225054 2 6 100 3071 2 C6D582E2863DD842704EDE65181452A2A54FD6112537B792F2AF066D30656086948D10BD502D46881AA1766656F36A4BDDCCAF0893BA661A1E7952ED0CC9FD481640C27E1513322DA51E6CF68B2659BFED70ACA5F3D45188E2DCE57C05479C7564EB1573D3A039E815105E5BED13E0810D70E388766005C2DE1ADA9855EB53BF83EFABFCB67D8BDC4156C639A547EBDCB3EB980DCD81A44255F1EFCEAE2367482CD7AC7C7B68CA9536B6548F5323C1F46C9ADB084274D82387B7005D7D964CF53F4FCD2EF3337466DEB47BF46DA8501BCDAC4579FE0512B1D6C2AFDF933E9C6B89B25CCD5066B103D59FF1CB96DD4E427520CC06DEE74325885FD48E20E6DA45009CFD337511AF8081C2BC4341306DB2F2BFEB6912F7176D07161162D1BF8B603B0500EDAE3985D29BE88F3F94E98F91A73BA3CCAD9F35EBF6F95F179DA44AD4255AE983FBF8A8BD9458ED7D3AC7E410735FF90ECB32029C5A7D562A33C295F6262E6E91AA15444B971D565A6F90CD898E700B4EE15FE1ADABD3EA6EC2C967DB
+20210524225112 2 6 100 3071 2 C6D582E2863DD842704EDE65181452A2A54FD6112537B792F2AF066D30656086948D10BD502D46881AA1766656F36A4BDDCCAF0893BA661A1E7952ED0CC9FD481640C27E1513322DA51E6CF68B2659BFED70ACA5F3D45188E2DCE57C05479C7564EB1573D3A039E815105E5BED13E0810D70E388766005C2DE1ADA9855EB53BF83EFABFCB67D8BDC4156C639A547EBDCB3EB980DCD81A44255F1EFCEAE2367482CD7AC7C7B68CA9536B6548F5323C1F46C9ADB084274D82387B7005D7D964CF53F4FCD2EF3337466DEB47BF46DA8501BCDAC4579FE0512B1D6C2AFDF933E9C6B89B25CCD5066B103D59FF1CB96DD4E427520CC06DEE74325885FD48E20E6DA45009CFD337511AF8081C2BC4341306DB2F2BFEB6912F7176D07161162D1BF8B603B0500EDAE3985D29BE88F3F94E98F91A73BA3CCAD9F35EBF6F95F179DA44AD4255AE983FBF8A8BD9458ED7D3AC7E410735FF90ECB32029C5A7D562A33C295F6262E6E91AA15444B971D565A6F90CD898E700B4EE15FE1ADABD3EA6EC30CDA43
+20210524225123 2 6 100 3071 5 C6D582E2863DD842704EDE65181452A2A54FD6112537B792F2AF066D30656086948D10BD502D46881AA1766656F36A4BDDCCAF0893BA661A1E7952ED0CC9FD481640C27E1513322DA51E6CF68B2659BFED70ACA5F3D45188E2DCE57C05479C7564EB1573D3A039E815105E5BED13E0810D70E388766005C2DE1ADA9855EB53BF83EFABFCB67D8BDC4156C639A547EBDCB3EB980DCD81A44255F1EFCEAE2367482CD7AC7C7B68CA9536B6548F5323C1F46C9ADB084274D82387B7005D7D964CF53F4FCD2EF3337466DEB47BF46DA8501BCDAC4579FE0512B1D6C2AFDF933E9C6B89B25CCD5066B103D59FF1CB96DD4E427520CC06DEE74325885FD48E20E6DA45009CFD337511AF8081C2BC4341306DB2F2BFEB6912F7176D07161162D1BF8B603B0500EDAE3985D29BE88F3F94E98F91A73BA3CCAD9F35EBF6F95F179DA44AD4255AE983FBF8A8BD9458ED7D3AC7E410735FF90ECB32029C5A7D562A33C295F6262E6E91AA15444B971D565A6F90CD898E700B4EE15FE1ADABD3EA6EC3311D0F
+20210524225247 2 6 100 3071 2 C6D582E2863DD842704EDE65181452A2A54FD6112537B792F2AF066D30656086948D10BD502D46881AA1766656F36A4BDDCCAF0893BA661A1E7952ED0CC9FD481640C27E1513322DA51E6CF68B2659BFED70ACA5F3D45188E2DCE57C05479C7564EB1573D3A039E815105E5BED13E0810D70E388766005C2DE1ADA9855EB53BF83EFABFCB67D8BDC4156C639A547EBDCB3EB980DCD81A44255F1EFCEAE2367482CD7AC7C7B68CA9536B6548F5323C1F46C9ADB084274D82387B7005D7D964CF53F4FCD2EF3337466DEB47BF46DA8501BCDAC4579FE0512B1D6C2AFDF933E9C6B89B25CCD5066B103D59FF1CB96DD4E427520CC06DEE74325885FD48E20E6DA45009CFD337511AF8081C2BC4341306DB2F2BFEB6912F7176D07161162D1BF8B603B0500EDAE3985D29BE88F3F94E98F91A73BA3CCAD9F35EBF6F95F179DA44AD4255AE983FBF8A8BD9458ED7D3AC7E410735FF90ECB32029C5A7D562A33C295F6262E6E91AA15444B971D565A6F90CD898E700B4EE15FE1ADABD3EA6EC4813D2B
+20210524225254 2 6 100 3071 2 C6D582E2863DD842704EDE65181452A2A54FD6112537B792F2AF066D30656086948D10BD502D46881AA1766656F36A4BDDCCAF0893BA661A1E7952ED0CC9FD481640C27E1513322DA51E6CF68B2659BFED70ACA5F3D45188E2DCE57C05479C7564EB1573D3A039E815105E5BED13E0810D70E388766005C2DE1ADA9855EB53BF83EFABFCB67D8BDC4156C639A547EBDCB3EB980DCD81A44255F1EFCEAE2367482CD7AC7C7B68CA9536B6548F5323C1F46C9ADB084274D82387B7005D7D964CF53F4FCD2EF3337466DEB47BF46DA8501BCDAC4579FE0512B1D6C2AFDF933E9C6B89B25CCD5066B103D59FF1CB96DD4E427520CC06DEE74325885FD48E20E6DA45009CFD337511AF8081C2BC4341306DB2F2BFEB6912F7176D07161162D1BF8B603B0500EDAE3985D29BE88F3F94E98F91A73BA3CCAD9F35EBF6F95F179DA44AD4255AE983FBF8A8BD9458ED7D3AC7E410735FF90ECB32029C5A7D562A33C295F6262E6E91AA15444B971D565A6F90CD898E700B4EE15FE1ADABD3EA6EC4923E73
+20210524225346 2 6 100 3071 5 C6D582E2863DD842704EDE65181452A2A54FD6112537B792F2AF066D30656086948D10BD502D46881AA1766656F36A4BDDCCAF0893BA661A1E7952ED0CC9FD481640C27E1513322DA51E6CF68B2659BFED70ACA5F3D45188E2DCE57C05479C7564EB1573D3A039E815105E5BED13E0810D70E388766005C2DE1ADA9855EB53BF83EFABFCB67D8BDC4156C639A547EBDCB3EB980DCD81A44255F1EFCEAE2367482CD7AC7C7B68CA9536B6548F5323C1F46C9ADB084274D82387B7005D7D964CF53F4FCD2EF3337466DEB47BF46DA8501BCDAC4579FE0512B1D6C2AFDF933E9C6B89B25CCD5066B103D59FF1CB96DD4E427520CC06DEE74325885FD48E20E6DA45009CFD337511AF8081C2BC4341306DB2F2BFEB6912F7176D07161162D1BF8B603B0500EDAE3985D29BE88F3F94E98F91A73BA3CCAD9F35EBF6F95F179DA44AD4255AE983FBF8A8BD9458ED7D3AC7E410735FF90ECB32029C5A7D562A33C295F6262E6E91AA15444B971D565A6F90CD898E700B4EE15FE1ADABD3EA6EC562D397
+20210524230435 2 6 100 4095 2 DF313B012B87BCB41D4138171AA4A3ACBBCE90E58F3142966241384A0C0FFB78A3AAF92DFD19BAEF944D6323266A2BF7DAD5B917587B37D446A09EC84E519C10C981F1F59D7BF098A174589ACE1272D2BEDBC6703AE8F728E2EEC81F0C8F5E3E77991C632A664FAB45A584FD7A34133DB362EC04B2EFC6EC3F6C609C3ECEFB6223BA4CF06792D3A623F8FA4E1C78603B22B8AF856C8435AA6B25EEEB5C90F24572236182A79EE6A31331B4A78F1EFDE526AE53EA6C30F93DC2AEB3790E8AA728CE26D13080F84CC81ABB03E8E8E653368825D488461676BACF9BAAEDDA84A2E0E3524F407DD717A1DEC0D46C8FCF63F6F8952BCF1B19C03425F5AAB759ECD3C1E943756694A0F32CB0F765FB5EE410AFA6BAA30B0C96F4E65C76741BD067048DFF657B4C7C43336F200951448F3348AD241D9EBA14EE8CD8C023EF049835B6F6A6A4BA8B45CFF29C5252521494750C51972D2D448E357EA1B5A7230DCEFE9F2404E1D1C857E2DBFA18ABEA6369D958870D5657E3C6465748E2E10F851F9301B26F0A4AEF77F134C52A9391F7C92783FD7A2E378B5CE9F6D0ADA2B1EADC9BC9959E30E3821B2473DC1E2F3529DAE96B9E09BB0BC7806F41D7F39CEC690DB9F3DCCDFD92FA5DBF29FA26E5F55D87ED627E7788120A76ADDF2F2F28323F0950E1D9EAAC4270A6D66269978BB7382055BE7C36CE63446899C7ADF725F375A8B66EEB
+20210524230743 2 6 100 4095 5 DF313B012B87BCB41D4138171AA4A3ACBBCE90E58F3142966241384A0C0FFB78A3AAF92DFD19BAEF944D6323266A2BF7DAD5B917587B37D446A09EC84E519C10C981F1F59D7BF098A174589ACE1272D2BEDBC6703AE8F728E2EEC81F0C8F5E3E77991C632A664FAB45A584FD7A34133DB362EC04B2EFC6EC3F6C609C3ECEFB6223BA4CF06792D3A623F8FA4E1C78603B22B8AF856C8435AA6B25EEEB5C90F24572236182A79EE6A31331B4A78F1EFDE526AE53EA6C30F93DC2AEB3790E8AA728CE26D13080F84CC81ABB03E8E8E653368825D488461676BACF9BAAEDDA84A2E0E3524F407DD717A1DEC0D46C8FCF63F6F8952BCF1B19C03425F5AAB759ECD3C1E943756694A0F32CB0F765FB5EE410AFA6BAA30B0C96F4E65C76741BD067048DFF657B4C7C43336F200951448F3348AD241D9EBA14EE8CD8C023EF049835B6F6A6A4BA8B45CFF29C5252521494750C51972D2D448E357EA1B5A7230DCEFE9F2404E1D1C857E2DBFA18ABEA6369D958870D5657E3C6465748E2E10F851F9301B26F0A4AEF77F134C52A9391F7C92783FD7A2E378B5CE9F6D0ADA2B1EADC9BC9959E30E3821B2473DC1E2F3529DAE96B9E09BB0BC7806F41D7F39CEC690DB9F3DCCDFD92FA5DBF29FA26E5F55D87ED627E7788120A76ADDF2F2F28323F0950E1D9EAAC4270A6D66269978BB7382055BE7C36CE63446899C7ADF725F375AA1B04D7
+20210524231138 2 6 100 4095 2 DF313B012B87BCB41D4138171AA4A3ACBBCE90E58F3142966241384A0C0FFB78A3AAF92DFD19BAEF944D6323266A2BF7DAD5B917587B37D446A09EC84E519C10C981F1F59D7BF098A174589ACE1272D2BEDBC6703AE8F728E2EEC81F0C8F5E3E77991C632A664FAB45A584FD7A34133DB362EC04B2EFC6EC3F6C609C3ECEFB6223BA4CF06792D3A623F8FA4E1C78603B22B8AF856C8435AA6B25EEEB5C90F24572236182A79EE6A31331B4A78F1EFDE526AE53EA6C30F93DC2AEB3790E8AA728CE26D13080F84CC81ABB03E8E8E653368825D488461676BACF9BAAEDDA84A2E0E3524F407DD717A1DEC0D46C8FCF63F6F8952BCF1B19C03425F5AAB759ECD3C1E943756694A0F32CB0F765FB5EE410AFA6BAA30B0C96F4E65C76741BD067048DFF657B4C7C43336F200951448F3348AD241D9EBA14EE8CD8C023EF049835B6F6A6A4BA8B45CFF29C5252521494750C51972D2D448E357EA1B5A7230DCEFE9F2404E1D1C857E2DBFA18ABEA6369D958870D5657E3C6465748E2E10F851F9301B26F0A4AEF77F134C52A9391F7C92783FD7A2E378B5CE9F6D0ADA2B1EADC9BC9959E30E3821B2473DC1E2F3529DAE96B9E09BB0BC7806F41D7F39CEC690DB9F3DCCDFD92FA5DBF29FA26E5F55D87ED627E7788120A76ADDF2F2F28323F0950E1D9EAAC4270A6D66269978BB7382055BE7C36CE63446899C7ADF725F375ABDA60AB
+20210524231337 2 6 100 4095 2 DF313B012B87BCB41D4138171AA4A3ACBBCE90E58F3142966241384A0C0FFB78A3AAF92DFD19BAEF944D6323266A2BF7DAD5B917587B37D446A09EC84E519C10C981F1F59D7BF098A174589ACE1272D2BEDBC6703AE8F728E2EEC81F0C8F5E3E77991C632A664FAB45A584FD7A34133DB362EC04B2EFC6EC3F6C609C3ECEFB6223BA4CF06792D3A623F8FA4E1C78603B22B8AF856C8435AA6B25EEEB5C90F24572236182A79EE6A31331B4A78F1EFDE526AE53EA6C30F93DC2AEB3790E8AA728CE26D13080F84CC81ABB03E8E8E653368825D488461676BACF9BAAEDDA84A2E0E3524F407DD717A1DEC0D46C8FCF63F6F8952BCF1B19C03425F5AAB759ECD3C1E943756694A0F32CB0F765FB5EE410AFA6BAA30B0C96F4E65C76741BD067048DFF657B4C7C43336F200951448F3348AD241D9EBA14EE8CD8C023EF049835B6F6A6A4BA8B45CFF29C5252521494750C51972D2D448E357EA1B5A7230DCEFE9F2404E1D1C857E2DBFA18ABEA6369D958870D5657E3C6465748E2E10F851F9301B26F0A4AEF77F134C52A9391F7C92783FD7A2E378B5CE9F6D0ADA2B1EADC9BC9959E30E3821B2473DC1E2F3529DAE96B9E09BB0BC7806F41D7F39CEC690DB9F3DCCDFD92FA5DBF29FA26E5F55D87ED627E7788120A76ADDF2F2F28323F0950E1D9EAAC4270A6D66269978BB7382055BE7C36CE63446899C7ADF725F375ACBB313B
+20210524231610 2 6 100 4095 2 DF313B012B87BCB41D4138171AA4A3ACBBCE90E58F3142966241384A0C0FFB78A3AAF92DFD19BAEF944D6323266A2BF7DAD5B917587B37D446A09EC84E519C10C981F1F59D7BF098A174589ACE1272D2BEDBC6703AE8F728E2EEC81F0C8F5E3E77991C632A664FAB45A584FD7A34133DB362EC04B2EFC6EC3F6C609C3ECEFB6223BA4CF06792D3A623F8FA4E1C78603B22B8AF856C8435AA6B25EEEB5C90F24572236182A79EE6A31331B4A78F1EFDE526AE53EA6C30F93DC2AEB3790E8AA728CE26D13080F84CC81ABB03E8E8E653368825D488461676BACF9BAAEDDA84A2E0E3524F407DD717A1DEC0D46C8FCF63F6F8952BCF1B19C03425F5AAB759ECD3C1E943756694A0F32CB0F765FB5EE410AFA6BAA30B0C96F4E65C76741BD067048DFF657B4C7C43336F200951448F3348AD241D9EBA14EE8CD8C023EF049835B6F6A6A4BA8B45CFF29C5252521494750C51972D2D448E357EA1B5A7230DCEFE9F2404E1D1C857E2DBFA18ABEA6369D958870D5657E3C6465748E2E10F851F9301B26F0A4AEF77F134C52A9391F7C92783FD7A2E378B5CE9F6D0ADA2B1EADC9BC9959E30E3821B2473DC1E2F3529DAE96B9E09BB0BC7806F41D7F39CEC690DB9F3DCCDFD92FA5DBF29FA26E5F55D87ED627E7788120A76ADDF2F2F28323F0950E1D9EAAC4270A6D66269978BB7382055BE7C36CE63446899C7ADF725F375ADDB3D53
+20210524231810 2 6 100 4095 5 DF313B012B87BCB41D4138171AA4A3ACBBCE90E58F3142966241384A0C0FFB78A3AAF92DFD19BAEF944D6323266A2BF7DAD5B917587B37D446A09EC84E519C10C981F1F59D7BF098A174589ACE1272D2BEDBC6703AE8F728E2EEC81F0C8F5E3E77991C632A664FAB45A584FD7A34133DB362EC04B2EFC6EC3F6C609C3ECEFB6223BA4CF06792D3A623F8FA4E1C78603B22B8AF856C8435AA6B25EEEB5C90F24572236182A79EE6A31331B4A78F1EFDE526AE53EA6C30F93DC2AEB3790E8AA728CE26D13080F84CC81ABB03E8E8E653368825D488461676BACF9BAAEDDA84A2E0E3524F407DD717A1DEC0D46C8FCF63F6F8952BCF1B19C03425F5AAB759ECD3C1E943756694A0F32CB0F765FB5EE410AFA6BAA30B0C96F4E65C76741BD067048DFF657B4C7C43336F200951448F3348AD241D9EBA14EE8CD8C023EF049835B6F6A6A4BA8B45CFF29C5252521494750C51972D2D448E357EA1B5A7230DCEFE9F2404E1D1C857E2DBFA18ABEA6369D958870D5657E3C6465748E2E10F851F9301B26F0A4AEF77F134C52A9391F7C92783FD7A2E378B5CE9F6D0ADA2B1EADC9BC9959E30E3821B2473DC1E2F3529DAE96B9E09BB0BC7806F41D7F39CEC690DB9F3DCCDFD92FA5DBF29FA26E5F55D87ED627E7788120A76ADDF2F2F28323F0950E1D9EAAC4270A6D66269978BB7382055BE7C36CE63446899C7ADF725F375AEB7413F
+20210524231830 2 6 100 4095 2 DF313B012B87BCB41D4138171AA4A3ACBBCE90E58F3142966241384A0C0FFB78A3AAF92DFD19BAEF944D6323266A2BF7DAD5B917587B37D446A09EC84E519C10C981F1F59D7BF098A174589ACE1272D2BEDBC6703AE8F728E2EEC81F0C8F5E3E77991C632A664FAB45A584FD7A34133DB362EC04B2EFC6EC3F6C609C3ECEFB6223BA4CF06792D3A623F8FA4E1C78603B22B8AF856C8435AA6B25EEEB5C90F24572236182A79EE6A31331B4A78F1EFDE526AE53EA6C30F93DC2AEB3790E8AA728CE26D13080F84CC81ABB03E8E8E653368825D488461676BACF9BAAEDDA84A2E0E3524F407DD717A1DEC0D46C8FCF63F6F8952BCF1B19C03425F5AAB759ECD3C1E943756694A0F32CB0F765FB5EE410AFA6BAA30B0C96F4E65C76741BD067048DFF657B4C7C43336F200951448F3348AD241D9EBA14EE8CD8C023EF049835B6F6A6A4BA8B45CFF29C5252521494750C51972D2D448E357EA1B5A7230DCEFE9F2404E1D1C857E2DBFA18ABEA6369D958870D5657E3C6465748E2E10F851F9301B26F0A4AEF77F134C52A9391F7C92783FD7A2E378B5CE9F6D0ADA2B1EADC9BC9959E30E3821B2473DC1E2F3529DAE96B9E09BB0BC7806F41D7F39CEC690DB9F3DCCDFD92FA5DBF29FA26E5F55D87ED627E7788120A76ADDF2F2F28323F0950E1D9EAAC4270A6D66269978BB7382055BE7C36CE63446899C7ADF725F375AED5921B
+20210524231850 2 6 100 4095 5 DF313B012B87BCB41D4138171AA4A3ACBBCE90E58F3142966241384A0C0FFB78A3AAF92DFD19BAEF944D6323266A2BF7DAD5B917587B37D446A09EC84E519C10C981F1F59D7BF098A174589ACE1272D2BEDBC6703AE8F728E2EEC81F0C8F5E3E77991C632A664FAB45A584FD7A34133DB362EC04B2EFC6EC3F6C609C3ECEFB6223BA4CF06792D3A623F8FA4E1C78603B22B8AF856C8435AA6B25EEEB5C90F24572236182A79EE6A31331B4A78F1EFDE526AE53EA6C30F93DC2AEB3790E8AA728CE26D13080F84CC81ABB03E8E8E653368825D488461676BACF9BAAEDDA84A2E0E3524F407DD717A1DEC0D46C8FCF63F6F8952BCF1B19C03425F5AAB759ECD3C1E943756694A0F32CB0F765FB5EE410AFA6BAA30B0C96F4E65C76741BD067048DFF657B4C7C43336F200951448F3348AD241D9EBA14EE8CD8C023EF049835B6F6A6A4BA8B45CFF29C5252521494750C51972D2D448E357EA1B5A7230DCEFE9F2404E1D1C857E2DBFA18ABEA6369D958870D5657E3C6465748E2E10F851F9301B26F0A4AEF77F134C52A9391F7C92783FD7A2E378B5CE9F6D0ADA2B1EADC9BC9959E30E3821B2473DC1E2F3529DAE96B9E09BB0BC7806F41D7F39CEC690DB9F3DCCDFD92FA5DBF29FA26E5F55D87ED627E7788120A76ADDF2F2F28323F0950E1D9EAAC4270A6D66269978BB7382055BE7C36CE63446899C7ADF725F375AEF2A0D7
+20210524232438 2 6 100 4095 5 DF313B012B87BCB41D4138171AA4A3ACBBCE90E58F3142966241384A0C0FFB78A3AAF92DFD19BAEF944D6323266A2BF7DAD5B917587B37D446A09EC84E519C10C981F1F59D7BF098A174589ACE1272D2BEDBC6703AE8F728E2EEC81F0C8F5E3E77991C632A664FAB45A584FD7A34133DB362EC04B2EFC6EC3F6C609C3ECEFB6223BA4CF06792D3A623F8FA4E1C78603B22B8AF856C8435AA6B25EEEB5C90F24572236182A79EE6A31331B4A78F1EFDE526AE53EA6C30F93DC2AEB3790E8AA728CE26D13080F84CC81ABB03E8E8E653368825D488461676BACF9BAAEDDA84A2E0E3524F407DD717A1DEC0D46C8FCF63F6F8952BCF1B19C03425F5AAB759ECD3C1E943756694A0F32CB0F765FB5EE410AFA6BAA30B0C96F4E65C76741BD067048DFF657B4C7C43336F200951448F3348AD241D9EBA14EE8CD8C023EF049835B6F6A6A4BA8B45CFF29C5252521494750C51972D2D448E357EA1B5A7230DCEFE9F2404E1D1C857E2DBFA18ABEA6369D958870D5657E3C6465748E2E10F851F9301B26F0A4AEF77F134C52A9391F7C92783FD7A2E378B5CE9F6D0ADA2B1EADC9BC9959E30E3821B2473DC1E2F3529DAE96B9E09BB0BC7806F41D7F39CEC690DB9F3DCCDFD92FA5DBF29FA26E5F55D87ED627E7788120A76ADDF2F2F28323F0950E1D9EAAC4270A6D66269978BB7382055BE7C36CE63446899C7ADF725F375B19B5B17
+20210524232556 2 6 100 4095 2 DF313B012B87BCB41D4138171AA4A3ACBBCE90E58F3142966241384A0C0FFB78A3AAF92DFD19BAEF944D6323266A2BF7DAD5B917587B37D446A09EC84E519C10C981F1F59D7BF098A174589ACE1272D2BEDBC6703AE8F728E2EEC81F0C8F5E3E77991C632A664FAB45A584FD7A34133DB362EC04B2EFC6EC3F6C609C3ECEFB6223BA4CF06792D3A623F8FA4E1C78603B22B8AF856C8435AA6B25EEEB5C90F24572236182A79EE6A31331B4A78F1EFDE526AE53EA6C30F93DC2AEB3790E8AA728CE26D13080F84CC81ABB03E8E8E653368825D488461676BACF9BAAEDDA84A2E0E3524F407DD717A1DEC0D46C8FCF63F6F8952BCF1B19C03425F5AAB759ECD3C1E943756694A0F32CB0F765FB5EE410AFA6BAA30B0C96F4E65C76741BD067048DFF657B4C7C43336F200951448F3348AD241D9EBA14EE8CD8C023EF049835B6F6A6A4BA8B45CFF29C5252521494750C51972D2D448E357EA1B5A7230DCEFE9F2404E1D1C857E2DBFA18ABEA6369D958870D5657E3C6465748E2E10F851F9301B26F0A4AEF77F134C52A9391F7C92783FD7A2E378B5CE9F6D0ADA2B1EADC9BC9959E30E3821B2473DC1E2F3529DAE96B9E09BB0BC7806F41D7F39CEC690DB9F3DCCDFD92FA5DBF29FA26E5F55D87ED627E7788120A76ADDF2F2F28323F0950E1D9EAAC4270A6D66269978BB7382055BE7C36CE63446899C7ADF725F375B23127DB
+20210524233441 2 6 100 4095 2 DF313B012B87BCB41D4138171AA4A3ACBBCE90E58F3142966241384A0C0FFB78A3AAF92DFD19BAEF944D6323266A2BF7DAD5B917587B37D446A09EC84E519C10C981F1F59D7BF098A174589ACE1272D2BEDBC6703AE8F728E2EEC81F0C8F5E3E77991C632A664FAB45A584FD7A34133DB362EC04B2EFC6EC3F6C609C3ECEFB6223BA4CF06792D3A623F8FA4E1C78603B22B8AF856C8435AA6B25EEEB5C90F24572236182A79EE6A31331B4A78F1EFDE526AE53EA6C30F93DC2AEB3790E8AA728CE26D13080F84CC81ABB03E8E8E653368825D488461676BACF9BAAEDDA84A2E0E3524F407DD717A1DEC0D46C8FCF63F6F8952BCF1B19C03425F5AAB759ECD3C1E943756694A0F32CB0F765FB5EE410AFA6BAA30B0C96F4E65C76741BD067048DFF657B4C7C43336F200951448F3348AD241D9EBA14EE8CD8C023EF049835B6F6A6A4BA8B45CFF29C5252521494750C51972D2D448E357EA1B5A7230DCEFE9F2404E1D1C857E2DBFA18ABEA6369D958870D5657E3C6465748E2E10F851F9301B26F0A4AEF77F134C52A9391F7C92783FD7A2E378B5CE9F6D0ADA2B1EADC9BC9959E30E3821B2473DC1E2F3529DAE96B9E09BB0BC7806F41D7F39CEC690DB9F3DCCDFD92FA5DBF29FA26E5F55D87ED627E7788120A76ADDF2F2F28323F0950E1D9EAAC4270A6D66269978BB7382055BE7C36CE63446899C7ADF725F375B624C5D3
+20210524233915 2 6 100 4095 5 DF313B012B87BCB41D4138171AA4A3ACBBCE90E58F3142966241384A0C0FFB78A3AAF92DFD19BAEF944D6323266A2BF7DAD5B917587B37D446A09EC84E519C10C981F1F59D7BF098A174589ACE1272D2BEDBC6703AE8F728E2EEC81F0C8F5E3E77991C632A664FAB45A584FD7A34133DB362EC04B2EFC6EC3F6C609C3ECEFB6223BA4CF06792D3A623F8FA4E1C78603B22B8AF856C8435AA6B25EEEB5C90F24572236182A79EE6A31331B4A78F1EFDE526AE53EA6C30F93DC2AEB3790E8AA728CE26D13080F84CC81ABB03E8E8E653368825D488461676BACF9BAAEDDA84A2E0E3524F407DD717A1DEC0D46C8FCF63F6F8952BCF1B19C03425F5AAB759ECD3C1E943756694A0F32CB0F765FB5EE410AFA6BAA30B0C96F4E65C76741BD067048DFF657B4C7C43336F200951448F3348AD241D9EBA14EE8CD8C023EF049835B6F6A6A4BA8B45CFF29C5252521494750C51972D2D448E357EA1B5A7230DCEFE9F2404E1D1C857E2DBFA18ABEA6369D958870D5657E3C6465748E2E10F851F9301B26F0A4AEF77F134C52A9391F7C92783FD7A2E378B5CE9F6D0ADA2B1EADC9BC9959E30E3821B2473DC1E2F3529DAE96B9E09BB0BC7806F41D7F39CEC690DB9F3DCCDFD92FA5DBF29FA26E5F55D87ED627E7788120A76ADDF2F2F28323F0950E1D9EAAC4270A6D66269978BB7382055BE7C36CE63446899C7ADF725F375B81FBBEF
+20210524234022 2 6 100 4095 5 DF313B012B87BCB41D4138171AA4A3ACBBCE90E58F3142966241384A0C0FFB78A3AAF92DFD19BAEF944D6323266A2BF7DAD5B917587B37D446A09EC84E519C10C981F1F59D7BF098A174589ACE1272D2BEDBC6703AE8F728E2EEC81F0C8F5E3E77991C632A664FAB45A584FD7A34133DB362EC04B2EFC6EC3F6C609C3ECEFB6223BA4CF06792D3A623F8FA4E1C78603B22B8AF856C8435AA6B25EEEB5C90F24572236182A79EE6A31331B4A78F1EFDE526AE53EA6C30F93DC2AEB3790E8AA728CE26D13080F84CC81ABB03E8E8E653368825D488461676BACF9BAAEDDA84A2E0E3524F407DD717A1DEC0D46C8FCF63F6F8952BCF1B19C03425F5AAB759ECD3C1E943756694A0F32CB0F765FB5EE410AFA6BAA30B0C96F4E65C76741BD067048DFF657B4C7C43336F200951448F3348AD241D9EBA14EE8CD8C023EF049835B6F6A6A4BA8B45CFF29C5252521494750C51972D2D448E357EA1B5A7230DCEFE9F2404E1D1C857E2DBFA18ABEA6369D958870D5657E3C6465748E2E10F851F9301B26F0A4AEF77F134C52A9391F7C92783FD7A2E378B5CE9F6D0ADA2B1EADC9BC9959E30E3821B2473DC1E2F3529DAE96B9E09BB0BC7806F41D7F39CEC690DB9F3DCCDFD92FA5DBF29FA26E5F55D87ED627E7788120A76ADDF2F2F28323F0950E1D9EAAC4270A6D66269978BB7382055BE7C36CE63446899C7ADF725F375B89ABD27
+20210524234251 2 6 100 4095 2 DF313B012B87BCB41D4138171AA4A3ACBBCE90E58F3142966241384A0C0FFB78A3AAF92DFD19BAEF944D6323266A2BF7DAD5B917587B37D446A09EC84E519C10C981F1F59D7BF098A174589ACE1272D2BEDBC6703AE8F728E2EEC81F0C8F5E3E77991C632A664FAB45A584FD7A34133DB362EC04B2EFC6EC3F6C609C3ECEFB6223BA4CF06792D3A623F8FA4E1C78603B22B8AF856C8435AA6B25EEEB5C90F24572236182A79EE6A31331B4A78F1EFDE526AE53EA6C30F93DC2AEB3790E8AA728CE26D13080F84CC81ABB03E8E8E653368825D488461676BACF9BAAEDDA84A2E0E3524F407DD717A1DEC0D46C8FCF63F6F8952BCF1B19C03425F5AAB759ECD3C1E943756694A0F32CB0F765FB5EE410AFA6BAA30B0C96F4E65C76741BD067048DFF657B4C7C43336F200951448F3348AD241D9EBA14EE8CD8C023EF049835B6F6A6A4BA8B45CFF29C5252521494750C51972D2D448E357EA1B5A7230DCEFE9F2404E1D1C857E2DBFA18ABEA6369D958870D5657E3C6465748E2E10F851F9301B26F0A4AEF77F134C52A9391F7C92783FD7A2E378B5CE9F6D0ADA2B1EADC9BC9959E30E3821B2473DC1E2F3529DAE96B9E09BB0BC7806F41D7F39CEC690DB9F3DCCDFD92FA5DBF29FA26E5F55D87ED627E7788120A76ADDF2F2F28323F0950E1D9EAAC4270A6D66269978BB7382055BE7C36CE63446899C7ADF725F375B9AA7603
+20210524234341 2 6 100 4095 2 DF313B012B87BCB41D4138171AA4A3ACBBCE90E58F3142966241384A0C0FFB78A3AAF92DFD19BAEF944D6323266A2BF7DAD5B917587B37D446A09EC84E519C10C981F1F59D7BF098A174589ACE1272D2BEDBC6703AE8F728E2EEC81F0C8F5E3E77991C632A664FAB45A584FD7A34133DB362EC04B2EFC6EC3F6C609C3ECEFB6223BA4CF06792D3A623F8FA4E1C78603B22B8AF856C8435AA6B25EEEB5C90F24572236182A79EE6A31331B4A78F1EFDE526AE53EA6C30F93DC2AEB3790E8AA728CE26D13080F84CC81ABB03E8E8E653368825D488461676BACF9BAAEDDA84A2E0E3524F407DD717A1DEC0D46C8FCF63F6F8952BCF1B19C03425F5AAB759ECD3C1E943756694A0F32CB0F765FB5EE410AFA6BAA30B0C96F4E65C76741BD067048DFF657B4C7C43336F200951448F3348AD241D9EBA14EE8CD8C023EF049835B6F6A6A4BA8B45CFF29C5252521494750C51972D2D448E357EA1B5A7230DCEFE9F2404E1D1C857E2DBFA18ABEA6369D958870D5657E3C6465748E2E10F851F9301B26F0A4AEF77F134C52A9391F7C92783FD7A2E378B5CE9F6D0ADA2B1EADC9BC9959E30E3821B2473DC1E2F3529DAE96B9E09BB0BC7806F41D7F39CEC690DB9F3DCCDFD92FA5DBF29FA26E5F55D87ED627E7788120A76ADDF2F2F28323F0950E1D9EAAC4270A6D66269978BB7382055BE7C36CE63446899C7ADF725F375B9FF196B
+20210524234859 2 6 100 4095 5 DF313B012B87BCB41D4138171AA4A3ACBBCE90E58F3142966241384A0C0FFB78A3AAF92DFD19BAEF944D6323266A2BF7DAD5B917587B37D446A09EC84E519C10C981F1F59D7BF098A174589ACE1272D2BEDBC6703AE8F728E2EEC81F0C8F5E3E77991C632A664FAB45A584FD7A34133DB362EC04B2EFC6EC3F6C609C3ECEFB6223BA4CF06792D3A623F8FA4E1C78603B22B8AF856C8435AA6B25EEEB5C90F24572236182A79EE6A31331B4A78F1EFDE526AE53EA6C30F93DC2AEB3790E8AA728CE26D13080F84CC81ABB03E8E8E653368825D488461676BACF9BAAEDDA84A2E0E3524F407DD717A1DEC0D46C8FCF63F6F8952BCF1B19C03425F5AAB759ECD3C1E943756694A0F32CB0F765FB5EE410AFA6BAA30B0C96F4E65C76741BD067048DFF657B4C7C43336F200951448F3348AD241D9EBA14EE8CD8C023EF049835B6F6A6A4BA8B45CFF29C5252521494750C51972D2D448E357EA1B5A7230DCEFE9F2404E1D1C857E2DBFA18ABEA6369D958870D5657E3C6465748E2E10F851F9301B26F0A4AEF77F134C52A9391F7C92783FD7A2E378B5CE9F6D0ADA2B1EADC9BC9959E30E3821B2473DC1E2F3529DAE96B9E09BB0BC7806F41D7F39CEC690DB9F3DCCDFD92FA5DBF29FA26E5F55D87ED627E7788120A76ADDF2F2F28323F0950E1D9EAAC4270A6D66269978BB7382055BE7C36CE63446899C7ADF725F375BC541C47
+20210524234945 2 6 100 4095 2 DF313B012B87BCB41D4138171AA4A3ACBBCE90E58F3142966241384A0C0FFB78A3AAF92DFD19BAEF944D6323266A2BF7DAD5B917587B37D446A09EC84E519C10C981F1F59D7BF098A174589ACE1272D2BEDBC6703AE8F728E2EEC81F0C8F5E3E77991C632A664FAB45A584FD7A34133DB362EC04B2EFC6EC3F6C609C3ECEFB6223BA4CF06792D3A623F8FA4E1C78603B22B8AF856C8435AA6B25EEEB5C90F24572236182A79EE6A31331B4A78F1EFDE526AE53EA6C30F93DC2AEB3790E8AA728CE26D13080F84CC81ABB03E8E8E653368825D488461676BACF9BAAEDDA84A2E0E3524F407DD717A1DEC0D46C8FCF63F6F8952BCF1B19C03425F5AAB759ECD3C1E943756694A0F32CB0F765FB5EE410AFA6BAA30B0C96F4E65C76741BD067048DFF657B4C7C43336F200951448F3348AD241D9EBA14EE8CD8C023EF049835B6F6A6A4BA8B45CFF29C5252521494750C51972D2D448E357EA1B5A7230DCEFE9F2404E1D1C857E2DBFA18ABEA6369D958870D5657E3C6465748E2E10F851F9301B26F0A4AEF77F134C52A9391F7C92783FD7A2E378B5CE9F6D0ADA2B1EADC9BC9959E30E3821B2473DC1E2F3529DAE96B9E09BB0BC7806F41D7F39CEC690DB9F3DCCDFD92FA5DBF29FA26E5F55D87ED627E7788120A76ADDF2F2F28323F0950E1D9EAAC4270A6D66269978BB7382055BE7C36CE63446899C7ADF725F375BCA418EB
+20210524235116 2 6 100 4095 5 DF313B012B87BCB41D4138171AA4A3ACBBCE90E58F3142966241384A0C0FFB78A3AAF92DFD19BAEF944D6323266A2BF7DAD5B917587B37D446A09EC84E519C10C981F1F59D7BF098A174589ACE1272D2BEDBC6703AE8F728E2EEC81F0C8F5E3E77991C632A664FAB45A584FD7A34133DB362EC04B2EFC6EC3F6C609C3ECEFB6223BA4CF06792D3A623F8FA4E1C78603B22B8AF856C8435AA6B25EEEB5C90F24572236182A79EE6A31331B4A78F1EFDE526AE53EA6C30F93DC2AEB3790E8AA728CE26D13080F84CC81ABB03E8E8E653368825D488461676BACF9BAAEDDA84A2E0E3524F407DD717A1DEC0D46C8FCF63F6F8952BCF1B19C03425F5AAB759ECD3C1E943756694A0F32CB0F765FB5EE410AFA6BAA30B0C96F4E65C76741BD067048DFF657B4C7C43336F200951448F3348AD241D9EBA14EE8CD8C023EF049835B6F6A6A4BA8B45CFF29C5252521494750C51972D2D448E357EA1B5A7230DCEFE9F2404E1D1C857E2DBFA18ABEA6369D958870D5657E3C6465748E2E10F851F9301B26F0A4AEF77F134C52A9391F7C92783FD7A2E378B5CE9F6D0ADA2B1EADC9BC9959E30E3821B2473DC1E2F3529DAE96B9E09BB0BC7806F41D7F39CEC690DB9F3DCCDFD92FA5DBF29FA26E5F55D87ED627E7788120A76ADDF2F2F28323F0950E1D9EAAC4270A6D66269978BB7382055BE7C36CE63446899C7ADF725F375BD49C877
+20210524235639 2 6 100 4095 2 DF313B012B87BCB41D4138171AA4A3ACBBCE90E58F3142966241384A0C0FFB78A3AAF92DFD19BAEF944D6323266A2BF7DAD5B917587B37D446A09EC84E519C10C981F1F59D7BF098A174589ACE1272D2BEDBC6703AE8F728E2EEC81F0C8F5E3E77991C632A664FAB45A584FD7A34133DB362EC04B2EFC6EC3F6C609C3ECEFB6223BA4CF06792D3A623F8FA4E1C78603B22B8AF856C8435AA6B25EEEB5C90F24572236182A79EE6A31331B4A78F1EFDE526AE53EA6C30F93DC2AEB3790E8AA728CE26D13080F84CC81ABB03E8E8E653368825D488461676BACF9BAAEDDA84A2E0E3524F407DD717A1DEC0D46C8FCF63F6F8952BCF1B19C03425F5AAB759ECD3C1E943756694A0F32CB0F765FB5EE410AFA6BAA30B0C96F4E65C76741BD067048DFF657B4C7C43336F200951448F3348AD241D9EBA14EE8CD8C023EF049835B6F6A6A4BA8B45CFF29C5252521494750C51972D2D448E357EA1B5A7230DCEFE9F2404E1D1C857E2DBFA18ABEA6369D958870D5657E3C6465748E2E10F851F9301B26F0A4AEF77F134C52A9391F7C92783FD7A2E378B5CE9F6D0ADA2B1EADC9BC9959E30E3821B2473DC1E2F3529DAE96B9E09BB0BC7806F41D7F39CEC690DB9F3DCCDFD92FA5DBF29FA26E5F55D87ED627E7788120A76ADDF2F2F28323F0950E1D9EAAC4270A6D66269978BB7382055BE7C36CE63446899C7ADF725F375BFB1B0BB
+20210524235928 2 6 100 4095 2 DF313B012B87BCB41D4138171AA4A3ACBBCE90E58F3142966241384A0C0FFB78A3AAF92DFD19BAEF944D6323266A2BF7DAD5B917587B37D446A09EC84E519C10C981F1F59D7BF098A174589ACE1272D2BEDBC6703AE8F728E2EEC81F0C8F5E3E77991C632A664FAB45A584FD7A34133DB362EC04B2EFC6EC3F6C609C3ECEFB6223BA4CF06792D3A623F8FA4E1C78603B22B8AF856C8435AA6B25EEEB5C90F24572236182A79EE6A31331B4A78F1EFDE526AE53EA6C30F93DC2AEB3790E8AA728CE26D13080F84CC81ABB03E8E8E653368825D488461676BACF9BAAEDDA84A2E0E3524F407DD717A1DEC0D46C8FCF63F6F8952BCF1B19C03425F5AAB759ECD3C1E943756694A0F32CB0F765FB5EE410AFA6BAA30B0C96F4E65C76741BD067048DFF657B4C7C43336F200951448F3348AD241D9EBA14EE8CD8C023EF049835B6F6A6A4BA8B45CFF29C5252521494750C51972D2D448E357EA1B5A7230DCEFE9F2404E1D1C857E2DBFA18ABEA6369D958870D5657E3C6465748E2E10F851F9301B26F0A4AEF77F134C52A9391F7C92783FD7A2E378B5CE9F6D0ADA2B1EADC9BC9959E30E3821B2473DC1E2F3529DAE96B9E09BB0BC7806F41D7F39CEC690DB9F3DCCDFD92FA5DBF29FA26E5F55D87ED627E7788120A76ADDF2F2F28323F0950E1D9EAAC4270A6D66269978BB7382055BE7C36CE63446899C7ADF725F375C0F703EB
+20210525000202 2 6 100 4095 2 DF313B012B87BCB41D4138171AA4A3ACBBCE90E58F3142966241384A0C0FFB78A3AAF92DFD19BAEF944D6323266A2BF7DAD5B917587B37D446A09EC84E519C10C981F1F59D7BF098A174589ACE1272D2BEDBC6703AE8F728E2EEC81F0C8F5E3E77991C632A664FAB45A584FD7A34133DB362EC04B2EFC6EC3F6C609C3ECEFB6223BA4CF06792D3A623F8FA4E1C78603B22B8AF856C8435AA6B25EEEB5C90F24572236182A79EE6A31331B4A78F1EFDE526AE53EA6C30F93DC2AEB3790E8AA728CE26D13080F84CC81ABB03E8E8E653368825D488461676BACF9BAAEDDA84A2E0E3524F407DD717A1DEC0D46C8FCF63F6F8952BCF1B19C03425F5AAB759ECD3C1E943756694A0F32CB0F765FB5EE410AFA6BAA30B0C96F4E65C76741BD067048DFF657B4C7C43336F200951448F3348AD241D9EBA14EE8CD8C023EF049835B6F6A6A4BA8B45CFF29C5252521494750C51972D2D448E357EA1B5A7230DCEFE9F2404E1D1C857E2DBFA18ABEA6369D958870D5657E3C6465748E2E10F851F9301B26F0A4AEF77F134C52A9391F7C92783FD7A2E378B5CE9F6D0ADA2B1EADC9BC9959E30E3821B2473DC1E2F3529DAE96B9E09BB0BC7806F41D7F39CEC690DB9F3DCCDFD92FA5DBF29FA26E5F55D87ED627E7788120A76ADDF2F2F28323F0950E1D9EAAC4270A6D66269978BB7382055BE7C36CE63446899C7ADF725F375C21C5393
+20210525000215 2 6 100 4095 2 DF313B012B87BCB41D4138171AA4A3ACBBCE90E58F3142966241384A0C0FFB78A3AAF92DFD19BAEF944D6323266A2BF7DAD5B917587B37D446A09EC84E519C10C981F1F59D7BF098A174589ACE1272D2BEDBC6703AE8F728E2EEC81F0C8F5E3E77991C632A664FAB45A584FD7A34133DB362EC04B2EFC6EC3F6C609C3ECEFB6223BA4CF06792D3A623F8FA4E1C78603B22B8AF856C8435AA6B25EEEB5C90F24572236182A79EE6A31331B4A78F1EFDE526AE53EA6C30F93DC2AEB3790E8AA728CE26D13080F84CC81ABB03E8E8E653368825D488461676BACF9BAAEDDA84A2E0E3524F407DD717A1DEC0D46C8FCF63F6F8952BCF1B19C03425F5AAB759ECD3C1E943756694A0F32CB0F765FB5EE410AFA6BAA30B0C96F4E65C76741BD067048DFF657B4C7C43336F200951448F3348AD241D9EBA14EE8CD8C023EF049835B6F6A6A4BA8B45CFF29C5252521494750C51972D2D448E357EA1B5A7230DCEFE9F2404E1D1C857E2DBFA18ABEA6369D958870D5657E3C6465748E2E10F851F9301B26F0A4AEF77F134C52A9391F7C92783FD7A2E378B5CE9F6D0ADA2B1EADC9BC9959E30E3821B2473DC1E2F3529DAE96B9E09BB0BC7806F41D7F39CEC690DB9F3DCCDFD92FA5DBF29FA26E5F55D87ED627E7788120A76ADDF2F2F28323F0950E1D9EAAC4270A6D66269978BB7382055BE7C36CE63446899C7ADF725F375C22B072B
+20210525000220 2 6 100 4095 2 DF313B012B87BCB41D4138171AA4A3ACBBCE90E58F3142966241384A0C0FFB78A3AAF92DFD19BAEF944D6323266A2BF7DAD5B917587B37D446A09EC84E519C10C981F1F59D7BF098A174589ACE1272D2BEDBC6703AE8F728E2EEC81F0C8F5E3E77991C632A664FAB45A584FD7A34133DB362EC04B2EFC6EC3F6C609C3ECEFB6223BA4CF06792D3A623F8FA4E1C78603B22B8AF856C8435AA6B25EEEB5C90F24572236182A79EE6A31331B4A78F1EFDE526AE53EA6C30F93DC2AEB3790E8AA728CE26D13080F84CC81ABB03E8E8E653368825D488461676BACF9BAAEDDA84A2E0E3524F407DD717A1DEC0D46C8FCF63F6F8952BCF1B19C03425F5AAB759ECD3C1E943756694A0F32CB0F765FB5EE410AFA6BAA30B0C96F4E65C76741BD067048DFF657B4C7C43336F200951448F3348AD241D9EBA14EE8CD8C023EF049835B6F6A6A4BA8B45CFF29C5252521494750C51972D2D448E357EA1B5A7230DCEFE9F2404E1D1C857E2DBFA18ABEA6369D958870D5657E3C6465748E2E10F851F9301B26F0A4AEF77F134C52A9391F7C92783FD7A2E378B5CE9F6D0ADA2B1EADC9BC9959E30E3821B2473DC1E2F3529DAE96B9E09BB0BC7806F41D7F39CEC690DB9F3DCCDFD92FA5DBF29FA26E5F55D87ED627E7788120A76ADDF2F2F28323F0950E1D9EAAC4270A6D66269978BB7382055BE7C36CE63446899C7ADF725F375C22DB943
+20210525000241 2 6 100 4095 5 DF313B012B87BCB41D4138171AA4A3ACBBCE90E58F3142966241384A0C0FFB78A3AAF92DFD19BAEF944D6323266A2BF7DAD5B917587B37D446A09EC84E519C10C981F1F59D7BF098A174589ACE1272D2BEDBC6703AE8F728E2EEC81F0C8F5E3E77991C632A664FAB45A584FD7A34133DB362EC04B2EFC6EC3F6C609C3ECEFB6223BA4CF06792D3A623F8FA4E1C78603B22B8AF856C8435AA6B25EEEB5C90F24572236182A79EE6A31331B4A78F1EFDE526AE53EA6C30F93DC2AEB3790E8AA728CE26D13080F84CC81ABB03E8E8E653368825D488461676BACF9BAAEDDA84A2E0E3524F407DD717A1DEC0D46C8FCF63F6F8952BCF1B19C03425F5AAB759ECD3C1E943756694A0F32CB0F765FB5EE410AFA6BAA30B0C96F4E65C76741BD067048DFF657B4C7C43336F200951448F3348AD241D9EBA14EE8CD8C023EF049835B6F6A6A4BA8B45CFF29C5252521494750C51972D2D448E357EA1B5A7230DCEFE9F2404E1D1C857E2DBFA18ABEA6369D958870D5657E3C6465748E2E10F851F9301B26F0A4AEF77F134C52A9391F7C92783FD7A2E378B5CE9F6D0ADA2B1EADC9BC9959E30E3821B2473DC1E2F3529DAE96B9E09BB0BC7806F41D7F39CEC690DB9F3DCCDFD92FA5DBF29FA26E5F55D87ED627E7788120A76ADDF2F2F28323F0950E1D9EAAC4270A6D66269978BB7382055BE7C36CE63446899C7ADF725F375C24E57CF
+20210525000519 2 6 100 4095 5 DF313B012B87BCB41D4138171AA4A3ACBBCE90E58F3142966241384A0C0FFB78A3AAF92DFD19BAEF944D6323266A2BF7DAD5B917587B37D446A09EC84E519C10C981F1F59D7BF098A174589ACE1272D2BEDBC6703AE8F728E2EEC81F0C8F5E3E77991C632A664FAB45A584FD7A34133DB362EC04B2EFC6EC3F6C609C3ECEFB6223BA4CF06792D3A623F8FA4E1C78603B22B8AF856C8435AA6B25EEEB5C90F24572236182A79EE6A31331B4A78F1EFDE526AE53EA6C30F93DC2AEB3790E8AA728CE26D13080F84CC81ABB03E8E8E653368825D488461676BACF9BAAEDDA84A2E0E3524F407DD717A1DEC0D46C8FCF63F6F8952BCF1B19C03425F5AAB759ECD3C1E943756694A0F32CB0F765FB5EE410AFA6BAA30B0C96F4E65C76741BD067048DFF657B4C7C43336F200951448F3348AD241D9EBA14EE8CD8C023EF049835B6F6A6A4BA8B45CFF29C5252521494750C51972D2D448E357EA1B5A7230DCEFE9F2404E1D1C857E2DBFA18ABEA6369D958870D5657E3C6465748E2E10F851F9301B26F0A4AEF77F134C52A9391F7C92783FD7A2E378B5CE9F6D0ADA2B1EADC9BC9959E30E3821B2473DC1E2F3529DAE96B9E09BB0BC7806F41D7F39CEC690DB9F3DCCDFD92FA5DBF29FA26E5F55D87ED627E7788120A76ADDF2F2F28323F0950E1D9EAAC4270A6D66269978BB7382055BE7C36CE63446899C7ADF725F375C37CDA8F
+20210525000617 2 6 100 4095 2 DF313B012B87BCB41D4138171AA4A3ACBBCE90E58F3142966241384A0C0FFB78A3AAF92DFD19BAEF944D6323266A2BF7DAD5B917587B37D446A09EC84E519C10C981F1F59D7BF098A174589ACE1272D2BEDBC6703AE8F728E2EEC81F0C8F5E3E77991C632A664FAB45A584FD7A34133DB362EC04B2EFC6EC3F6C609C3ECEFB6223BA4CF06792D3A623F8FA4E1C78603B22B8AF856C8435AA6B25EEEB5C90F24572236182A79EE6A31331B4A78F1EFDE526AE53EA6C30F93DC2AEB3790E8AA728CE26D13080F84CC81ABB03E8E8E653368825D488461676BACF9BAAEDDA84A2E0E3524F407DD717A1DEC0D46C8FCF63F6F8952BCF1B19C03425F5AAB759ECD3C1E943756694A0F32CB0F765FB5EE410AFA6BAA30B0C96F4E65C76741BD067048DFF657B4C7C43336F200951448F3348AD241D9EBA14EE8CD8C023EF049835B6F6A6A4BA8B45CFF29C5252521494750C51972D2D448E357EA1B5A7230DCEFE9F2404E1D1C857E2DBFA18ABEA6369D958870D5657E3C6465748E2E10F851F9301B26F0A4AEF77F134C52A9391F7C92783FD7A2E378B5CE9F6D0ADA2B1EADC9BC9959E30E3821B2473DC1E2F3529DAE96B9E09BB0BC7806F41D7F39CEC690DB9F3DCCDFD92FA5DBF29FA26E5F55D87ED627E7788120A76ADDF2F2F28323F0950E1D9EAAC4270A6D66269978BB7382055BE7C36CE63446899C7ADF725F375C3E42EBB
+20210525000910 2 6 100 4095 2 DF313B012B87BCB41D4138171AA4A3ACBBCE90E58F3142966241384A0C0FFB78A3AAF92DFD19BAEF944D6323266A2BF7DAD5B917587B37D446A09EC84E519C10C981F1F59D7BF098A174589ACE1272D2BEDBC6703AE8F728E2EEC81F0C8F5E3E77991C632A664FAB45A584FD7A34133DB362EC04B2EFC6EC3F6C609C3ECEFB6223BA4CF06792D3A623F8FA4E1C78603B22B8AF856C8435AA6B25EEEB5C90F24572236182A79EE6A31331B4A78F1EFDE526AE53EA6C30F93DC2AEB3790E8AA728CE26D13080F84CC81ABB03E8E8E653368825D488461676BACF9BAAEDDA84A2E0E3524F407DD717A1DEC0D46C8FCF63F6F8952BCF1B19C03425F5AAB759ECD3C1E943756694A0F32CB0F765FB5EE410AFA6BAA30B0C96F4E65C76741BD067048DFF657B4C7C43336F200951448F3348AD241D9EBA14EE8CD8C023EF049835B6F6A6A4BA8B45CFF29C5252521494750C51972D2D448E357EA1B5A7230DCEFE9F2404E1D1C857E2DBFA18ABEA6369D958870D5657E3C6465748E2E10F851F9301B26F0A4AEF77F134C52A9391F7C92783FD7A2E378B5CE9F6D0ADA2B1EADC9BC9959E30E3821B2473DC1E2F3529DAE96B9E09BB0BC7806F41D7F39CEC690DB9F3DCCDFD92FA5DBF29FA26E5F55D87ED627E7788120A76ADDF2F2F28323F0950E1D9EAAC4270A6D66269978BB7382055BE7C36CE63446899C7ADF725F375C52F623B
+20210525000950 2 6 100 4095 2 DF313B012B87BCB41D4138171AA4A3ACBBCE90E58F3142966241384A0C0FFB78A3AAF92DFD19BAEF944D6323266A2BF7DAD5B917587B37D446A09EC84E519C10C981F1F59D7BF098A174589ACE1272D2BEDBC6703AE8F728E2EEC81F0C8F5E3E77991C632A664FAB45A584FD7A34133DB362EC04B2EFC6EC3F6C609C3ECEFB6223BA4CF06792D3A623F8FA4E1C78603B22B8AF856C8435AA6B25EEEB5C90F24572236182A79EE6A31331B4A78F1EFDE526AE53EA6C30F93DC2AEB3790E8AA728CE26D13080F84CC81ABB03E8E8E653368825D488461676BACF9BAAEDDA84A2E0E3524F407DD717A1DEC0D46C8FCF63F6F8952BCF1B19C03425F5AAB759ECD3C1E943756694A0F32CB0F765FB5EE410AFA6BAA30B0C96F4E65C76741BD067048DFF657B4C7C43336F200951448F3348AD241D9EBA14EE8CD8C023EF049835B6F6A6A4BA8B45CFF29C5252521494750C51972D2D448E357EA1B5A7230DCEFE9F2404E1D1C857E2DBFA18ABEA6369D958870D5657E3C6465748E2E10F851F9301B26F0A4AEF77F134C52A9391F7C92783FD7A2E378B5CE9F6D0ADA2B1EADC9BC9959E30E3821B2473DC1E2F3529DAE96B9E09BB0BC7806F41D7F39CEC690DB9F3DCCDFD92FA5DBF29FA26E5F55D87ED627E7788120A76ADDF2F2F28323F0950E1D9EAAC4270A6D66269978BB7382055BE7C36CE63446899C7ADF725F375C573F39B
+20210525001816 2 6 100 4095 2 D26A87E5A681F2A0E0231EC9449860176D2F9282C1D6E791D912B84987AAEF8BBCDE27FCC3A31FD76A78509ACB3673A0091330E077333D6682329E65ED16DAB1DC98ED93D911BCC3B63FF1271937AE5CE43688C0322530126BCC852EBA388F6B5B9AFF6808DD0B17790AD76F462EA9F0438F1E5A622C921E50A0358335806DD4A574C8117028E6DD07A42F09C3CDE7B5B9CD8914CEE9116E2F952862EFDB94F826D826C8EF15C468E80F916E09F4C411483E2C3CBDBF1CEE282F1144D17F9F681B0B238337941C1C5DEAB7DD52F0EC84A5C8B9FEEF5AA7EEA118FDF857B8BC0190C81A8D2E446E58C5F18DE1CFDD4680E04C89D421E1DEF67BC5A6FBA6B525FB06C263624A5D668A36F2254F9ADC7366544CE3A388B31675E3886801F9DFB571BA159C7D20B6175711387D696741F64FD689DC61F775028924BCCFC0197844340F61BB7EF0370B3FA53CFEEF65B4058B4CA1B25290DEB7E9ED829154430B7008A5E4174FCCAD783F3C8D1CE61014AF4299527B81B9F4D6EA4DEDEE89DD042FBDB6F0ED861CD7073F59AE181C5922BF8B480F7C71E2EC6CB6EA922FBA8C7383AA72001AA4A0AF633CD82D423B880E4AA3B96921BA8CE3EAB0337BAF49F37576905D811D657E3420C8C41C9BC693ACA6C94B34102F54FB370D597A1F9C00ED602927871F79C396D778FA4C968D2CD48788196EFB9511315087B9AEB091FBF7D2A3
+20210525001921 2 6 100 4095 2 D26A87E5A681F2A0E0231EC9449860176D2F9282C1D6E791D912B84987AAEF8BBCDE27FCC3A31FD76A78509ACB3673A0091330E077333D6682329E65ED16DAB1DC98ED93D911BCC3B63FF1271937AE5CE43688C0322530126BCC852EBA388F6B5B9AFF6808DD0B17790AD76F462EA9F0438F1E5A622C921E50A0358335806DD4A574C8117028E6DD07A42F09C3CDE7B5B9CD8914CEE9116E2F952862EFDB94F826D826C8EF15C468E80F916E09F4C411483E2C3CBDBF1CEE282F1144D17F9F681B0B238337941C1C5DEAB7DD52F0EC84A5C8B9FEEF5AA7EEA118FDF857B8BC0190C81A8D2E446E58C5F18DE1CFDD4680E04C89D421E1DEF67BC5A6FBA6B525FB06C263624A5D668A36F2254F9ADC7366544CE3A388B31675E3886801F9DFB571BA159C7D20B6175711387D696741F64FD689DC61F775028924BCCFC0197844340F61BB7EF0370B3FA53CFEEF65B4058B4CA1B25290DEB7E9ED829154430B7008A5E4174FCCAD783F3C8D1CE61014AF4299527B81B9F4D6EA4DEDEE89DD042FBDB6F0ED861CD7073F59AE181C5922BF8B480F7C71E2EC6CB6EA922FBA8C7383AA72001AA4A0AF633CD82D423B880E4AA3B96921BA8CE3EAB0337BAF49F37576905D811D657E3420C8C41C9BC693ACA6C94B34102F54FB370D597A1F9C00ED602927871F79C396D778FA4C968D2CD48788196EFB9511315087B9AEB091FC6DAC53
+20210525001926 2 6 100 4095 2 D26A87E5A681F2A0E0231EC9449860176D2F9282C1D6E791D912B84987AAEF8BBCDE27FCC3A31FD76A78509ACB3673A0091330E077333D6682329E65ED16DAB1DC98ED93D911BCC3B63FF1271937AE5CE43688C0322530126BCC852EBA388F6B5B9AFF6808DD0B17790AD76F462EA9F0438F1E5A622C921E50A0358335806DD4A574C8117028E6DD07A42F09C3CDE7B5B9CD8914CEE9116E2F952862EFDB94F826D826C8EF15C468E80F916E09F4C411483E2C3CBDBF1CEE282F1144D17F9F681B0B238337941C1C5DEAB7DD52F0EC84A5C8B9FEEF5AA7EEA118FDF857B8BC0190C81A8D2E446E58C5F18DE1CFDD4680E04C89D421E1DEF67BC5A6FBA6B525FB06C263624A5D668A36F2254F9ADC7366544CE3A388B31675E3886801F9DFB571BA159C7D20B6175711387D696741F64FD689DC61F775028924BCCFC0197844340F61BB7EF0370B3FA53CFEEF65B4058B4CA1B25290DEB7E9ED829154430B7008A5E4174FCCAD783F3C8D1CE61014AF4299527B81B9F4D6EA4DEDEE89DD042FBDB6F0ED861CD7073F59AE181C5922BF8B480F7C71E2EC6CB6EA922FBA8C7383AA72001AA4A0AF633CD82D423B880E4AA3B96921BA8CE3EAB0337BAF49F37576905D811D657E3420C8C41C9BC693ACA6C94B34102F54FB370D597A1F9C00ED602927871F79C396D778FA4C968D2CD48788196EFB9511315087B9AEB091FC6F3373
+20210525002309 2 6 100 4095 5 D26A87E5A681F2A0E0231EC9449860176D2F9282C1D6E791D912B84987AAEF8BBCDE27FCC3A31FD76A78509ACB3673A0091330E077333D6682329E65ED16DAB1DC98ED93D911BCC3B63FF1271937AE5CE43688C0322530126BCC852EBA388F6B5B9AFF6808DD0B17790AD76F462EA9F0438F1E5A622C921E50A0358335806DD4A574C8117028E6DD07A42F09C3CDE7B5B9CD8914CEE9116E2F952862EFDB94F826D826C8EF15C468E80F916E09F4C411483E2C3CBDBF1CEE282F1144D17F9F681B0B238337941C1C5DEAB7DD52F0EC84A5C8B9FEEF5AA7EEA118FDF857B8BC0190C81A8D2E446E58C5F18DE1CFDD4680E04C89D421E1DEF67BC5A6FBA6B525FB06C263624A5D668A36F2254F9ADC7366544CE3A388B31675E3886801F9DFB571BA159C7D20B6175711387D696741F64FD689DC61F775028924BCCFC0197844340F61BB7EF0370B3FA53CFEEF65B4058B4CA1B25290DEB7E9ED829154430B7008A5E4174FCCAD783F3C8D1CE61014AF4299527B81B9F4D6EA4DEDEE89DD042FBDB6F0ED861CD7073F59AE181C5922BF8B480F7C71E2EC6CB6EA922FBA8C7383AA72001AA4A0AF633CD82D423B880E4AA3B96921BA8CE3EAB0337BAF49F37576905D811D657E3420C8C41C9BC693ACA6C94B34102F54FB370D597A1F9C00ED602927871F79C396D778FA4C968D2CD48788196EFB9511315087B9AEB091FE12C677
+20210525002320 2 6 100 4095 2 D26A87E5A681F2A0E0231EC9449860176D2F9282C1D6E791D912B84987AAEF8BBCDE27FCC3A31FD76A78509ACB3673A0091330E077333D6682329E65ED16DAB1DC98ED93D911BCC3B63FF1271937AE5CE43688C0322530126BCC852EBA388F6B5B9AFF6808DD0B17790AD76F462EA9F0438F1E5A622C921E50A0358335806DD4A574C8117028E6DD07A42F09C3CDE7B5B9CD8914CEE9116E2F952862EFDB94F826D826C8EF15C468E80F916E09F4C411483E2C3CBDBF1CEE282F1144D17F9F681B0B238337941C1C5DEAB7DD52F0EC84A5C8B9FEEF5AA7EEA118FDF857B8BC0190C81A8D2E446E58C5F18DE1CFDD4680E04C89D421E1DEF67BC5A6FBA6B525FB06C263624A5D668A36F2254F9ADC7366544CE3A388B31675E3886801F9DFB571BA159C7D20B6175711387D696741F64FD689DC61F775028924BCCFC0197844340F61BB7EF0370B3FA53CFEEF65B4058B4CA1B25290DEB7E9ED829154430B7008A5E4174FCCAD783F3C8D1CE61014AF4299527B81B9F4D6EA4DEDEE89DD042FBDB6F0ED861CD7073F59AE181C5922BF8B480F7C71E2EC6CB6EA922FBA8C7383AA72001AA4A0AF633CD82D423B880E4AA3B96921BA8CE3EAB0337BAF49F37576905D811D657E3420C8C41C9BC693ACA6C94B34102F54FB370D597A1F9C00ED602927871F79C396D778FA4C968D2CD48788196EFB9511315087B9AEB091FE1E59AB
+20210525002338 2 6 100 4095 5 D26A87E5A681F2A0E0231EC9449860176D2F9282C1D6E791D912B84987AAEF8BBCDE27FCC3A31FD76A78509ACB3673A0091330E077333D6682329E65ED16DAB1DC98ED93D911BCC3B63FF1271937AE5CE43688C0322530126BCC852EBA388F6B5B9AFF6808DD0B17790AD76F462EA9F0438F1E5A622C921E50A0358335806DD4A574C8117028E6DD07A42F09C3CDE7B5B9CD8914CEE9116E2F952862EFDB94F826D826C8EF15C468E80F916E09F4C411483E2C3CBDBF1CEE282F1144D17F9F681B0B238337941C1C5DEAB7DD52F0EC84A5C8B9FEEF5AA7EEA118FDF857B8BC0190C81A8D2E446E58C5F18DE1CFDD4680E04C89D421E1DEF67BC5A6FBA6B525FB06C263624A5D668A36F2254F9ADC7366544CE3A388B31675E3886801F9DFB571BA159C7D20B6175711387D696741F64FD689DC61F775028924BCCFC0197844340F61BB7EF0370B3FA53CFEEF65B4058B4CA1B25290DEB7E9ED829154430B7008A5E4174FCCAD783F3C8D1CE61014AF4299527B81B9F4D6EA4DEDEE89DD042FBDB6F0ED861CD7073F59AE181C5922BF8B480F7C71E2EC6CB6EA922FBA8C7383AA72001AA4A0AF633CD82D423B880E4AA3B96921BA8CE3EAB0337BAF49F37576905D811D657E3420C8C41C9BC693ACA6C94B34102F54FB370D597A1F9C00ED602927871F79C396D778FA4C968D2CD48788196EFB9511315087B9AEB091FE3AB02F
+20210525002359 2 6 100 4095 2 D26A87E5A681F2A0E0231EC9449860176D2F9282C1D6E791D912B84987AAEF8BBCDE27FCC3A31FD76A78509ACB3673A0091330E077333D6682329E65ED16DAB1DC98ED93D911BCC3B63FF1271937AE5CE43688C0322530126BCC852EBA388F6B5B9AFF6808DD0B17790AD76F462EA9F0438F1E5A622C921E50A0358335806DD4A574C8117028E6DD07A42F09C3CDE7B5B9CD8914CEE9116E2F952862EFDB94F826D826C8EF15C468E80F916E09F4C411483E2C3CBDBF1CEE282F1144D17F9F681B0B238337941C1C5DEAB7DD52F0EC84A5C8B9FEEF5AA7EEA118FDF857B8BC0190C81A8D2E446E58C5F18DE1CFDD4680E04C89D421E1DEF67BC5A6FBA6B525FB06C263624A5D668A36F2254F9ADC7366544CE3A388B31675E3886801F9DFB571BA159C7D20B6175711387D696741F64FD689DC61F775028924BCCFC0197844340F61BB7EF0370B3FA53CFEEF65B4058B4CA1B25290DEB7E9ED829154430B7008A5E4174FCCAD783F3C8D1CE61014AF4299527B81B9F4D6EA4DEDEE89DD042FBDB6F0ED861CD7073F59AE181C5922BF8B480F7C71E2EC6CB6EA922FBA8C7383AA72001AA4A0AF633CD82D423B880E4AA3B96921BA8CE3EAB0337BAF49F37576905D811D657E3420C8C41C9BC693ACA6C94B34102F54FB370D597A1F9C00ED602927871F79C396D778FA4C968D2CD48788196EFB9511315087B9AEB091FE5BF4C3
+20210525002601 2 6 100 4095 2 D26A87E5A681F2A0E0231EC9449860176D2F9282C1D6E791D912B84987AAEF8BBCDE27FCC3A31FD76A78509ACB3673A0091330E077333D6682329E65ED16DAB1DC98ED93D911BCC3B63FF1271937AE5CE43688C0322530126BCC852EBA388F6B5B9AFF6808DD0B17790AD76F462EA9F0438F1E5A622C921E50A0358335806DD4A574C8117028E6DD07A42F09C3CDE7B5B9CD8914CEE9116E2F952862EFDB94F826D826C8EF15C468E80F916E09F4C411483E2C3CBDBF1CEE282F1144D17F9F681B0B238337941C1C5DEAB7DD52F0EC84A5C8B9FEEF5AA7EEA118FDF857B8BC0190C81A8D2E446E58C5F18DE1CFDD4680E04C89D421E1DEF67BC5A6FBA6B525FB06C263624A5D668A36F2254F9ADC7366544CE3A388B31675E3886801F9DFB571BA159C7D20B6175711387D696741F64FD689DC61F775028924BCCFC0197844340F61BB7EF0370B3FA53CFEEF65B4058B4CA1B25290DEB7E9ED829154430B7008A5E4174FCCAD783F3C8D1CE61014AF4299527B81B9F4D6EA4DEDEE89DD042FBDB6F0ED861CD7073F59AE181C5922BF8B480F7C71E2EC6CB6EA922FBA8C7383AA72001AA4A0AF633CD82D423B880E4AA3B96921BA8CE3EAB0337BAF49F37576905D811D657E3420C8C41C9BC693ACA6C94B34102F54FB370D597A1F9C00ED602927871F79C396D778FA4C968D2CD48788196EFB9511315087B9AEB091FF3C869B
+20210525002851 2 6 100 4095 2 D26A87E5A681F2A0E0231EC9449860176D2F9282C1D6E791D912B84987AAEF8BBCDE27FCC3A31FD76A78509ACB3673A0091330E077333D6682329E65ED16DAB1DC98ED93D911BCC3B63FF1271937AE5CE43688C0322530126BCC852EBA388F6B5B9AFF6808DD0B17790AD76F462EA9F0438F1E5A622C921E50A0358335806DD4A574C8117028E6DD07A42F09C3CDE7B5B9CD8914CEE9116E2F952862EFDB94F826D826C8EF15C468E80F916E09F4C411483E2C3CBDBF1CEE282F1144D17F9F681B0B238337941C1C5DEAB7DD52F0EC84A5C8B9FEEF5AA7EEA118FDF857B8BC0190C81A8D2E446E58C5F18DE1CFDD4680E04C89D421E1DEF67BC5A6FBA6B525FB06C263624A5D668A36F2254F9ADC7366544CE3A388B31675E3886801F9DFB571BA159C7D20B6175711387D696741F64FD689DC61F775028924BCCFC0197844340F61BB7EF0370B3FA53CFEEF65B4058B4CA1B25290DEB7E9ED829154430B7008A5E4174FCCAD783F3C8D1CE61014AF4299527B81B9F4D6EA4DEDEE89DD042FBDB6F0ED861CD7073F59AE181C5922BF8B480F7C71E2EC6CB6EA922FBA8C7383AA72001AA4A0AF633CD82D423B880E4AA3B96921BA8CE3EAB0337BAF49F37576905D811D657E3420C8C41C9BC693ACA6C94B34102F54FB370D597A1F9C00ED602927871F79C396D778FA4C968D2CD48788196EFB9511315087B9AEB09200739083
+20210525003041 2 6 100 4095 2 D26A87E5A681F2A0E0231EC9449860176D2F9282C1D6E791D912B84987AAEF8BBCDE27FCC3A31FD76A78509ACB3673A0091330E077333D6682329E65ED16DAB1DC98ED93D911BCC3B63FF1271937AE5CE43688C0322530126BCC852EBA388F6B5B9AFF6808DD0B17790AD76F462EA9F0438F1E5A622C921E50A0358335806DD4A574C8117028E6DD07A42F09C3CDE7B5B9CD8914CEE9116E2F952862EFDB94F826D826C8EF15C468E80F916E09F4C411483E2C3CBDBF1CEE282F1144D17F9F681B0B238337941C1C5DEAB7DD52F0EC84A5C8B9FEEF5AA7EEA118FDF857B8BC0190C81A8D2E446E58C5F18DE1CFDD4680E04C89D421E1DEF67BC5A6FBA6B525FB06C263624A5D668A36F2254F9ADC7366544CE3A388B31675E3886801F9DFB571BA159C7D20B6175711387D696741F64FD689DC61F775028924BCCFC0197844340F61BB7EF0370B3FA53CFEEF65B4058B4CA1B25290DEB7E9ED829154430B7008A5E4174FCCAD783F3C8D1CE61014AF4299527B81B9F4D6EA4DEDEE89DD042FBDB6F0ED861CD7073F59AE181C5922BF8B480F7C71E2EC6CB6EA922FBA8C7383AA72001AA4A0AF633CD82D423B880E4AA3B96921BA8CE3EAB0337BAF49F37576905D811D657E3420C8C41C9BC693ACA6C94B34102F54FB370D597A1F9C00ED602927871F79C396D778FA4C968D2CD48788196EFB9511315087B9AEB0920140797B
+20210525003049 2 6 100 4095 2 D26A87E5A681F2A0E0231EC9449860176D2F9282C1D6E791D912B84987AAEF8BBCDE27FCC3A31FD76A78509ACB3673A0091330E077333D6682329E65ED16DAB1DC98ED93D911BCC3B63FF1271937AE5CE43688C0322530126BCC852EBA388F6B5B9AFF6808DD0B17790AD76F462EA9F0438F1E5A622C921E50A0358335806DD4A574C8117028E6DD07A42F09C3CDE7B5B9CD8914CEE9116E2F952862EFDB94F826D826C8EF15C468E80F916E09F4C411483E2C3CBDBF1CEE282F1144D17F9F681B0B238337941C1C5DEAB7DD52F0EC84A5C8B9FEEF5AA7EEA118FDF857B8BC0190C81A8D2E446E58C5F18DE1CFDD4680E04C89D421E1DEF67BC5A6FBA6B525FB06C263624A5D668A36F2254F9ADC7366544CE3A388B31675E3886801F9DFB571BA159C7D20B6175711387D696741F64FD689DC61F775028924BCCFC0197844340F61BB7EF0370B3FA53CFEEF65B4058B4CA1B25290DEB7E9ED829154430B7008A5E4174FCCAD783F3C8D1CE61014AF4299527B81B9F4D6EA4DEDEE89DD042FBDB6F0ED861CD7073F59AE181C5922BF8B480F7C71E2EC6CB6EA922FBA8C7383AA72001AA4A0AF633CD82D423B880E4AA3B96921BA8CE3EAB0337BAF49F37576905D811D657E3420C8C41C9BC693ACA6C94B34102F54FB370D597A1F9C00ED602927871F79C396D778FA4C968D2CD48788196EFB9511315087B9AEB092014502F3
+20210525003141 2 6 100 4095 5 D26A87E5A681F2A0E0231EC9449860176D2F9282C1D6E791D912B84987AAEF8BBCDE27FCC3A31FD76A78509ACB3673A0091330E077333D6682329E65ED16DAB1DC98ED93D911BCC3B63FF1271937AE5CE43688C0322530126BCC852EBA388F6B5B9AFF6808DD0B17790AD76F462EA9F0438F1E5A622C921E50A0358335806DD4A574C8117028E6DD07A42F09C3CDE7B5B9CD8914CEE9116E2F952862EFDB94F826D826C8EF15C468E80F916E09F4C411483E2C3CBDBF1CEE282F1144D17F9F681B0B238337941C1C5DEAB7DD52F0EC84A5C8B9FEEF5AA7EEA118FDF857B8BC0190C81A8D2E446E58C5F18DE1CFDD4680E04C89D421E1DEF67BC5A6FBA6B525FB06C263624A5D668A36F2254F9ADC7366544CE3A388B31675E3886801F9DFB571BA159C7D20B6175711387D696741F64FD689DC61F775028924BCCFC0197844340F61BB7EF0370B3FA53CFEEF65B4058B4CA1B25290DEB7E9ED829154430B7008A5E4174FCCAD783F3C8D1CE61014AF4299527B81B9F4D6EA4DEDEE89DD042FBDB6F0ED861CD7073F59AE181C5922BF8B480F7C71E2EC6CB6EA922FBA8C7383AA72001AA4A0AF633CD82D423B880E4AA3B96921BA8CE3EAB0337BAF49F37576905D811D657E3420C8C41C9BC693ACA6C94B34102F54FB370D597A1F9C00ED602927871F79C396D778FA4C968D2CD48788196EFB9511315087B9AEB09201A2B9FF
+20210525003223 2 6 100 4095 2 D26A87E5A681F2A0E0231EC9449860176D2F9282C1D6E791D912B84987AAEF8BBCDE27FCC3A31FD76A78509ACB3673A0091330E077333D6682329E65ED16DAB1DC98ED93D911BCC3B63FF1271937AE5CE43688C0322530126BCC852EBA388F6B5B9AFF6808DD0B17790AD76F462EA9F0438F1E5A622C921E50A0358335806DD4A574C8117028E6DD07A42F09C3CDE7B5B9CD8914CEE9116E2F952862EFDB94F826D826C8EF15C468E80F916E09F4C411483E2C3CBDBF1CEE282F1144D17F9F681B0B238337941C1C5DEAB7DD52F0EC84A5C8B9FEEF5AA7EEA118FDF857B8BC0190C81A8D2E446E58C5F18DE1CFDD4680E04C89D421E1DEF67BC5A6FBA6B525FB06C263624A5D668A36F2254F9ADC7366544CE3A388B31675E3886801F9DFB571BA159C7D20B6175711387D696741F64FD689DC61F775028924BCCFC0197844340F61BB7EF0370B3FA53CFEEF65B4058B4CA1B25290DEB7E9ED829154430B7008A5E4174FCCAD783F3C8D1CE61014AF4299527B81B9F4D6EA4DEDEE89DD042FBDB6F0ED861CD7073F59AE181C5922BF8B480F7C71E2EC6CB6EA922FBA8C7383AA72001AA4A0AF633CD82D423B880E4AA3B96921BA8CE3EAB0337BAF49F37576905D811D657E3420C8C41C9BC693ACA6C94B34102F54FB370D597A1F9C00ED602927871F79C396D778FA4C968D2CD48788196EFB9511315087B9AEB09201EA8A9B
+20210525003231 2 6 100 4095 2 D26A87E5A681F2A0E0231EC9449860176D2F9282C1D6E791D912B84987AAEF8BBCDE27FCC3A31FD76A78509ACB3673A0091330E077333D6682329E65ED16DAB1DC98ED93D911BCC3B63FF1271937AE5CE43688C0322530126BCC852EBA388F6B5B9AFF6808DD0B17790AD76F462EA9F0438F1E5A622C921E50A0358335806DD4A574C8117028E6DD07A42F09C3CDE7B5B9CD8914CEE9116E2F952862EFDB94F826D826C8EF15C468E80F916E09F4C411483E2C3CBDBF1CEE282F1144D17F9F681B0B238337941C1C5DEAB7DD52F0EC84A5C8B9FEEF5AA7EEA118FDF857B8BC0190C81A8D2E446E58C5F18DE1CFDD4680E04C89D421E1DEF67BC5A6FBA6B525FB06C263624A5D668A36F2254F9ADC7366544CE3A388B31675E3886801F9DFB571BA159C7D20B6175711387D696741F64FD689DC61F775028924BCCFC0197844340F61BB7EF0370B3FA53CFEEF65B4058B4CA1B25290DEB7E9ED829154430B7008A5E4174FCCAD783F3C8D1CE61014AF4299527B81B9F4D6EA4DEDEE89DD042FBDB6F0ED861CD7073F59AE181C5922BF8B480F7C71E2EC6CB6EA922FBA8C7383AA72001AA4A0AF633CD82D423B880E4AA3B96921BA8CE3EAB0337BAF49F37576905D811D657E3420C8C41C9BC693ACA6C94B34102F54FB370D597A1F9C00ED602927871F79C396D778FA4C968D2CD48788196EFB9511315087B9AEB09201F326F3
+20210525003352 2 6 100 4095 2 D26A87E5A681F2A0E0231EC9449860176D2F9282C1D6E791D912B84987AAEF8BBCDE27FCC3A31FD76A78509ACB3673A0091330E077333D6682329E65ED16DAB1DC98ED93D911BCC3B63FF1271937AE5CE43688C0322530126BCC852EBA388F6B5B9AFF6808DD0B17790AD76F462EA9F0438F1E5A622C921E50A0358335806DD4A574C8117028E6DD07A42F09C3CDE7B5B9CD8914CEE9116E2F952862EFDB94F826D826C8EF15C468E80F916E09F4C411483E2C3CBDBF1CEE282F1144D17F9F681B0B238337941C1C5DEAB7DD52F0EC84A5C8B9FEEF5AA7EEA118FDF857B8BC0190C81A8D2E446E58C5F18DE1CFDD4680E04C89D421E1DEF67BC5A6FBA6B525FB06C263624A5D668A36F2254F9ADC7366544CE3A388B31675E3886801F9DFB571BA159C7D20B6175711387D696741F64FD689DC61F775028924BCCFC0197844340F61BB7EF0370B3FA53CFEEF65B4058B4CA1B25290DEB7E9ED829154430B7008A5E4174FCCAD783F3C8D1CE61014AF4299527B81B9F4D6EA4DEDEE89DD042FBDB6F0ED861CD7073F59AE181C5922BF8B480F7C71E2EC6CB6EA922FBA8C7383AA72001AA4A0AF633CD82D423B880E4AA3B96921BA8CE3EAB0337BAF49F37576905D811D657E3420C8C41C9BC693ACA6C94B34102F54FB370D597A1F9C00ED602927871F79C396D778FA4C968D2CD48788196EFB9511315087B9AEB092028EFD83
+20210525003809 2 6 100 4095 2 D26A87E5A681F2A0E0231EC9449860176D2F9282C1D6E791D912B84987AAEF8BBCDE27FCC3A31FD76A78509ACB3673A0091330E077333D6682329E65ED16DAB1DC98ED93D911BCC3B63FF1271937AE5CE43688C0322530126BCC852EBA388F6B5B9AFF6808DD0B17790AD76F462EA9F0438F1E5A622C921E50A0358335806DD4A574C8117028E6DD07A42F09C3CDE7B5B9CD8914CEE9116E2F952862EFDB94F826D826C8EF15C468E80F916E09F4C411483E2C3CBDBF1CEE282F1144D17F9F681B0B238337941C1C5DEAB7DD52F0EC84A5C8B9FEEF5AA7EEA118FDF857B8BC0190C81A8D2E446E58C5F18DE1CFDD4680E04C89D421E1DEF67BC5A6FBA6B525FB06C263624A5D668A36F2254F9ADC7366544CE3A388B31675E3886801F9DFB571BA159C7D20B6175711387D696741F64FD689DC61F775028924BCCFC0197844340F61BB7EF0370B3FA53CFEEF65B4058B4CA1B25290DEB7E9ED829154430B7008A5E4174FCCAD783F3C8D1CE61014AF4299527B81B9F4D6EA4DEDEE89DD042FBDB6F0ED861CD7073F59AE181C5922BF8B480F7C71E2EC6CB6EA922FBA8C7383AA72001AA4A0AF633CD82D423B880E4AA3B96921BA8CE3EAB0337BAF49F37576905D811D657E3420C8C41C9BC693ACA6C94B34102F54FB370D597A1F9C00ED602927871F79C396D778FA4C968D2CD48788196EFB9511315087B9AEB0920482BA13
+20210525003923 2 6 100 4095 2 D26A87E5A681F2A0E0231EC9449860176D2F9282C1D6E791D912B84987AAEF8BBCDE27FCC3A31FD76A78509ACB3673A0091330E077333D6682329E65ED16DAB1DC98ED93D911BCC3B63FF1271937AE5CE43688C0322530126BCC852EBA388F6B5B9AFF6808DD0B17790AD76F462EA9F0438F1E5A622C921E50A0358335806DD4A574C8117028E6DD07A42F09C3CDE7B5B9CD8914CEE9116E2F952862EFDB94F826D826C8EF15C468E80F916E09F4C411483E2C3CBDBF1CEE282F1144D17F9F681B0B238337941C1C5DEAB7DD52F0EC84A5C8B9FEEF5AA7EEA118FDF857B8BC0190C81A8D2E446E58C5F18DE1CFDD4680E04C89D421E1DEF67BC5A6FBA6B525FB06C263624A5D668A36F2254F9ADC7366544CE3A388B31675E3886801F9DFB571BA159C7D20B6175711387D696741F64FD689DC61F775028924BCCFC0197844340F61BB7EF0370B3FA53CFEEF65B4058B4CA1B25290DEB7E9ED829154430B7008A5E4174FCCAD783F3C8D1CE61014AF4299527B81B9F4D6EA4DEDEE89DD042FBDB6F0ED861CD7073F59AE181C5922BF8B480F7C71E2EC6CB6EA922FBA8C7383AA72001AA4A0AF633CD82D423B880E4AA3B96921BA8CE3EAB0337BAF49F37576905D811D657E3420C8C41C9BC693ACA6C94B34102F54FB370D597A1F9C00ED602927871F79C396D778FA4C968D2CD48788196EFB9511315087B9AEB09205072CA3
+20210525004024 2 6 100 4095 2 D26A87E5A681F2A0E0231EC9449860176D2F9282C1D6E791D912B84987AAEF8BBCDE27FCC3A31FD76A78509ACB3673A0091330E077333D6682329E65ED16DAB1DC98ED93D911BCC3B63FF1271937AE5CE43688C0322530126BCC852EBA388F6B5B9AFF6808DD0B17790AD76F462EA9F0438F1E5A622C921E50A0358335806DD4A574C8117028E6DD07A42F09C3CDE7B5B9CD8914CEE9116E2F952862EFDB94F826D826C8EF15C468E80F916E09F4C411483E2C3CBDBF1CEE282F1144D17F9F681B0B238337941C1C5DEAB7DD52F0EC84A5C8B9FEEF5AA7EEA118FDF857B8BC0190C81A8D2E446E58C5F18DE1CFDD4680E04C89D421E1DEF67BC5A6FBA6B525FB06C263624A5D668A36F2254F9ADC7366544CE3A388B31675E3886801F9DFB571BA159C7D20B6175711387D696741F64FD689DC61F775028924BCCFC0197844340F61BB7EF0370B3FA53CFEEF65B4058B4CA1B25290DEB7E9ED829154430B7008A5E4174FCCAD783F3C8D1CE61014AF4299527B81B9F4D6EA4DEDEE89DD042FBDB6F0ED861CD7073F59AE181C5922BF8B480F7C71E2EC6CB6EA922FBA8C7383AA72001AA4A0AF633CD82D423B880E4AA3B96921BA8CE3EAB0337BAF49F37576905D811D657E3420C8C41C9BC693ACA6C94B34102F54FB370D597A1F9C00ED602927871F79C396D778FA4C968D2CD48788196EFB9511315087B9AEB09205780163
+20210525004148 2 6 100 4095 5 D26A87E5A681F2A0E0231EC9449860176D2F9282C1D6E791D912B84987AAEF8BBCDE27FCC3A31FD76A78509ACB3673A0091330E077333D6682329E65ED16DAB1DC98ED93D911BCC3B63FF1271937AE5CE43688C0322530126BCC852EBA388F6B5B9AFF6808DD0B17790AD76F462EA9F0438F1E5A622C921E50A0358335806DD4A574C8117028E6DD07A42F09C3CDE7B5B9CD8914CEE9116E2F952862EFDB94F826D826C8EF15C468E80F916E09F4C411483E2C3CBDBF1CEE282F1144D17F9F681B0B238337941C1C5DEAB7DD52F0EC84A5C8B9FEEF5AA7EEA118FDF857B8BC0190C81A8D2E446E58C5F18DE1CFDD4680E04C89D421E1DEF67BC5A6FBA6B525FB06C263624A5D668A36F2254F9ADC7366544CE3A388B31675E3886801F9DFB571BA159C7D20B6175711387D696741F64FD689DC61F775028924BCCFC0197844340F61BB7EF0370B3FA53CFEEF65B4058B4CA1B25290DEB7E9ED829154430B7008A5E4174FCCAD783F3C8D1CE61014AF4299527B81B9F4D6EA4DEDEE89DD042FBDB6F0ED861CD7073F59AE181C5922BF8B480F7C71E2EC6CB6EA922FBA8C7383AA72001AA4A0AF633CD82D423B880E4AA3B96921BA8CE3EAB0337BAF49F37576905D811D657E3420C8C41C9BC693ACA6C94B34102F54FB370D597A1F9C00ED602927871F79C396D778FA4C968D2CD48788196EFB9511315087B9AEB0920617E947
+20210525004457 2 6 100 4095 2 D26A87E5A681F2A0E0231EC9449860176D2F9282C1D6E791D912B84987AAEF8BBCDE27FCC3A31FD76A78509ACB3673A0091330E077333D6682329E65ED16DAB1DC98ED93D911BCC3B63FF1271937AE5CE43688C0322530126BCC852EBA388F6B5B9AFF6808DD0B17790AD76F462EA9F0438F1E5A622C921E50A0358335806DD4A574C8117028E6DD07A42F09C3CDE7B5B9CD8914CEE9116E2F952862EFDB94F826D826C8EF15C468E80F916E09F4C411483E2C3CBDBF1CEE282F1144D17F9F681B0B238337941C1C5DEAB7DD52F0EC84A5C8B9FEEF5AA7EEA118FDF857B8BC0190C81A8D2E446E58C5F18DE1CFDD4680E04C89D421E1DEF67BC5A6FBA6B525FB06C263624A5D668A36F2254F9ADC7366544CE3A388B31675E3886801F9DFB571BA159C7D20B6175711387D696741F64FD689DC61F775028924BCCFC0197844340F61BB7EF0370B3FA53CFEEF65B4058B4CA1B25290DEB7E9ED829154430B7008A5E4174FCCAD783F3C8D1CE61014AF4299527B81B9F4D6EA4DEDEE89DD042FBDB6F0ED861CD7073F59AE181C5922BF8B480F7C71E2EC6CB6EA922FBA8C7383AA72001AA4A0AF633CD82D423B880E4AA3B96921BA8CE3EAB0337BAF49F37576905D811D657E3420C8C41C9BC693ACA6C94B34102F54FB370D597A1F9C00ED602927871F79C396D778FA4C968D2CD48788196EFB9511315087B9AEB092077D9FDB
+20210525004558 2 6 100 4095 2 D26A87E5A681F2A0E0231EC9449860176D2F9282C1D6E791D912B84987AAEF8BBCDE27FCC3A31FD76A78509ACB3673A0091330E077333D6682329E65ED16DAB1DC98ED93D911BCC3B63FF1271937AE5CE43688C0322530126BCC852EBA388F6B5B9AFF6808DD0B17790AD76F462EA9F0438F1E5A622C921E50A0358335806DD4A574C8117028E6DD07A42F09C3CDE7B5B9CD8914CEE9116E2F952862EFDB94F826D826C8EF15C468E80F916E09F4C411483E2C3CBDBF1CEE282F1144D17F9F681B0B238337941C1C5DEAB7DD52F0EC84A5C8B9FEEF5AA7EEA118FDF857B8BC0190C81A8D2E446E58C5F18DE1CFDD4680E04C89D421E1DEF67BC5A6FBA6B525FB06C263624A5D668A36F2254F9ADC7366544CE3A388B31675E3886801F9DFB571BA159C7D20B6175711387D696741F64FD689DC61F775028924BCCFC0197844340F61BB7EF0370B3FA53CFEEF65B4058B4CA1B25290DEB7E9ED829154430B7008A5E4174FCCAD783F3C8D1CE61014AF4299527B81B9F4D6EA4DEDEE89DD042FBDB6F0ED861CD7073F59AE181C5922BF8B480F7C71E2EC6CB6EA922FBA8C7383AA72001AA4A0AF633CD82D423B880E4AA3B96921BA8CE3EAB0337BAF49F37576905D811D657E3420C8C41C9BC693ACA6C94B34102F54FB370D597A1F9C00ED602927871F79C396D778FA4C968D2CD48788196EFB9511315087B9AEB09207ED990B
+20210525004731 2 6 100 4095 2 D26A87E5A681F2A0E0231EC9449860176D2F9282C1D6E791D912B84987AAEF8BBCDE27FCC3A31FD76A78509ACB3673A0091330E077333D6682329E65ED16DAB1DC98ED93D911BCC3B63FF1271937AE5CE43688C0322530126BCC852EBA388F6B5B9AFF6808DD0B17790AD76F462EA9F0438F1E5A622C921E50A0358335806DD4A574C8117028E6DD07A42F09C3CDE7B5B9CD8914CEE9116E2F952862EFDB94F826D826C8EF15C468E80F916E09F4C411483E2C3CBDBF1CEE282F1144D17F9F681B0B238337941C1C5DEAB7DD52F0EC84A5C8B9FEEF5AA7EEA118FDF857B8BC0190C81A8D2E446E58C5F18DE1CFDD4680E04C89D421E1DEF67BC5A6FBA6B525FB06C263624A5D668A36F2254F9ADC7366544CE3A388B31675E3886801F9DFB571BA159C7D20B6175711387D696741F64FD689DC61F775028924BCCFC0197844340F61BB7EF0370B3FA53CFEEF65B4058B4CA1B25290DEB7E9ED829154430B7008A5E4174FCCAD783F3C8D1CE61014AF4299527B81B9F4D6EA4DEDEE89DD042FBDB6F0ED861CD7073F59AE181C5922BF8B480F7C71E2EC6CB6EA922FBA8C7383AA72001AA4A0AF633CD82D423B880E4AA3B96921BA8CE3EAB0337BAF49F37576905D811D657E3420C8C41C9BC693ACA6C94B34102F54FB370D597A1F9C00ED602927871F79C396D778FA4C968D2CD48788196EFB9511315087B9AEB092089EB6C3
+20210525004805 2 6 100 4095 2 D26A87E5A681F2A0E0231EC9449860176D2F9282C1D6E791D912B84987AAEF8BBCDE27FCC3A31FD76A78509ACB3673A0091330E077333D6682329E65ED16DAB1DC98ED93D911BCC3B63FF1271937AE5CE43688C0322530126BCC852EBA388F6B5B9AFF6808DD0B17790AD76F462EA9F0438F1E5A622C921E50A0358335806DD4A574C8117028E6DD07A42F09C3CDE7B5B9CD8914CEE9116E2F952862EFDB94F826D826C8EF15C468E80F916E09F4C411483E2C3CBDBF1CEE282F1144D17F9F681B0B238337941C1C5DEAB7DD52F0EC84A5C8B9FEEF5AA7EEA118FDF857B8BC0190C81A8D2E446E58C5F18DE1CFDD4680E04C89D421E1DEF67BC5A6FBA6B525FB06C263624A5D668A36F2254F9ADC7366544CE3A388B31675E3886801F9DFB571BA159C7D20B6175711387D696741F64FD689DC61F775028924BCCFC0197844340F61BB7EF0370B3FA53CFEEF65B4058B4CA1B25290DEB7E9ED829154430B7008A5E4174FCCAD783F3C8D1CE61014AF4299527B81B9F4D6EA4DEDEE89DD042FBDB6F0ED861CD7073F59AE181C5922BF8B480F7C71E2EC6CB6EA922FBA8C7383AA72001AA4A0AF633CD82D423B880E4AA3B96921BA8CE3EAB0337BAF49F37576905D811D657E3420C8C41C9BC693ACA6C94B34102F54FB370D597A1F9C00ED602927871F79C396D778FA4C968D2CD48788196EFB9511315087B9AEB09208D77E3B
+20210525004822 2 6 100 4095 2 D26A87E5A681F2A0E0231EC9449860176D2F9282C1D6E791D912B84987AAEF8BBCDE27FCC3A31FD76A78509ACB3673A0091330E077333D6682329E65ED16DAB1DC98ED93D911BCC3B63FF1271937AE5CE43688C0322530126BCC852EBA388F6B5B9AFF6808DD0B17790AD76F462EA9F0438F1E5A622C921E50A0358335806DD4A574C8117028E6DD07A42F09C3CDE7B5B9CD8914CEE9116E2F952862EFDB94F826D826C8EF15C468E80F916E09F4C411483E2C3CBDBF1CEE282F1144D17F9F681B0B238337941C1C5DEAB7DD52F0EC84A5C8B9FEEF5AA7EEA118FDF857B8BC0190C81A8D2E446E58C5F18DE1CFDD4680E04C89D421E1DEF67BC5A6FBA6B525FB06C263624A5D668A36F2254F9ADC7366544CE3A388B31675E3886801F9DFB571BA159C7D20B6175711387D696741F64FD689DC61F775028924BCCFC0197844340F61BB7EF0370B3FA53CFEEF65B4058B4CA1B25290DEB7E9ED829154430B7008A5E4174FCCAD783F3C8D1CE61014AF4299527B81B9F4D6EA4DEDEE89DD042FBDB6F0ED861CD7073F59AE181C5922BF8B480F7C71E2EC6CB6EA922FBA8C7383AA72001AA4A0AF633CD82D423B880E4AA3B96921BA8CE3EAB0337BAF49F37576905D811D657E3420C8C41C9BC693ACA6C94B34102F54FB370D597A1F9C00ED602927871F79C396D778FA4C968D2CD48788196EFB9511315087B9AEB09208EF6DA3
+20210525005103 2 6 100 4095 2 D26A87E5A681F2A0E0231EC9449860176D2F9282C1D6E791D912B84987AAEF8BBCDE27FCC3A31FD76A78509ACB3673A0091330E077333D6682329E65ED16DAB1DC98ED93D911BCC3B63FF1271937AE5CE43688C0322530126BCC852EBA388F6B5B9AFF6808DD0B17790AD76F462EA9F0438F1E5A622C921E50A0358335806DD4A574C8117028E6DD07A42F09C3CDE7B5B9CD8914CEE9116E2F952862EFDB94F826D826C8EF15C468E80F916E09F4C411483E2C3CBDBF1CEE282F1144D17F9F681B0B238337941C1C5DEAB7DD52F0EC84A5C8B9FEEF5AA7EEA118FDF857B8BC0190C81A8D2E446E58C5F18DE1CFDD4680E04C89D421E1DEF67BC5A6FBA6B525FB06C263624A5D668A36F2254F9ADC7366544CE3A388B31675E3886801F9DFB571BA159C7D20B6175711387D696741F64FD689DC61F775028924BCCFC0197844340F61BB7EF0370B3FA53CFEEF65B4058B4CA1B25290DEB7E9ED829154430B7008A5E4174FCCAD783F3C8D1CE61014AF4299527B81B9F4D6EA4DEDEE89DD042FBDB6F0ED861CD7073F59AE181C5922BF8B480F7C71E2EC6CB6EA922FBA8C7383AA72001AA4A0AF633CD82D423B880E4AA3B96921BA8CE3EAB0337BAF49F37576905D811D657E3420C8C41C9BC693ACA6C94B34102F54FB370D597A1F9C00ED602927871F79C396D778FA4C968D2CD48788196EFB9511315087B9AEB0920A21B82B
+20210525005232 2 6 100 4095 2 D26A87E5A681F2A0E0231EC9449860176D2F9282C1D6E791D912B84987AAEF8BBCDE27FCC3A31FD76A78509ACB3673A0091330E077333D6682329E65ED16DAB1DC98ED93D911BCC3B63FF1271937AE5CE43688C0322530126BCC852EBA388F6B5B9AFF6808DD0B17790AD76F462EA9F0438F1E5A622C921E50A0358335806DD4A574C8117028E6DD07A42F09C3CDE7B5B9CD8914CEE9116E2F952862EFDB94F826D826C8EF15C468E80F916E09F4C411483E2C3CBDBF1CEE282F1144D17F9F681B0B238337941C1C5DEAB7DD52F0EC84A5C8B9FEEF5AA7EEA118FDF857B8BC0190C81A8D2E446E58C5F18DE1CFDD4680E04C89D421E1DEF67BC5A6FBA6B525FB06C263624A5D668A36F2254F9ADC7366544CE3A388B31675E3886801F9DFB571BA159C7D20B6175711387D696741F64FD689DC61F775028924BCCFC0197844340F61BB7EF0370B3FA53CFEEF65B4058B4CA1B25290DEB7E9ED829154430B7008A5E4174FCCAD783F3C8D1CE61014AF4299527B81B9F4D6EA4DEDEE89DD042FBDB6F0ED861CD7073F59AE181C5922BF8B480F7C71E2EC6CB6EA922FBA8C7383AA72001AA4A0AF633CD82D423B880E4AA3B96921BA8CE3EAB0337BAF49F37576905D811D657E3420C8C41C9BC693ACA6C94B34102F54FB370D597A1F9C00ED602927871F79C396D778FA4C968D2CD48788196EFB9511315087B9AEB0920AC6072B
+20210525005335 2 6 100 4095 2 D26A87E5A681F2A0E0231EC9449860176D2F9282C1D6E791D912B84987AAEF8BBCDE27FCC3A31FD76A78509ACB3673A0091330E077333D6682329E65ED16DAB1DC98ED93D911BCC3B63FF1271937AE5CE43688C0322530126BCC852EBA388F6B5B9AFF6808DD0B17790AD76F462EA9F0438F1E5A622C921E50A0358335806DD4A574C8117028E6DD07A42F09C3CDE7B5B9CD8914CEE9116E2F952862EFDB94F826D826C8EF15C468E80F916E09F4C411483E2C3CBDBF1CEE282F1144D17F9F681B0B238337941C1C5DEAB7DD52F0EC84A5C8B9FEEF5AA7EEA118FDF857B8BC0190C81A8D2E446E58C5F18DE1CFDD4680E04C89D421E1DEF67BC5A6FBA6B525FB06C263624A5D668A36F2254F9ADC7366544CE3A388B31675E3886801F9DFB571BA159C7D20B6175711387D696741F64FD689DC61F775028924BCCFC0197844340F61BB7EF0370B3FA53CFEEF65B4058B4CA1B25290DEB7E9ED829154430B7008A5E4174FCCAD783F3C8D1CE61014AF4299527B81B9F4D6EA4DEDEE89DD042FBDB6F0ED861CD7073F59AE181C5922BF8B480F7C71E2EC6CB6EA922FBA8C7383AA72001AA4A0AF633CD82D423B880E4AA3B96921BA8CE3EAB0337BAF49F37576905D811D657E3420C8C41C9BC693ACA6C94B34102F54FB370D597A1F9C00ED602927871F79C396D778FA4C968D2CD48788196EFB9511315087B9AEB0920B39092B
+20210525005400 2 6 100 4095 2 D26A87E5A681F2A0E0231EC9449860176D2F9282C1D6E791D912B84987AAEF8BBCDE27FCC3A31FD76A78509ACB3673A0091330E077333D6682329E65ED16DAB1DC98ED93D911BCC3B63FF1271937AE5CE43688C0322530126BCC852EBA388F6B5B9AFF6808DD0B17790AD76F462EA9F0438F1E5A622C921E50A0358335806DD4A574C8117028E6DD07A42F09C3CDE7B5B9CD8914CEE9116E2F952862EFDB94F826D826C8EF15C468E80F916E09F4C411483E2C3CBDBF1CEE282F1144D17F9F681B0B238337941C1C5DEAB7DD52F0EC84A5C8B9FEEF5AA7EEA118FDF857B8BC0190C81A8D2E446E58C5F18DE1CFDD4680E04C89D421E1DEF67BC5A6FBA6B525FB06C263624A5D668A36F2254F9ADC7366544CE3A388B31675E3886801F9DFB571BA159C7D20B6175711387D696741F64FD689DC61F775028924BCCFC0197844340F61BB7EF0370B3FA53CFEEF65B4058B4CA1B25290DEB7E9ED829154430B7008A5E4174FCCAD783F3C8D1CE61014AF4299527B81B9F4D6EA4DEDEE89DD042FBDB6F0ED861CD7073F59AE181C5922BF8B480F7C71E2EC6CB6EA922FBA8C7383AA72001AA4A0AF633CD82D423B880E4AA3B96921BA8CE3EAB0337BAF49F37576905D811D657E3420C8C41C9BC693ACA6C94B34102F54FB370D597A1F9C00ED602927871F79C396D778FA4C968D2CD48788196EFB9511315087B9AEB0920B611A73
+20210525005804 2 6 100 4095 5 D26A87E5A681F2A0E0231EC9449860176D2F9282C1D6E791D912B84987AAEF8BBCDE27FCC3A31FD76A78509ACB3673A0091330E077333D6682329E65ED16DAB1DC98ED93D911BCC3B63FF1271937AE5CE43688C0322530126BCC852EBA388F6B5B9AFF6808DD0B17790AD76F462EA9F0438F1E5A622C921E50A0358335806DD4A574C8117028E6DD07A42F09C3CDE7B5B9CD8914CEE9116E2F952862EFDB94F826D826C8EF15C468E80F916E09F4C411483E2C3CBDBF1CEE282F1144D17F9F681B0B238337941C1C5DEAB7DD52F0EC84A5C8B9FEEF5AA7EEA118FDF857B8BC0190C81A8D2E446E58C5F18DE1CFDD4680E04C89D421E1DEF67BC5A6FBA6B525FB06C263624A5D668A36F2254F9ADC7366544CE3A388B31675E3886801F9DFB571BA159C7D20B6175711387D696741F64FD689DC61F775028924BCCFC0197844340F61BB7EF0370B3FA53CFEEF65B4058B4CA1B25290DEB7E9ED829154430B7008A5E4174FCCAD783F3C8D1CE61014AF4299527B81B9F4D6EA4DEDEE89DD042FBDB6F0ED861CD7073F59AE181C5922BF8B480F7C71E2EC6CB6EA922FBA8C7383AA72001AA4A0AF633CD82D423B880E4AA3B96921BA8CE3EAB0337BAF49F37576905D811D657E3420C8C41C9BC693ACA6C94B34102F54FB370D597A1F9C00ED602927871F79C396D778FA4C968D2CD48788196EFB9511315087B9AEB0920D2EF2A7
+20210525005836 2 6 100 4095 5 D26A87E5A681F2A0E0231EC9449860176D2F9282C1D6E791D912B84987AAEF8BBCDE27FCC3A31FD76A78509ACB3673A0091330E077333D6682329E65ED16DAB1DC98ED93D911BCC3B63FF1271937AE5CE43688C0322530126BCC852EBA388F6B5B9AFF6808DD0B17790AD76F462EA9F0438F1E5A622C921E50A0358335806DD4A574C8117028E6DD07A42F09C3CDE7B5B9CD8914CEE9116E2F952862EFDB94F826D826C8EF15C468E80F916E09F4C411483E2C3CBDBF1CEE282F1144D17F9F681B0B238337941C1C5DEAB7DD52F0EC84A5C8B9FEEF5AA7EEA118FDF857B8BC0190C81A8D2E446E58C5F18DE1CFDD4680E04C89D421E1DEF67BC5A6FBA6B525FB06C263624A5D668A36F2254F9ADC7366544CE3A388B31675E3886801F9DFB571BA159C7D20B6175711387D696741F64FD689DC61F775028924BCCFC0197844340F61BB7EF0370B3FA53CFEEF65B4058B4CA1B25290DEB7E9ED829154430B7008A5E4174FCCAD783F3C8D1CE61014AF4299527B81B9F4D6EA4DEDEE89DD042FBDB6F0ED861CD7073F59AE181C5922BF8B480F7C71E2EC6CB6EA922FBA8C7383AA72001AA4A0AF633CD82D423B880E4AA3B96921BA8CE3EAB0337BAF49F37576905D811D657E3420C8C41C9BC693ACA6C94B34102F54FB370D597A1F9C00ED602927871F79C396D778FA4C968D2CD48788196EFB9511315087B9AEB0920D66062F
+20210525010525 2 6 100 4095 5 D26A87E5A681F2A0E0231EC9449860176D2F9282C1D6E791D912B84987AAEF8BBCDE27FCC3A31FD76A78509ACB3673A0091330E077333D6682329E65ED16DAB1DC98ED93D911BCC3B63FF1271937AE5CE43688C0322530126BCC852EBA388F6B5B9AFF6808DD0B17790AD76F462EA9F0438F1E5A622C921E50A0358335806DD4A574C8117028E6DD07A42F09C3CDE7B5B9CD8914CEE9116E2F952862EFDB94F826D826C8EF15C468E80F916E09F4C411483E2C3CBDBF1CEE282F1144D17F9F681B0B238337941C1C5DEAB7DD52F0EC84A5C8B9FEEF5AA7EEA118FDF857B8BC0190C81A8D2E446E58C5F18DE1CFDD4680E04C89D421E1DEF67BC5A6FBA6B525FB06C263624A5D668A36F2254F9ADC7366544CE3A388B31675E3886801F9DFB571BA159C7D20B6175711387D696741F64FD689DC61F775028924BCCFC0197844340F61BB7EF0370B3FA53CFEEF65B4058B4CA1B25290DEB7E9ED829154430B7008A5E4174FCCAD783F3C8D1CE61014AF4299527B81B9F4D6EA4DEDEE89DD042FBDB6F0ED861CD7073F59AE181C5922BF8B480F7C71E2EC6CB6EA922FBA8C7383AA72001AA4A0AF633CD82D423B880E4AA3B96921BA8CE3EAB0337BAF49F37576905D811D657E3420C8C41C9BC693ACA6C94B34102F54FB370D597A1F9C00ED602927871F79C396D778FA4C968D2CD48788196EFB9511315087B9AEB0921066C17F
+20210525010559 2 6 100 4095 2 D26A87E5A681F2A0E0231EC9449860176D2F9282C1D6E791D912B84987AAEF8BBCDE27FCC3A31FD76A78509ACB3673A0091330E077333D6682329E65ED16DAB1DC98ED93D911BCC3B63FF1271937AE5CE43688C0322530126BCC852EBA388F6B5B9AFF6808DD0B17790AD76F462EA9F0438F1E5A622C921E50A0358335806DD4A574C8117028E6DD07A42F09C3CDE7B5B9CD8914CEE9116E2F952862EFDB94F826D826C8EF15C468E80F916E09F4C411483E2C3CBDBF1CEE282F1144D17F9F681B0B238337941C1C5DEAB7DD52F0EC84A5C8B9FEEF5AA7EEA118FDF857B8BC0190C81A8D2E446E58C5F18DE1CFDD4680E04C89D421E1DEF67BC5A6FBA6B525FB06C263624A5D668A36F2254F9ADC7366544CE3A388B31675E3886801F9DFB571BA159C7D20B6175711387D696741F64FD689DC61F775028924BCCFC0197844340F61BB7EF0370B3FA53CFEEF65B4058B4CA1B25290DEB7E9ED829154430B7008A5E4174FCCAD783F3C8D1CE61014AF4299527B81B9F4D6EA4DEDEE89DD042FBDB6F0ED861CD7073F59AE181C5922BF8B480F7C71E2EC6CB6EA922FBA8C7383AA72001AA4A0AF633CD82D423B880E4AA3B96921BA8CE3EAB0337BAF49F37576905D811D657E3420C8C41C9BC693ACA6C94B34102F54FB370D597A1F9C00ED602927871F79C396D778FA4C968D2CD48788196EFB9511315087B9AEB09210A11893
+20210525010655 2 6 100 4095 2 D26A87E5A681F2A0E0231EC9449860176D2F9282C1D6E791D912B84987AAEF8BBCDE27FCC3A31FD76A78509ACB3673A0091330E077333D6682329E65ED16DAB1DC98ED93D911BCC3B63FF1271937AE5CE43688C0322530126BCC852EBA388F6B5B9AFF6808DD0B17790AD76F462EA9F0438F1E5A622C921E50A0358335806DD4A574C8117028E6DD07A42F09C3CDE7B5B9CD8914CEE9116E2F952862EFDB94F826D826C8EF15C468E80F916E09F4C411483E2C3CBDBF1CEE282F1144D17F9F681B0B238337941C1C5DEAB7DD52F0EC84A5C8B9FEEF5AA7EEA118FDF857B8BC0190C81A8D2E446E58C5F18DE1CFDD4680E04C89D421E1DEF67BC5A6FBA6B525FB06C263624A5D668A36F2254F9ADC7366544CE3A388B31675E3886801F9DFB571BA159C7D20B6175711387D696741F64FD689DC61F775028924BCCFC0197844340F61BB7EF0370B3FA53CFEEF65B4058B4CA1B25290DEB7E9ED829154430B7008A5E4174FCCAD783F3C8D1CE61014AF4299527B81B9F4D6EA4DEDEE89DD042FBDB6F0ED861CD7073F59AE181C5922BF8B480F7C71E2EC6CB6EA922FBA8C7383AA72001AA4A0AF633CD82D423B880E4AA3B96921BA8CE3EAB0337BAF49F37576905D811D657E3420C8C41C9BC693ACA6C94B34102F54FB370D597A1F9C00ED602927871F79C396D778FA4C968D2CD48788196EFB9511315087B9AEB0921101CC03
+20210525010715 2 6 100 4095 5 D26A87E5A681F2A0E0231EC9449860176D2F9282C1D6E791D912B84987AAEF8BBCDE27FCC3A31FD76A78509ACB3673A0091330E077333D6682329E65ED16DAB1DC98ED93D911BCC3B63FF1271937AE5CE43688C0322530126BCC852EBA388F6B5B9AFF6808DD0B17790AD76F462EA9F0438F1E5A622C921E50A0358335806DD4A574C8117028E6DD07A42F09C3CDE7B5B9CD8914CEE9116E2F952862EFDB94F826D826C8EF15C468E80F916E09F4C411483E2C3CBDBF1CEE282F1144D17F9F681B0B238337941C1C5DEAB7DD52F0EC84A5C8B9FEEF5AA7EEA118FDF857B8BC0190C81A8D2E446E58C5F18DE1CFDD4680E04C89D421E1DEF67BC5A6FBA6B525FB06C263624A5D668A36F2254F9ADC7366544CE3A388B31675E3886801F9DFB571BA159C7D20B6175711387D696741F64FD689DC61F775028924BCCFC0197844340F61BB7EF0370B3FA53CFEEF65B4058B4CA1B25290DEB7E9ED829154430B7008A5E4174FCCAD783F3C8D1CE61014AF4299527B81B9F4D6EA4DEDEE89DD042FBDB6F0ED861CD7073F59AE181C5922BF8B480F7C71E2EC6CB6EA922FBA8C7383AA72001AA4A0AF633CD82D423B880E4AA3B96921BA8CE3EAB0337BAF49F37576905D811D657E3420C8C41C9BC693ACA6C94B34102F54FB370D597A1F9C00ED602927871F79C396D778FA4C968D2CD48788196EFB9511315087B9AEB092111F033F
+20210525011027 2 6 100 4095 2 D26A87E5A681F2A0E0231EC9449860176D2F9282C1D6E791D912B84987AAEF8BBCDE27FCC3A31FD76A78509ACB3673A0091330E077333D6682329E65ED16DAB1DC98ED93D911BCC3B63FF1271937AE5CE43688C0322530126BCC852EBA388F6B5B9AFF6808DD0B17790AD76F462EA9F0438F1E5A622C921E50A0358335806DD4A574C8117028E6DD07A42F09C3CDE7B5B9CD8914CEE9116E2F952862EFDB94F826D826C8EF15C468E80F916E09F4C411483E2C3CBDBF1CEE282F1144D17F9F681B0B238337941C1C5DEAB7DD52F0EC84A5C8B9FEEF5AA7EEA118FDF857B8BC0190C81A8D2E446E58C5F18DE1CFDD4680E04C89D421E1DEF67BC5A6FBA6B525FB06C263624A5D668A36F2254F9ADC7366544CE3A388B31675E3886801F9DFB571BA159C7D20B6175711387D696741F64FD689DC61F775028924BCCFC0197844340F61BB7EF0370B3FA53CFEEF65B4058B4CA1B25290DEB7E9ED829154430B7008A5E4174FCCAD783F3C8D1CE61014AF4299527B81B9F4D6EA4DEDEE89DD042FBDB6F0ED861CD7073F59AE181C5922BF8B480F7C71E2EC6CB6EA922FBA8C7383AA72001AA4A0AF633CD82D423B880E4AA3B96921BA8CE3EAB0337BAF49F37576905D811D657E3420C8C41C9BC693ACA6C94B34102F54FB370D597A1F9C00ED602927871F79C396D778FA4C968D2CD48788196EFB9511315087B9AEB0921284AEC3
+20210525011247 2 6 100 4095 5 D26A87E5A681F2A0E0231EC9449860176D2F9282C1D6E791D912B84987AAEF8BBCDE27FCC3A31FD76A78509ACB3673A0091330E077333D6682329E65ED16DAB1DC98ED93D911BCC3B63FF1271937AE5CE43688C0322530126BCC852EBA388F6B5B9AFF6808DD0B17790AD76F462EA9F0438F1E5A622C921E50A0358335806DD4A574C8117028E6DD07A42F09C3CDE7B5B9CD8914CEE9116E2F952862EFDB94F826D826C8EF15C468E80F916E09F4C411483E2C3CBDBF1CEE282F1144D17F9F681B0B238337941C1C5DEAB7DD52F0EC84A5C8B9FEEF5AA7EEA118FDF857B8BC0190C81A8D2E446E58C5F18DE1CFDD4680E04C89D421E1DEF67BC5A6FBA6B525FB06C263624A5D668A36F2254F9ADC7366544CE3A388B31675E3886801F9DFB571BA159C7D20B6175711387D696741F64FD689DC61F775028924BCCFC0197844340F61BB7EF0370B3FA53CFEEF65B4058B4CA1B25290DEB7E9ED829154430B7008A5E4174FCCAD783F3C8D1CE61014AF4299527B81B9F4D6EA4DEDEE89DD042FBDB6F0ED861CD7073F59AE181C5922BF8B480F7C71E2EC6CB6EA922FBA8C7383AA72001AA4A0AF633CD82D423B880E4AA3B96921BA8CE3EAB0337BAF49F37576905D811D657E3420C8C41C9BC693ACA6C94B34102F54FB370D597A1F9C00ED602927871F79C396D778FA4C968D2CD48788196EFB9511315087B9AEB092138697D7
+20210525011345 2 6 100 4095 2 D26A87E5A681F2A0E0231EC9449860176D2F9282C1D6E791D912B84987AAEF8BBCDE27FCC3A31FD76A78509ACB3673A0091330E077333D6682329E65ED16DAB1DC98ED93D911BCC3B63FF1271937AE5CE43688C0322530126BCC852EBA388F6B5B9AFF6808DD0B17790AD76F462EA9F0438F1E5A622C921E50A0358335806DD4A574C8117028E6DD07A42F09C3CDE7B5B9CD8914CEE9116E2F952862EFDB94F826D826C8EF15C468E80F916E09F4C411483E2C3CBDBF1CEE282F1144D17F9F681B0B238337941C1C5DEAB7DD52F0EC84A5C8B9FEEF5AA7EEA118FDF857B8BC0190C81A8D2E446E58C5F18DE1CFDD4680E04C89D421E1DEF67BC5A6FBA6B525FB06C263624A5D668A36F2254F9ADC7366544CE3A388B31675E3886801F9DFB571BA159C7D20B6175711387D696741F64FD689DC61F775028924BCCFC0197844340F61BB7EF0370B3FA53CFEEF65B4058B4CA1B25290DEB7E9ED829154430B7008A5E4174FCCAD783F3C8D1CE61014AF4299527B81B9F4D6EA4DEDEE89DD042FBDB6F0ED861CD7073F59AE181C5922BF8B480F7C71E2EC6CB6EA922FBA8C7383AA72001AA4A0AF633CD82D423B880E4AA3B96921BA8CE3EAB0337BAF49F37576905D811D657E3420C8C41C9BC693ACA6C94B34102F54FB370D597A1F9C00ED602927871F79C396D778FA4C968D2CD48788196EFB9511315087B9AEB09213EAC66B
+20210525011758 2 6 100 4095 5 D26A87E5A681F2A0E0231EC9449860176D2F9282C1D6E791D912B84987AAEF8BBCDE27FCC3A31FD76A78509ACB3673A0091330E077333D6682329E65ED16DAB1DC98ED93D911BCC3B63FF1271937AE5CE43688C0322530126BCC852EBA388F6B5B9AFF6808DD0B17790AD76F462EA9F0438F1E5A622C921E50A0358335806DD4A574C8117028E6DD07A42F09C3CDE7B5B9CD8914CEE9116E2F952862EFDB94F826D826C8EF15C468E80F916E09F4C411483E2C3CBDBF1CEE282F1144D17F9F681B0B238337941C1C5DEAB7DD52F0EC84A5C8B9FEEF5AA7EEA118FDF857B8BC0190C81A8D2E446E58C5F18DE1CFDD4680E04C89D421E1DEF67BC5A6FBA6B525FB06C263624A5D668A36F2254F9ADC7366544CE3A388B31675E3886801F9DFB571BA159C7D20B6175711387D696741F64FD689DC61F775028924BCCFC0197844340F61BB7EF0370B3FA53CFEEF65B4058B4CA1B25290DEB7E9ED829154430B7008A5E4174FCCAD783F3C8D1CE61014AF4299527B81B9F4D6EA4DEDEE89DD042FBDB6F0ED861CD7073F59AE181C5922BF8B480F7C71E2EC6CB6EA922FBA8C7383AA72001AA4A0AF633CD82D423B880E4AA3B96921BA8CE3EAB0337BAF49F37576905D811D657E3420C8C41C9BC693ACA6C94B34102F54FB370D597A1F9C00ED602927871F79C396D778FA4C968D2CD48788196EFB9511315087B9AEB09215CA5E7F
+20210525011827 2 6 100 4095 2 D26A87E5A681F2A0E0231EC9449860176D2F9282C1D6E791D912B84987AAEF8BBCDE27FCC3A31FD76A78509ACB3673A0091330E077333D6682329E65ED16DAB1DC98ED93D911BCC3B63FF1271937AE5CE43688C0322530126BCC852EBA388F6B5B9AFF6808DD0B17790AD76F462EA9F0438F1E5A622C921E50A0358335806DD4A574C8117028E6DD07A42F09C3CDE7B5B9CD8914CEE9116E2F952862EFDB94F826D826C8EF15C468E80F916E09F4C411483E2C3CBDBF1CEE282F1144D17F9F681B0B238337941C1C5DEAB7DD52F0EC84A5C8B9FEEF5AA7EEA118FDF857B8BC0190C81A8D2E446E58C5F18DE1CFDD4680E04C89D421E1DEF67BC5A6FBA6B525FB06C263624A5D668A36F2254F9ADC7366544CE3A388B31675E3886801F9DFB571BA159C7D20B6175711387D696741F64FD689DC61F775028924BCCFC0197844340F61BB7EF0370B3FA53CFEEF65B4058B4CA1B25290DEB7E9ED829154430B7008A5E4174FCCAD783F3C8D1CE61014AF4299527B81B9F4D6EA4DEDEE89DD042FBDB6F0ED861CD7073F59AE181C5922BF8B480F7C71E2EC6CB6EA922FBA8C7383AA72001AA4A0AF633CD82D423B880E4AA3B96921BA8CE3EAB0337BAF49F37576905D811D657E3420C8C41C9BC693ACA6C94B34102F54FB370D597A1F9C00ED602927871F79C396D778FA4C968D2CD48788196EFB9511315087B9AEB09215F9F6DB
+20210525011950 2 6 100 4095 2 D26A87E5A681F2A0E0231EC9449860176D2F9282C1D6E791D912B84987AAEF8BBCDE27FCC3A31FD76A78509ACB3673A0091330E077333D6682329E65ED16DAB1DC98ED93D911BCC3B63FF1271937AE5CE43688C0322530126BCC852EBA388F6B5B9AFF6808DD0B17790AD76F462EA9F0438F1E5A622C921E50A0358335806DD4A574C8117028E6DD07A42F09C3CDE7B5B9CD8914CEE9116E2F952862EFDB94F826D826C8EF15C468E80F916E09F4C411483E2C3CBDBF1CEE282F1144D17F9F681B0B238337941C1C5DEAB7DD52F0EC84A5C8B9FEEF5AA7EEA118FDF857B8BC0190C81A8D2E446E58C5F18DE1CFDD4680E04C89D421E1DEF67BC5A6FBA6B525FB06C263624A5D668A36F2254F9ADC7366544CE3A388B31675E3886801F9DFB571BA159C7D20B6175711387D696741F64FD689DC61F775028924BCCFC0197844340F61BB7EF0370B3FA53CFEEF65B4058B4CA1B25290DEB7E9ED829154430B7008A5E4174FCCAD783F3C8D1CE61014AF4299527B81B9F4D6EA4DEDEE89DD042FBDB6F0ED861CD7073F59AE181C5922BF8B480F7C71E2EC6CB6EA922FBA8C7383AA72001AA4A0AF633CD82D423B880E4AA3B96921BA8CE3EAB0337BAF49F37576905D811D657E3420C8C41C9BC693ACA6C94B34102F54FB370D597A1F9C00ED602927871F79C396D778FA4C968D2CD48788196EFB9511315087B9AEB092168F25FB
+20210525012059 2 6 100 4095 2 D26A87E5A681F2A0E0231EC9449860176D2F9282C1D6E791D912B84987AAEF8BBCDE27FCC3A31FD76A78509ACB3673A0091330E077333D6682329E65ED16DAB1DC98ED93D911BCC3B63FF1271937AE5CE43688C0322530126BCC852EBA388F6B5B9AFF6808DD0B17790AD76F462EA9F0438F1E5A622C921E50A0358335806DD4A574C8117028E6DD07A42F09C3CDE7B5B9CD8914CEE9116E2F952862EFDB94F826D826C8EF15C468E80F916E09F4C411483E2C3CBDBF1CEE282F1144D17F9F681B0B238337941C1C5DEAB7DD52F0EC84A5C8B9FEEF5AA7EEA118FDF857B8BC0190C81A8D2E446E58C5F18DE1CFDD4680E04C89D421E1DEF67BC5A6FBA6B525FB06C263624A5D668A36F2254F9ADC7366544CE3A388B31675E3886801F9DFB571BA159C7D20B6175711387D696741F64FD689DC61F775028924BCCFC0197844340F61BB7EF0370B3FA53CFEEF65B4058B4CA1B25290DEB7E9ED829154430B7008A5E4174FCCAD783F3C8D1CE61014AF4299527B81B9F4D6EA4DEDEE89DD042FBDB6F0ED861CD7073F59AE181C5922BF8B480F7C71E2EC6CB6EA922FBA8C7383AA72001AA4A0AF633CD82D423B880E4AA3B96921BA8CE3EAB0337BAF49F37576905D811D657E3420C8C41C9BC693ACA6C94B34102F54FB370D597A1F9C00ED602927871F79C396D778FA4C968D2CD48788196EFB9511315087B9AEB09217019A9B
+20210525012441 2 6 100 4095 5 D26A87E5A681F2A0E0231EC9449860176D2F9282C1D6E791D912B84987AAEF8BBCDE27FCC3A31FD76A78509ACB3673A0091330E077333D6682329E65ED16DAB1DC98ED93D911BCC3B63FF1271937AE5CE43688C0322530126BCC852EBA388F6B5B9AFF6808DD0B17790AD76F462EA9F0438F1E5A622C921E50A0358335806DD4A574C8117028E6DD07A42F09C3CDE7B5B9CD8914CEE9116E2F952862EFDB94F826D826C8EF15C468E80F916E09F4C411483E2C3CBDBF1CEE282F1144D17F9F681B0B238337941C1C5DEAB7DD52F0EC84A5C8B9FEEF5AA7EEA118FDF857B8BC0190C81A8D2E446E58C5F18DE1CFDD4680E04C89D421E1DEF67BC5A6FBA6B525FB06C263624A5D668A36F2254F9ADC7366544CE3A388B31675E3886801F9DFB571BA159C7D20B6175711387D696741F64FD689DC61F775028924BCCFC0197844340F61BB7EF0370B3FA53CFEEF65B4058B4CA1B25290DEB7E9ED829154430B7008A5E4174FCCAD783F3C8D1CE61014AF4299527B81B9F4D6EA4DEDEE89DD042FBDB6F0ED861CD7073F59AE181C5922BF8B480F7C71E2EC6CB6EA922FBA8C7383AA72001AA4A0AF633CD82D423B880E4AA3B96921BA8CE3EAB0337BAF49F37576905D811D657E3420C8C41C9BC693ACA6C94B34102F54FB370D597A1F9C00ED602927871F79C396D778FA4C968D2CD48788196EFB9511315087B9AEB092189F6357
+20210525012731 2 6 100 4095 2 D26A87E5A681F2A0E0231EC9449860176D2F9282C1D6E791D912B84987AAEF8BBCDE27FCC3A31FD76A78509ACB3673A0091330E077333D6682329E65ED16DAB1DC98ED93D911BCC3B63FF1271937AE5CE43688C0322530126BCC852EBA388F6B5B9AFF6808DD0B17790AD76F462EA9F0438F1E5A622C921E50A0358335806DD4A574C8117028E6DD07A42F09C3CDE7B5B9CD8914CEE9116E2F952862EFDB94F826D826C8EF15C468E80F916E09F4C411483E2C3CBDBF1CEE282F1144D17F9F681B0B238337941C1C5DEAB7DD52F0EC84A5C8B9FEEF5AA7EEA118FDF857B8BC0190C81A8D2E446E58C5F18DE1CFDD4680E04C89D421E1DEF67BC5A6FBA6B525FB06C263624A5D668A36F2254F9ADC7366544CE3A388B31675E3886801F9DFB571BA159C7D20B6175711387D696741F64FD689DC61F775028924BCCFC0197844340F61BB7EF0370B3FA53CFEEF65B4058B4CA1B25290DEB7E9ED829154430B7008A5E4174FCCAD783F3C8D1CE61014AF4299527B81B9F4D6EA4DEDEE89DD042FBDB6F0ED861CD7073F59AE181C5922BF8B480F7C71E2EC6CB6EA922FBA8C7383AA72001AA4A0AF633CD82D423B880E4AA3B96921BA8CE3EAB0337BAF49F37576905D811D657E3420C8C41C9BC693ACA6C94B34102F54FB370D597A1F9C00ED602927871F79C396D778FA4C968D2CD48788196EFB9511315087B9AEB09219DE687B
+20210525012806 2 6 100 4095 5 D26A87E5A681F2A0E0231EC9449860176D2F9282C1D6E791D912B84987AAEF8BBCDE27FCC3A31FD76A78509ACB3673A0091330E077333D6682329E65ED16DAB1DC98ED93D911BCC3B63FF1271937AE5CE43688C0322530126BCC852EBA388F6B5B9AFF6808DD0B17790AD76F462EA9F0438F1E5A622C921E50A0358335806DD4A574C8117028E6DD07A42F09C3CDE7B5B9CD8914CEE9116E2F952862EFDB94F826D826C8EF15C468E80F916E09F4C411483E2C3CBDBF1CEE282F1144D17F9F681B0B238337941C1C5DEAB7DD52F0EC84A5C8B9FEEF5AA7EEA118FDF857B8BC0190C81A8D2E446E58C5F18DE1CFDD4680E04C89D421E1DEF67BC5A6FBA6B525FB06C263624A5D668A36F2254F9ADC7366544CE3A388B31675E3886801F9DFB571BA159C7D20B6175711387D696741F64FD689DC61F775028924BCCFC0197844340F61BB7EF0370B3FA53CFEEF65B4058B4CA1B25290DEB7E9ED829154430B7008A5E4174FCCAD783F3C8D1CE61014AF4299527B81B9F4D6EA4DEDEE89DD042FBDB6F0ED861CD7073F59AE181C5922BF8B480F7C71E2EC6CB6EA922FBA8C7383AA72001AA4A0AF633CD82D423B880E4AA3B96921BA8CE3EAB0337BAF49F37576905D811D657E3420C8C41C9BC693ACA6C94B34102F54FB370D597A1F9C00ED602927871F79C396D778FA4C968D2CD48788196EFB9511315087B9AEB0921A19486F
+20210525012959 2 6 100 4095 2 D26A87E5A681F2A0E0231EC9449860176D2F9282C1D6E791D912B84987AAEF8BBCDE27FCC3A31FD76A78509ACB3673A0091330E077333D6682329E65ED16DAB1DC98ED93D911BCC3B63FF1271937AE5CE43688C0322530126BCC852EBA388F6B5B9AFF6808DD0B17790AD76F462EA9F0438F1E5A622C921E50A0358335806DD4A574C8117028E6DD07A42F09C3CDE7B5B9CD8914CEE9116E2F952862EFDB94F826D826C8EF15C468E80F916E09F4C411483E2C3CBDBF1CEE282F1144D17F9F681B0B238337941C1C5DEAB7DD52F0EC84A5C8B9FEEF5AA7EEA118FDF857B8BC0190C81A8D2E446E58C5F18DE1CFDD4680E04C89D421E1DEF67BC5A6FBA6B525FB06C263624A5D668A36F2254F9ADC7366544CE3A388B31675E3886801F9DFB571BA159C7D20B6175711387D696741F64FD689DC61F775028924BCCFC0197844340F61BB7EF0370B3FA53CFEEF65B4058B4CA1B25290DEB7E9ED829154430B7008A5E4174FCCAD783F3C8D1CE61014AF4299527B81B9F4D6EA4DEDEE89DD042FBDB6F0ED861CD7073F59AE181C5922BF8B480F7C71E2EC6CB6EA922FBA8C7383AA72001AA4A0AF633CD82D423B880E4AA3B96921BA8CE3EAB0337BAF49F37576905D811D657E3420C8C41C9BC693ACA6C94B34102F54FB370D597A1F9C00ED602927871F79C396D778FA4C968D2CD48788196EFB9511315087B9AEB0921AE8C22B
+20210525013036 2 6 100 4095 2 D26A87E5A681F2A0E0231EC9449860176D2F9282C1D6E791D912B84987AAEF8BBCDE27FCC3A31FD76A78509ACB3673A0091330E077333D6682329E65ED16DAB1DC98ED93D911BCC3B63FF1271937AE5CE43688C0322530126BCC852EBA388F6B5B9AFF6808DD0B17790AD76F462EA9F0438F1E5A622C921E50A0358335806DD4A574C8117028E6DD07A42F09C3CDE7B5B9CD8914CEE9116E2F952862EFDB94F826D826C8EF15C468E80F916E09F4C411483E2C3CBDBF1CEE282F1144D17F9F681B0B238337941C1C5DEAB7DD52F0EC84A5C8B9FEEF5AA7EEA118FDF857B8BC0190C81A8D2E446E58C5F18DE1CFDD4680E04C89D421E1DEF67BC5A6FBA6B525FB06C263624A5D668A36F2254F9ADC7366544CE3A388B31675E3886801F9DFB571BA159C7D20B6175711387D696741F64FD689DC61F775028924BCCFC0197844340F61BB7EF0370B3FA53CFEEF65B4058B4CA1B25290DEB7E9ED829154430B7008A5E4174FCCAD783F3C8D1CE61014AF4299527B81B9F4D6EA4DEDEE89DD042FBDB6F0ED861CD7073F59AE181C5922BF8B480F7C71E2EC6CB6EA922FBA8C7383AA72001AA4A0AF633CD82D423B880E4AA3B96921BA8CE3EAB0337BAF49F37576905D811D657E3420C8C41C9BC693ACA6C94B34102F54FB370D597A1F9C00ED602927871F79C396D778FA4C968D2CD48788196EFB9511315087B9AEB0921B277E7B
+20210525013100 2 6 100 4095 2 D26A87E5A681F2A0E0231EC9449860176D2F9282C1D6E791D912B84987AAEF8BBCDE27FCC3A31FD76A78509ACB3673A0091330E077333D6682329E65ED16DAB1DC98ED93D911BCC3B63FF1271937AE5CE43688C0322530126BCC852EBA388F6B5B9AFF6808DD0B17790AD76F462EA9F0438F1E5A622C921E50A0358335806DD4A574C8117028E6DD07A42F09C3CDE7B5B9CD8914CEE9116E2F952862EFDB94F826D826C8EF15C468E80F916E09F4C411483E2C3CBDBF1CEE282F1144D17F9F681B0B238337941C1C5DEAB7DD52F0EC84A5C8B9FEEF5AA7EEA118FDF857B8BC0190C81A8D2E446E58C5F18DE1CFDD4680E04C89D421E1DEF67BC5A6FBA6B525FB06C263624A5D668A36F2254F9ADC7366544CE3A388B31675E3886801F9DFB571BA159C7D20B6175711387D696741F64FD689DC61F775028924BCCFC0197844340F61BB7EF0370B3FA53CFEEF65B4058B4CA1B25290DEB7E9ED829154430B7008A5E4174FCCAD783F3C8D1CE61014AF4299527B81B9F4D6EA4DEDEE89DD042FBDB6F0ED861CD7073F59AE181C5922BF8B480F7C71E2EC6CB6EA922FBA8C7383AA72001AA4A0AF633CD82D423B880E4AA3B96921BA8CE3EAB0337BAF49F37576905D811D657E3420C8C41C9BC693ACA6C94B34102F54FB370D597A1F9C00ED602927871F79C396D778FA4C968D2CD48788196EFB9511315087B9AEB0921B4B1893
+20210525015106 2 6 100 6143 2 CAED937BA3084DFE7B4C1B59AC23C7EA9F28E677B8AFA536E9079DECED93EDAAEFB2C757F9E7AE4E90C4C68C8C937CAA8A0FB92A36FBBD24F777D579E264E8750B365A59AF83C5925262981B301C94CA57CE2A4825438EE089B2E0A5A8D90B51B7DB6044383542685F2D543030403741A6337C0280866A08D15BBFF32D9326073E6F8BAE510E66CF5A5DC6C7D96EFA13984EA383224CD59C7F8A49BA170EBD0BCF896FAD0FD67AB88D4D25CC81D29FFB7062328C9BA3BCD7EB107B74FAC05412D7677C058604F544B2EE8548E9372064C0CEB79BADEF8755F86E8DC894BD043DE697ECE323D624156B731D99C12FD1F42BB2FCADF8CFFEAB8DB59F9CB5843C1A01018DB3E415B4BF00D7F3F20FAAD86938C6B3061BC2A4ED0D18FAD01B1E53D0C8D41D208189D6E341E167B4B975236701B76C72097A34AAC46F4781185A7A63E4FB4A3CDDAB793EE4DFBA3D57481AF41ACD06A45F8D59D33FEBABCD3B98675A9C3F54B0AB42CFCABCA47021C709867AB12F830C4E93AE48AE5EBDD109E3F672AAE6A2EFFEAF07648D3110EE52627D44C8EA35482502C1CDC7B655F4D4A5E7DA1A064E138D00A9CC85DA5E833221AC5FF62F7871B53A8CE279AD441A5795D092F257C9BD2A871D098B3583ED9876342351C063BC2EA9FF111D245FE68A6A087B9E0B7AB0C47F2C6BD98A5CB4DFC57B71A1CF13A83308DA1E3BEB572AFDA9B88F05CCE1DBE359A44E849CAE4AB6196262877B119EDF241326C0F523ACF04DDF90601DC0D4107B935444D5C9E019B340227A386996D071BAA64D62FA049F285F12366ACDD439FCD3D0BAF9C37519177AAC6CF3B6986BAB5F68BDC9FB6E3B82FA157BE36D452FC0EDC4CDB95F9677F97C0F98725F275EAE0FF15C53957D1EFA9CABCE7B68FC186F117C40C5D24BD982A7F21AD6FE4A9CAC6C763FB68DD0B1C725E5DBC4522B86A42B02E3F5E704595977829607FDEB0922C497A9A93F327FA921D8BFBCD9C18272506A1A9F23171787FCBA72E4670C857D089DB5A22AE801EEBD567D48D697EBF25E6183374FC4C47C1747C3F69E650333F6F7ABEB3081BF2FBF4B
+20210525015719 2 6 100 6143 5 CAED937BA3084DFE7B4C1B59AC23C7EA9F28E677B8AFA536E9079DECED93EDAAEFB2C757F9E7AE4E90C4C68C8C937CAA8A0FB92A36FBBD24F777D579E264E8750B365A59AF83C5925262981B301C94CA57CE2A4825438EE089B2E0A5A8D90B51B7DB6044383542685F2D543030403741A6337C0280866A08D15BBFF32D9326073E6F8BAE510E66CF5A5DC6C7D96EFA13984EA383224CD59C7F8A49BA170EBD0BCF896FAD0FD67AB88D4D25CC81D29FFB7062328C9BA3BCD7EB107B74FAC05412D7677C058604F544B2EE8548E9372064C0CEB79BADEF8755F86E8DC894BD043DE697ECE323D624156B731D99C12FD1F42BB2FCADF8CFFEAB8DB59F9CB5843C1A01018DB3E415B4BF00D7F3F20FAAD86938C6B3061BC2A4ED0D18FAD01B1E53D0C8D41D208189D6E341E167B4B975236701B76C72097A34AAC46F4781185A7A63E4FB4A3CDDAB793EE4DFBA3D57481AF41ACD06A45F8D59D33FEBABCD3B98675A9C3F54B0AB42CFCABCA47021C709867AB12F830C4E93AE48AE5EBDD109E3F672AAE6A2EFFEAF07648D3110EE52627D44C8EA35482502C1CDC7B655F4D4A5E7DA1A064E138D00A9CC85DA5E833221AC5FF62F7871B53A8CE279AD441A5795D092F257C9BD2A871D098B3583ED9876342351C063BC2EA9FF111D245FE68A6A087B9E0B7AB0C47F2C6BD98A5CB4DFC57B71A1CF13A83308DA1E3BEB572AFDA9B88F05CCE1DBE359A44E849CAE4AB6196262877B119EDF241326C0F523ACF04DDF90601DC0D4107B935444D5C9E019B340227A386996D071BAA64D62FA049F285F12366ACDD439FCD3D0BAF9C37519177AAC6CF3B6986BAB5F68BDC9FB6E3B82FA157BE36D452FC0EDC4CDB95F9677F97C0F98725F275EAE0FF15C53957D1EFA9CABCE7B68FC186F117C40C5D24BD982A7F21AD6FE4A9CAC6C763FB68DD0B1C725E5DBC4522B86A42B02E3F5E704595977829607FDEB0922C497A9A93F327FA921D8BFBCD9C18272506A1A9F23171787FCBA72E4670C857D089DB5A22AE801EEBD567D48D697EBF25E6183374FC4C47C1747C3F69E650333F6F7ABEB3081C01C9317
+20210525022943 2 6 100 6143 5 CAED937BA3084DFE7B4C1B59AC23C7EA9F28E677B8AFA536E9079DECED93EDAAEFB2C757F9E7AE4E90C4C68C8C937CAA8A0FB92A36FBBD24F777D579E264E8750B365A59AF83C5925262981B301C94CA57CE2A4825438EE089B2E0A5A8D90B51B7DB6044383542685F2D543030403741A6337C0280866A08D15BBFF32D9326073E6F8BAE510E66CF5A5DC6C7D96EFA13984EA383224CD59C7F8A49BA170EBD0BCF896FAD0FD67AB88D4D25CC81D29FFB7062328C9BA3BCD7EB107B74FAC05412D7677C058604F544B2EE8548E9372064C0CEB79BADEF8755F86E8DC894BD043DE697ECE323D624156B731D99C12FD1F42BB2FCADF8CFFEAB8DB59F9CB5843C1A01018DB3E415B4BF00D7F3F20FAAD86938C6B3061BC2A4ED0D18FAD01B1E53D0C8D41D208189D6E341E167B4B975236701B76C72097A34AAC46F4781185A7A63E4FB4A3CDDAB793EE4DFBA3D57481AF41ACD06A45F8D59D33FEBABCD3B98675A9C3F54B0AB42CFCABCA47021C709867AB12F830C4E93AE48AE5EBDD109E3F672AAE6A2EFFEAF07648D3110EE52627D44C8EA35482502C1CDC7B655F4D4A5E7DA1A064E138D00A9CC85DA5E833221AC5FF62F7871B53A8CE279AD441A5795D092F257C9BD2A871D098B3583ED9876342351C063BC2EA9FF111D245FE68A6A087B9E0B7AB0C47F2C6BD98A5CB4DFC57B71A1CF13A83308DA1E3BEB572AFDA9B88F05CCE1DBE359A44E849CAE4AB6196262877B119EDF241326C0F523ACF04DDF90601DC0D4107B935444D5C9E019B340227A386996D071BAA64D62FA049F285F12366ACDD439FCD3D0BAF9C37519177AAC6CF3B6986BAB5F68BDC9FB6E3B82FA157BE36D452FC0EDC4CDB95F9677F97C0F98725F275EAE0FF15C53957D1EFA9CABCE7B68FC186F117C40C5D24BD982A7F21AD6FE4A9CAC6C763FB68DD0B1C725E5DBC4522B86A42B02E3F5E704595977829607FDEB0922C497A9A93F327FA921D8BFBCD9C18272506A1A9F23171787FCBA72E4670C857D089DB5A22AE801EEBD567D48D697EBF25E6183374FC4C47C1747C3F69E650333F6F7ABEB3081C51E7ABF
+20210525025621 2 6 100 6143 5 CAED937BA3084DFE7B4C1B59AC23C7EA9F28E677B8AFA536E9079DECED93EDAAEFB2C757F9E7AE4E90C4C68C8C937CAA8A0FB92A36FBBD24F777D579E264E8750B365A59AF83C5925262981B301C94CA57CE2A4825438EE089B2E0A5A8D90B51B7DB6044383542685F2D543030403741A6337C0280866A08D15BBFF32D9326073E6F8BAE510E66CF5A5DC6C7D96EFA13984EA383224CD59C7F8A49BA170EBD0BCF896FAD0FD67AB88D4D25CC81D29FFB7062328C9BA3BCD7EB107B74FAC05412D7677C058604F544B2EE8548E9372064C0CEB79BADEF8755F86E8DC894BD043DE697ECE323D624156B731D99C12FD1F42BB2FCADF8CFFEAB8DB59F9CB5843C1A01018DB3E415B4BF00D7F3F20FAAD86938C6B3061BC2A4ED0D18FAD01B1E53D0C8D41D208189D6E341E167B4B975236701B76C72097A34AAC46F4781185A7A63E4FB4A3CDDAB793EE4DFBA3D57481AF41ACD06A45F8D59D33FEBABCD3B98675A9C3F54B0AB42CFCABCA47021C709867AB12F830C4E93AE48AE5EBDD109E3F672AAE6A2EFFEAF07648D3110EE52627D44C8EA35482502C1CDC7B655F4D4A5E7DA1A064E138D00A9CC85DA5E833221AC5FF62F7871B53A8CE279AD441A5795D092F257C9BD2A871D098B3583ED9876342351C063BC2EA9FF111D245FE68A6A087B9E0B7AB0C47F2C6BD98A5CB4DFC57B71A1CF13A83308DA1E3BEB572AFDA9B88F05CCE1DBE359A44E849CAE4AB6196262877B119EDF241326C0F523ACF04DDF90601DC0D4107B935444D5C9E019B340227A386996D071BAA64D62FA049F285F12366ACDD439FCD3D0BAF9C37519177AAC6CF3B6986BAB5F68BDC9FB6E3B82FA157BE36D452FC0EDC4CDB95F9677F97C0F98725F275EAE0FF15C53957D1EFA9CABCE7B68FC186F117C40C5D24BD982A7F21AD6FE4A9CAC6C763FB68DD0B1C725E5DBC4522B86A42B02E3F5E704595977829607FDEB0922C497A9A93F327FA921D8BFBCD9C18272506A1A9F23171787FCBA72E4670C857D089DB5A22AE801EEBD567D48D697EBF25E6183374FC4C47C1747C3F69E650333F6F7ABEB3081C92AC0FF
+20210525030139 2 6 100 6143 2 CAED937BA3084DFE7B4C1B59AC23C7EA9F28E677B8AFA536E9079DECED93EDAAEFB2C757F9E7AE4E90C4C68C8C937CAA8A0FB92A36FBBD24F777D579E264E8750B365A59AF83C5925262981B301C94CA57CE2A4825438EE089B2E0A5A8D90B51B7DB6044383542685F2D543030403741A6337C0280866A08D15BBFF32D9326073E6F8BAE510E66CF5A5DC6C7D96EFA13984EA383224CD59C7F8A49BA170EBD0BCF896FAD0FD67AB88D4D25CC81D29FFB7062328C9BA3BCD7EB107B74FAC05412D7677C058604F544B2EE8548E9372064C0CEB79BADEF8755F86E8DC894BD043DE697ECE323D624156B731D99C12FD1F42BB2FCADF8CFFEAB8DB59F9CB5843C1A01018DB3E415B4BF00D7F3F20FAAD86938C6B3061BC2A4ED0D18FAD01B1E53D0C8D41D208189D6E341E167B4B975236701B76C72097A34AAC46F4781185A7A63E4FB4A3CDDAB793EE4DFBA3D57481AF41ACD06A45F8D59D33FEBABCD3B98675A9C3F54B0AB42CFCABCA47021C709867AB12F830C4E93AE48AE5EBDD109E3F672AAE6A2EFFEAF07648D3110EE52627D44C8EA35482502C1CDC7B655F4D4A5E7DA1A064E138D00A9CC85DA5E833221AC5FF62F7871B53A8CE279AD441A5795D092F257C9BD2A871D098B3583ED9876342351C063BC2EA9FF111D245FE68A6A087B9E0B7AB0C47F2C6BD98A5CB4DFC57B71A1CF13A83308DA1E3BEB572AFDA9B88F05CCE1DBE359A44E849CAE4AB6196262877B119EDF241326C0F523ACF04DDF90601DC0D4107B935444D5C9E019B340227A386996D071BAA64D62FA049F285F12366ACDD439FCD3D0BAF9C37519177AAC6CF3B6986BAB5F68BDC9FB6E3B82FA157BE36D452FC0EDC4CDB95F9677F97C0F98725F275EAE0FF15C53957D1EFA9CABCE7B68FC186F117C40C5D24BD982A7F21AD6FE4A9CAC6C763FB68DD0B1C725E5DBC4522B86A42B02E3F5E704595977829607FDEB0922C497A9A93F327FA921D8BFBCD9C18272506A1A9F23171787FCBA72E4670C857D089DB5A22AE801EEBD567D48D697EBF25E6183374FC4C47C1747C3F69E650333F6F7ABEB3081C9F26EFB
+20210525030310 2 6 100 6143 2 CAED937BA3084DFE7B4C1B59AC23C7EA9F28E677B8AFA536E9079DECED93EDAAEFB2C757F9E7AE4E90C4C68C8C937CAA8A0FB92A36FBBD24F777D579E264E8750B365A59AF83C5925262981B301C94CA57CE2A4825438EE089B2E0A5A8D90B51B7DB6044383542685F2D543030403741A6337C0280866A08D15BBFF32D9326073E6F8BAE510E66CF5A5DC6C7D96EFA13984EA383224CD59C7F8A49BA170EBD0BCF896FAD0FD67AB88D4D25CC81D29FFB7062328C9BA3BCD7EB107B74FAC05412D7677C058604F544B2EE8548E9372064C0CEB79BADEF8755F86E8DC894BD043DE697ECE323D624156B731D99C12FD1F42BB2FCADF8CFFEAB8DB59F9CB5843C1A01018DB3E415B4BF00D7F3F20FAAD86938C6B3061BC2A4ED0D18FAD01B1E53D0C8D41D208189D6E341E167B4B975236701B76C72097A34AAC46F4781185A7A63E4FB4A3CDDAB793EE4DFBA3D57481AF41ACD06A45F8D59D33FEBABCD3B98675A9C3F54B0AB42CFCABCA47021C709867AB12F830C4E93AE48AE5EBDD109E3F672AAE6A2EFFEAF07648D3110EE52627D44C8EA35482502C1CDC7B655F4D4A5E7DA1A064E138D00A9CC85DA5E833221AC5FF62F7871B53A8CE279AD441A5795D092F257C9BD2A871D098B3583ED9876342351C063BC2EA9FF111D245FE68A6A087B9E0B7AB0C47F2C6BD98A5CB4DFC57B71A1CF13A83308DA1E3BEB572AFDA9B88F05CCE1DBE359A44E849CAE4AB6196262877B119EDF241326C0F523ACF04DDF90601DC0D4107B935444D5C9E019B340227A386996D071BAA64D62FA049F285F12366ACDD439FCD3D0BAF9C37519177AAC6CF3B6986BAB5F68BDC9FB6E3B82FA157BE36D452FC0EDC4CDB95F9677F97C0F98725F275EAE0FF15C53957D1EFA9CABCE7B68FC186F117C40C5D24BD982A7F21AD6FE4A9CAC6C763FB68DD0B1C725E5DBC4522B86A42B02E3F5E704595977829607FDEB0922C497A9A93F327FA921D8BFBCD9C18272506A1A9F23171787FCBA72E4670C857D089DB5A22AE801EEBD567D48D697EBF25E6183374FC4C47C1747C3F69E650333F6F7ABEB3081CA22ECE3
+20210525033123 2 6 100 6143 2 CAED937BA3084DFE7B4C1B59AC23C7EA9F28E677B8AFA536E9079DECED93EDAAEFB2C757F9E7AE4E90C4C68C8C937CAA8A0FB92A36FBBD24F777D579E264E8750B365A59AF83C5925262981B301C94CA57CE2A4825438EE089B2E0A5A8D90B51B7DB6044383542685F2D543030403741A6337C0280866A08D15BBFF32D9326073E6F8BAE510E66CF5A5DC6C7D96EFA13984EA383224CD59C7F8A49BA170EBD0BCF896FAD0FD67AB88D4D25CC81D29FFB7062328C9BA3BCD7EB107B74FAC05412D7677C058604F544B2EE8548E9372064C0CEB79BADEF8755F86E8DC894BD043DE697ECE323D624156B731D99C12FD1F42BB2FCADF8CFFEAB8DB59F9CB5843C1A01018DB3E415B4BF00D7F3F20FAAD86938C6B3061BC2A4ED0D18FAD01B1E53D0C8D41D208189D6E341E167B4B975236701B76C72097A34AAC46F4781185A7A63E4FB4A3CDDAB793EE4DFBA3D57481AF41ACD06A45F8D59D33FEBABCD3B98675A9C3F54B0AB42CFCABCA47021C709867AB12F830C4E93AE48AE5EBDD109E3F672AAE6A2EFFEAF07648D3110EE52627D44C8EA35482502C1CDC7B655F4D4A5E7DA1A064E138D00A9CC85DA5E833221AC5FF62F7871B53A8CE279AD441A5795D092F257C9BD2A871D098B3583ED9876342351C063BC2EA9FF111D245FE68A6A087B9E0B7AB0C47F2C6BD98A5CB4DFC57B71A1CF13A83308DA1E3BEB572AFDA9B88F05CCE1DBE359A44E849CAE4AB6196262877B119EDF241326C0F523ACF04DDF90601DC0D4107B935444D5C9E019B340227A386996D071BAA64D62FA049F285F12366ACDD439FCD3D0BAF9C37519177AAC6CF3B6986BAB5F68BDC9FB6E3B82FA157BE36D452FC0EDC4CDB95F9677F97C0F98725F275EAE0FF15C53957D1EFA9CABCE7B68FC186F117C40C5D24BD982A7F21AD6FE4A9CAC6C763FB68DD0B1C725E5DBC4522B86A42B02E3F5E704595977829607FDEB0922C497A9A93F327FA921D8BFBCD9C18272506A1A9F23171787FCBA72E4670C857D089DB5A22AE801EEBD567D48D697EBF25E6183374FC4C47C1747C3F69E650333F6F7ABEB3081CE69BC83
+20210525035425 2 6 100 6143 5 CAED937BA3084DFE7B4C1B59AC23C7EA9F28E677B8AFA536E9079DECED93EDAAEFB2C757F9E7AE4E90C4C68C8C937CAA8A0FB92A36FBBD24F777D579E264E8750B365A59AF83C5925262981B301C94CA57CE2A4825438EE089B2E0A5A8D90B51B7DB6044383542685F2D543030403741A6337C0280866A08D15BBFF32D9326073E6F8BAE510E66CF5A5DC6C7D96EFA13984EA383224CD59C7F8A49BA170EBD0BCF896FAD0FD67AB88D4D25CC81D29FFB7062328C9BA3BCD7EB107B74FAC05412D7677C058604F544B2EE8548E9372064C0CEB79BADEF8755F86E8DC894BD043DE697ECE323D624156B731D99C12FD1F42BB2FCADF8CFFEAB8DB59F9CB5843C1A01018DB3E415B4BF00D7F3F20FAAD86938C6B3061BC2A4ED0D18FAD01B1E53D0C8D41D208189D6E341E167B4B975236701B76C72097A34AAC46F4781185A7A63E4FB4A3CDDAB793EE4DFBA3D57481AF41ACD06A45F8D59D33FEBABCD3B98675A9C3F54B0AB42CFCABCA47021C709867AB12F830C4E93AE48AE5EBDD109E3F672AAE6A2EFFEAF07648D3110EE52627D44C8EA35482502C1CDC7B655F4D4A5E7DA1A064E138D00A9CC85DA5E833221AC5FF62F7871B53A8CE279AD441A5795D092F257C9BD2A871D098B3583ED9876342351C063BC2EA9FF111D245FE68A6A087B9E0B7AB0C47F2C6BD98A5CB4DFC57B71A1CF13A83308DA1E3BEB572AFDA9B88F05CCE1DBE359A44E849CAE4AB6196262877B119EDF241326C0F523ACF04DDF90601DC0D4107B935444D5C9E019B340227A386996D071BAA64D62FA049F285F12366ACDD439FCD3D0BAF9C37519177AAC6CF3B6986BAB5F68BDC9FB6E3B82FA157BE36D452FC0EDC4CDB95F9677F97C0F98725F275EAE0FF15C53957D1EFA9CABCE7B68FC186F117C40C5D24BD982A7F21AD6FE4A9CAC6C763FB68DD0B1C725E5DBC4522B86A42B02E3F5E704595977829607FDEB0922C497A9A93F327FA921D8BFBCD9C18272506A1A9F23171787FCBA72E4670C857D089DB5A22AE801EEBD567D48D697EBF25E6183374FC4C47C1747C3F69E650333F6F7ABEB3081D1EA340F
+20210525042046 2 6 100 6143 5 CAED937BA3084DFE7B4C1B59AC23C7EA9F28E677B8AFA536E9079DECED93EDAAEFB2C757F9E7AE4E90C4C68C8C937CAA8A0FB92A36FBBD24F777D579E264E8750B365A59AF83C5925262981B301C94CA57CE2A4825438EE089B2E0A5A8D90B51B7DB6044383542685F2D543030403741A6337C0280866A08D15BBFF32D9326073E6F8BAE510E66CF5A5DC6C7D96EFA13984EA383224CD59C7F8A49BA170EBD0BCF896FAD0FD67AB88D4D25CC81D29FFB7062328C9BA3BCD7EB107B74FAC05412D7677C058604F544B2EE8548E9372064C0CEB79BADEF8755F86E8DC894BD043DE697ECE323D624156B731D99C12FD1F42BB2FCADF8CFFEAB8DB59F9CB5843C1A01018DB3E415B4BF00D7F3F20FAAD86938C6B3061BC2A4ED0D18FAD01B1E53D0C8D41D208189D6E341E167B4B975236701B76C72097A34AAC46F4781185A7A63E4FB4A3CDDAB793EE4DFBA3D57481AF41ACD06A45F8D59D33FEBABCD3B98675A9C3F54B0AB42CFCABCA47021C709867AB12F830C4E93AE48AE5EBDD109E3F672AAE6A2EFFEAF07648D3110EE52627D44C8EA35482502C1CDC7B655F4D4A5E7DA1A064E138D00A9CC85DA5E833221AC5FF62F7871B53A8CE279AD441A5795D092F257C9BD2A871D098B3583ED9876342351C063BC2EA9FF111D245FE68A6A087B9E0B7AB0C47F2C6BD98A5CB4DFC57B71A1CF13A83308DA1E3BEB572AFDA9B88F05CCE1DBE359A44E849CAE4AB6196262877B119EDF241326C0F523ACF04DDF90601DC0D4107B935444D5C9E019B340227A386996D071BAA64D62FA049F285F12366ACDD439FCD3D0BAF9C37519177AAC6CF3B6986BAB5F68BDC9FB6E3B82FA157BE36D452FC0EDC4CDB95F9677F97C0F98725F275EAE0FF15C53957D1EFA9CABCE7B68FC186F117C40C5D24BD982A7F21AD6FE4A9CAC6C763FB68DD0B1C725E5DBC4522B86A42B02E3F5E704595977829607FDEB0922C497A9A93F327FA921D8BFBCD9C18272506A1A9F23171787FCBA72E4670C857D089DB5A22AE801EEBD567D48D697EBF25E6183374FC4C47C1747C3F69E650333F6F7ABEB3081D5E1F147
+20210525044151 2 6 100 6143 2 CAED937BA3084DFE7B4C1B59AC23C7EA9F28E677B8AFA536E9079DECED93EDAAEFB2C757F9E7AE4E90C4C68C8C937CAA8A0FB92A36FBBD24F777D579E264E8750B365A59AF83C5925262981B301C94CA57CE2A4825438EE089B2E0A5A8D90B51B7DB6044383542685F2D543030403741A6337C0280866A08D15BBFF32D9326073E6F8BAE510E66CF5A5DC6C7D96EFA13984EA383224CD59C7F8A49BA170EBD0BCF896FAD0FD67AB88D4D25CC81D29FFB7062328C9BA3BCD7EB107B74FAC05412D7677C058604F544B2EE8548E9372064C0CEB79BADEF8755F86E8DC894BD043DE697ECE323D624156B731D99C12FD1F42BB2FCADF8CFFEAB8DB59F9CB5843C1A01018DB3E415B4BF00D7F3F20FAAD86938C6B3061BC2A4ED0D18FAD01B1E53D0C8D41D208189D6E341E167B4B975236701B76C72097A34AAC46F4781185A7A63E4FB4A3CDDAB793EE4DFBA3D57481AF41ACD06A45F8D59D33FEBABCD3B98675A9C3F54B0AB42CFCABCA47021C709867AB12F830C4E93AE48AE5EBDD109E3F672AAE6A2EFFEAF07648D3110EE52627D44C8EA35482502C1CDC7B655F4D4A5E7DA1A064E138D00A9CC85DA5E833221AC5FF62F7871B53A8CE279AD441A5795D092F257C9BD2A871D098B3583ED9876342351C063BC2EA9FF111D245FE68A6A087B9E0B7AB0C47F2C6BD98A5CB4DFC57B71A1CF13A83308DA1E3BEB572AFDA9B88F05CCE1DBE359A44E849CAE4AB6196262877B119EDF241326C0F523ACF04DDF90601DC0D4107B935444D5C9E019B340227A386996D071BAA64D62FA049F285F12366ACDD439FCD3D0BAF9C37519177AAC6CF3B6986BAB5F68BDC9FB6E3B82FA157BE36D452FC0EDC4CDB95F9677F97C0F98725F275EAE0FF15C53957D1EFA9CABCE7B68FC186F117C40C5D24BD982A7F21AD6FE4A9CAC6C763FB68DD0B1C725E5DBC4522B86A42B02E3F5E704595977829607FDEB0922C497A9A93F327FA921D8BFBCD9C18272506A1A9F23171787FCBA72E4670C857D089DB5A22AE801EEBD567D48D697EBF25E6183374FC4C47C1747C3F69E650333F6F7ABEB3081D906177B
+20210525045703 2 6 100 6143 2 CAED937BA3084DFE7B4C1B59AC23C7EA9F28E677B8AFA536E9079DECED93EDAAEFB2C757F9E7AE4E90C4C68C8C937CAA8A0FB92A36FBBD24F777D579E264E8750B365A59AF83C5925262981B301C94CA57CE2A4825438EE089B2E0A5A8D90B51B7DB6044383542685F2D543030403741A6337C0280866A08D15BBFF32D9326073E6F8BAE510E66CF5A5DC6C7D96EFA13984EA383224CD59C7F8A49BA170EBD0BCF896FAD0FD67AB88D4D25CC81D29FFB7062328C9BA3BCD7EB107B74FAC05412D7677C058604F544B2EE8548E9372064C0CEB79BADEF8755F86E8DC894BD043DE697ECE323D624156B731D99C12FD1F42BB2FCADF8CFFEAB8DB59F9CB5843C1A01018DB3E415B4BF00D7F3F20FAAD86938C6B3061BC2A4ED0D18FAD01B1E53D0C8D41D208189D6E341E167B4B975236701B76C72097A34AAC46F4781185A7A63E4FB4A3CDDAB793EE4DFBA3D57481AF41ACD06A45F8D59D33FEBABCD3B98675A9C3F54B0AB42CFCABCA47021C709867AB12F830C4E93AE48AE5EBDD109E3F672AAE6A2EFFEAF07648D3110EE52627D44C8EA35482502C1CDC7B655F4D4A5E7DA1A064E138D00A9CC85DA5E833221AC5FF62F7871B53A8CE279AD441A5795D092F257C9BD2A871D098B3583ED9876342351C063BC2EA9FF111D245FE68A6A087B9E0B7AB0C47F2C6BD98A5CB4DFC57B71A1CF13A83308DA1E3BEB572AFDA9B88F05CCE1DBE359A44E849CAE4AB6196262877B119EDF241326C0F523ACF04DDF90601DC0D4107B935444D5C9E019B340227A386996D071BAA64D62FA049F285F12366ACDD439FCD3D0BAF9C37519177AAC6CF3B6986BAB5F68BDC9FB6E3B82FA157BE36D452FC0EDC4CDB95F9677F97C0F98725F275EAE0FF15C53957D1EFA9CABCE7B68FC186F117C40C5D24BD982A7F21AD6FE4A9CAC6C763FB68DD0B1C725E5DBC4522B86A42B02E3F5E704595977829607FDEB0922C497A9A93F327FA921D8BFBCD9C18272506A1A9F23171787FCBA72E4670C857D089DB5A22AE801EEBD567D48D697EBF25E6183374FC4C47C1747C3F69E650333F6F7ABEB3081DB34C7EB
+20210525050443 2 6 100 6143 5 CAED937BA3084DFE7B4C1B59AC23C7EA9F28E677B8AFA536E9079DECED93EDAAEFB2C757F9E7AE4E90C4C68C8C937CAA8A0FB92A36FBBD24F777D579E264E8750B365A59AF83C5925262981B301C94CA57CE2A4825438EE089B2E0A5A8D90B51B7DB6044383542685F2D543030403741A6337C0280866A08D15BBFF32D9326073E6F8BAE510E66CF5A5DC6C7D96EFA13984EA383224CD59C7F8A49BA170EBD0BCF896FAD0FD67AB88D4D25CC81D29FFB7062328C9BA3BCD7EB107B74FAC05412D7677C058604F544B2EE8548E9372064C0CEB79BADEF8755F86E8DC894BD043DE697ECE323D624156B731D99C12FD1F42BB2FCADF8CFFEAB8DB59F9CB5843C1A01018DB3E415B4BF00D7F3F20FAAD86938C6B3061BC2A4ED0D18FAD01B1E53D0C8D41D208189D6E341E167B4B975236701B76C72097A34AAC46F4781185A7A63E4FB4A3CDDAB793EE4DFBA3D57481AF41ACD06A45F8D59D33FEBABCD3B98675A9C3F54B0AB42CFCABCA47021C709867AB12F830C4E93AE48AE5EBDD109E3F672AAE6A2EFFEAF07648D3110EE52627D44C8EA35482502C1CDC7B655F4D4A5E7DA1A064E138D00A9CC85DA5E833221AC5FF62F7871B53A8CE279AD441A5795D092F257C9BD2A871D098B3583ED9876342351C063BC2EA9FF111D245FE68A6A087B9E0B7AB0C47F2C6BD98A5CB4DFC57B71A1CF13A83308DA1E3BEB572AFDA9B88F05CCE1DBE359A44E849CAE4AB6196262877B119EDF241326C0F523ACF04DDF90601DC0D4107B935444D5C9E019B340227A386996D071BAA64D62FA049F285F12366ACDD439FCD3D0BAF9C37519177AAC6CF3B6986BAB5F68BDC9FB6E3B82FA157BE36D452FC0EDC4CDB95F9677F97C0F98725F275EAE0FF15C53957D1EFA9CABCE7B68FC186F117C40C5D24BD982A7F21AD6FE4A9CAC6C763FB68DD0B1C725E5DBC4522B86A42B02E3F5E704595977829607FDEB0922C497A9A93F327FA921D8BFBCD9C18272506A1A9F23171787FCBA72E4670C857D089DB5A22AE801EEBD567D48D697EBF25E6183374FC4C47C1747C3F69E650333F6F7ABEB3081DC53F8C7
+20210525050557 2 6 100 6143 2 CAED937BA3084DFE7B4C1B59AC23C7EA9F28E677B8AFA536E9079DECED93EDAAEFB2C757F9E7AE4E90C4C68C8C937CAA8A0FB92A36FBBD24F777D579E264E8750B365A59AF83C5925262981B301C94CA57CE2A4825438EE089B2E0A5A8D90B51B7DB6044383542685F2D543030403741A6337C0280866A08D15BBFF32D9326073E6F8BAE510E66CF5A5DC6C7D96EFA13984EA383224CD59C7F8A49BA170EBD0BCF896FAD0FD67AB88D4D25CC81D29FFB7062328C9BA3BCD7EB107B74FAC05412D7677C058604F544B2EE8548E9372064C0CEB79BADEF8755F86E8DC894BD043DE697ECE323D624156B731D99C12FD1F42BB2FCADF8CFFEAB8DB59F9CB5843C1A01018DB3E415B4BF00D7F3F20FAAD86938C6B3061BC2A4ED0D18FAD01B1E53D0C8D41D208189D6E341E167B4B975236701B76C72097A34AAC46F4781185A7A63E4FB4A3CDDAB793EE4DFBA3D57481AF41ACD06A45F8D59D33FEBABCD3B98675A9C3F54B0AB42CFCABCA47021C709867AB12F830C4E93AE48AE5EBDD109E3F672AAE6A2EFFEAF07648D3110EE52627D44C8EA35482502C1CDC7B655F4D4A5E7DA1A064E138D00A9CC85DA5E833221AC5FF62F7871B53A8CE279AD441A5795D092F257C9BD2A871D098B3583ED9876342351C063BC2EA9FF111D245FE68A6A087B9E0B7AB0C47F2C6BD98A5CB4DFC57B71A1CF13A83308DA1E3BEB572AFDA9B88F05CCE1DBE359A44E849CAE4AB6196262877B119EDF241326C0F523ACF04DDF90601DC0D4107B935444D5C9E019B340227A386996D071BAA64D62FA049F285F12366ACDD439FCD3D0BAF9C37519177AAC6CF3B6986BAB5F68BDC9FB6E3B82FA157BE36D452FC0EDC4CDB95F9677F97C0F98725F275EAE0FF15C53957D1EFA9CABCE7B68FC186F117C40C5D24BD982A7F21AD6FE4A9CAC6C763FB68DD0B1C725E5DBC4522B86A42B02E3F5E704595977829607FDEB0922C497A9A93F327FA921D8BFBCD9C18272506A1A9F23171787FCBA72E4670C857D089DB5A22AE801EEBD567D48D697EBF25E6183374FC4C47C1747C3F69E650333F6F7ABEB3081DC7921BB
+20210525051327 2 6 100 6143 2 CAED937BA3084DFE7B4C1B59AC23C7EA9F28E677B8AFA536E9079DECED93EDAAEFB2C757F9E7AE4E90C4C68C8C937CAA8A0FB92A36FBBD24F777D579E264E8750B365A59AF83C5925262981B301C94CA57CE2A4825438EE089B2E0A5A8D90B51B7DB6044383542685F2D543030403741A6337C0280866A08D15BBFF32D9326073E6F8BAE510E66CF5A5DC6C7D96EFA13984EA383224CD59C7F8A49BA170EBD0BCF896FAD0FD67AB88D4D25CC81D29FFB7062328C9BA3BCD7EB107B74FAC05412D7677C058604F544B2EE8548E9372064C0CEB79BADEF8755F86E8DC894BD043DE697ECE323D624156B731D99C12FD1F42BB2FCADF8CFFEAB8DB59F9CB5843C1A01018DB3E415B4BF00D7F3F20FAAD86938C6B3061BC2A4ED0D18FAD01B1E53D0C8D41D208189D6E341E167B4B975236701B76C72097A34AAC46F4781185A7A63E4FB4A3CDDAB793EE4DFBA3D57481AF41ACD06A45F8D59D33FEBABCD3B98675A9C3F54B0AB42CFCABCA47021C709867AB12F830C4E93AE48AE5EBDD109E3F672AAE6A2EFFEAF07648D3110EE52627D44C8EA35482502C1CDC7B655F4D4A5E7DA1A064E138D00A9CC85DA5E833221AC5FF62F7871B53A8CE279AD441A5795D092F257C9BD2A871D098B3583ED9876342351C063BC2EA9FF111D245FE68A6A087B9E0B7AB0C47F2C6BD98A5CB4DFC57B71A1CF13A83308DA1E3BEB572AFDA9B88F05CCE1DBE359A44E849CAE4AB6196262877B119EDF241326C0F523ACF04DDF90601DC0D4107B935444D5C9E019B340227A386996D071BAA64D62FA049F285F12366ACDD439FCD3D0BAF9C37519177AAC6CF3B6986BAB5F68BDC9FB6E3B82FA157BE36D452FC0EDC4CDB95F9677F97C0F98725F275EAE0FF15C53957D1EFA9CABCE7B68FC186F117C40C5D24BD982A7F21AD6FE4A9CAC6C763FB68DD0B1C725E5DBC4522B86A42B02E3F5E704595977829607FDEB0922C497A9A93F327FA921D8BFBCD9C18272506A1A9F23171787FCBA72E4670C857D089DB5A22AE801EEBD567D48D697EBF25E6183374FC4C47C1747C3F69E650333F6F7ABEB3081DD90DF33
+20210525051635 2 6 100 6143 5 CAED937BA3084DFE7B4C1B59AC23C7EA9F28E677B8AFA536E9079DECED93EDAAEFB2C757F9E7AE4E90C4C68C8C937CAA8A0FB92A36FBBD24F777D579E264E8750B365A59AF83C5925262981B301C94CA57CE2A4825438EE089B2E0A5A8D90B51B7DB6044383542685F2D543030403741A6337C0280866A08D15BBFF32D9326073E6F8BAE510E66CF5A5DC6C7D96EFA13984EA383224CD59C7F8A49BA170EBD0BCF896FAD0FD67AB88D4D25CC81D29FFB7062328C9BA3BCD7EB107B74FAC05412D7677C058604F544B2EE8548E9372064C0CEB79BADEF8755F86E8DC894BD043DE697ECE323D624156B731D99C12FD1F42BB2FCADF8CFFEAB8DB59F9CB5843C1A01018DB3E415B4BF00D7F3F20FAAD86938C6B3061BC2A4ED0D18FAD01B1E53D0C8D41D208189D6E341E167B4B975236701B76C72097A34AAC46F4781185A7A63E4FB4A3CDDAB793EE4DFBA3D57481AF41ACD06A45F8D59D33FEBABCD3B98675A9C3F54B0AB42CFCABCA47021C709867AB12F830C4E93AE48AE5EBDD109E3F672AAE6A2EFFEAF07648D3110EE52627D44C8EA35482502C1CDC7B655F4D4A5E7DA1A064E138D00A9CC85DA5E833221AC5FF62F7871B53A8CE279AD441A5795D092F257C9BD2A871D098B3583ED9876342351C063BC2EA9FF111D245FE68A6A087B9E0B7AB0C47F2C6BD98A5CB4DFC57B71A1CF13A83308DA1E3BEB572AFDA9B88F05CCE1DBE359A44E849CAE4AB6196262877B119EDF241326C0F523ACF04DDF90601DC0D4107B935444D5C9E019B340227A386996D071BAA64D62FA049F285F12366ACDD439FCD3D0BAF9C37519177AAC6CF3B6986BAB5F68BDC9FB6E3B82FA157BE36D452FC0EDC4CDB95F9677F97C0F98725F275EAE0FF15C53957D1EFA9CABCE7B68FC186F117C40C5D24BD982A7F21AD6FE4A9CAC6C763FB68DD0B1C725E5DBC4522B86A42B02E3F5E704595977829607FDEB0922C497A9A93F327FA921D8BFBCD9C18272506A1A9F23171787FCBA72E4670C857D089DB5A22AE801EEBD567D48D697EBF25E6183374FC4C47C1747C3F69E650333F6F7ABEB3081DE04D46F
+20210525052745 2 6 100 6143 2 CAED937BA3084DFE7B4C1B59AC23C7EA9F28E677B8AFA536E9079DECED93EDAAEFB2C757F9E7AE4E90C4C68C8C937CAA8A0FB92A36FBBD24F777D579E264E8750B365A59AF83C5925262981B301C94CA57CE2A4825438EE089B2E0A5A8D90B51B7DB6044383542685F2D543030403741A6337C0280866A08D15BBFF32D9326073E6F8BAE510E66CF5A5DC6C7D96EFA13984EA383224CD59C7F8A49BA170EBD0BCF896FAD0FD67AB88D4D25CC81D29FFB7062328C9BA3BCD7EB107B74FAC05412D7677C058604F544B2EE8548E9372064C0CEB79BADEF8755F86E8DC894BD043DE697ECE323D624156B731D99C12FD1F42BB2FCADF8CFFEAB8DB59F9CB5843C1A01018DB3E415B4BF00D7F3F20FAAD86938C6B3061BC2A4ED0D18FAD01B1E53D0C8D41D208189D6E341E167B4B975236701B76C72097A34AAC46F4781185A7A63E4FB4A3CDDAB793EE4DFBA3D57481AF41ACD06A45F8D59D33FEBABCD3B98675A9C3F54B0AB42CFCABCA47021C709867AB12F830C4E93AE48AE5EBDD109E3F672AAE6A2EFFEAF07648D3110EE52627D44C8EA35482502C1CDC7B655F4D4A5E7DA1A064E138D00A9CC85DA5E833221AC5FF62F7871B53A8CE279AD441A5795D092F257C9BD2A871D098B3583ED9876342351C063BC2EA9FF111D245FE68A6A087B9E0B7AB0C47F2C6BD98A5CB4DFC57B71A1CF13A83308DA1E3BEB572AFDA9B88F05CCE1DBE359A44E849CAE4AB6196262877B119EDF241326C0F523ACF04DDF90601DC0D4107B935444D5C9E019B340227A386996D071BAA64D62FA049F285F12366ACDD439FCD3D0BAF9C37519177AAC6CF3B6986BAB5F68BDC9FB6E3B82FA157BE36D452FC0EDC4CDB95F9677F97C0F98725F275EAE0FF15C53957D1EFA9CABCE7B68FC186F117C40C5D24BD982A7F21AD6FE4A9CAC6C763FB68DD0B1C725E5DBC4522B86A42B02E3F5E704595977829607FDEB0922C497A9A93F327FA921D8BFBCD9C18272506A1A9F23171787FCBA72E4670C857D089DB5A22AE801EEBD567D48D697EBF25E6183374FC4C47C1747C3F69E650333F6F7ABEB3081DFAB207B
+20210525053701 2 6 100 6143 2 CAED937BA3084DFE7B4C1B59AC23C7EA9F28E677B8AFA536E9079DECED93EDAAEFB2C757F9E7AE4E90C4C68C8C937CAA8A0FB92A36FBBD24F777D579E264E8750B365A59AF83C5925262981B301C94CA57CE2A4825438EE089B2E0A5A8D90B51B7DB6044383542685F2D543030403741A6337C0280866A08D15BBFF32D9326073E6F8BAE510E66CF5A5DC6C7D96EFA13984EA383224CD59C7F8A49BA170EBD0BCF896FAD0FD67AB88D4D25CC81D29FFB7062328C9BA3BCD7EB107B74FAC05412D7677C058604F544B2EE8548E9372064C0CEB79BADEF8755F86E8DC894BD043DE697ECE323D624156B731D99C12FD1F42BB2FCADF8CFFEAB8DB59F9CB5843C1A01018DB3E415B4BF00D7F3F20FAAD86938C6B3061BC2A4ED0D18FAD01B1E53D0C8D41D208189D6E341E167B4B975236701B76C72097A34AAC46F4781185A7A63E4FB4A3CDDAB793EE4DFBA3D57481AF41ACD06A45F8D59D33FEBABCD3B98675A9C3F54B0AB42CFCABCA47021C709867AB12F830C4E93AE48AE5EBDD109E3F672AAE6A2EFFEAF07648D3110EE52627D44C8EA35482502C1CDC7B655F4D4A5E7DA1A064E138D00A9CC85DA5E833221AC5FF62F7871B53A8CE279AD441A5795D092F257C9BD2A871D098B3583ED9876342351C063BC2EA9FF111D245FE68A6A087B9E0B7AB0C47F2C6BD98A5CB4DFC57B71A1CF13A83308DA1E3BEB572AFDA9B88F05CCE1DBE359A44E849CAE4AB6196262877B119EDF241326C0F523ACF04DDF90601DC0D4107B935444D5C9E019B340227A386996D071BAA64D62FA049F285F12366ACDD439FCD3D0BAF9C37519177AAC6CF3B6986BAB5F68BDC9FB6E3B82FA157BE36D452FC0EDC4CDB95F9677F97C0F98725F275EAE0FF15C53957D1EFA9CABCE7B68FC186F117C40C5D24BD982A7F21AD6FE4A9CAC6C763FB68DD0B1C725E5DBC4522B86A42B02E3F5E704595977829607FDEB0922C497A9A93F327FA921D8BFBCD9C18272506A1A9F23171787FCBA72E4670C857D089DB5A22AE801EEBD567D48D697EBF25E6183374FC4C47C1747C3F69E650333F6F7ABEB3081E102FFA3
+20210525060524 2 6 100 6143 5 CAED937BA3084DFE7B4C1B59AC23C7EA9F28E677B8AFA536E9079DECED93EDAAEFB2C757F9E7AE4E90C4C68C8C937CAA8A0FB92A36FBBD24F777D579E264E8750B365A59AF83C5925262981B301C94CA57CE2A4825438EE089B2E0A5A8D90B51B7DB6044383542685F2D543030403741A6337C0280866A08D15BBFF32D9326073E6F8BAE510E66CF5A5DC6C7D96EFA13984EA383224CD59C7F8A49BA170EBD0BCF896FAD0FD67AB88D4D25CC81D29FFB7062328C9BA3BCD7EB107B74FAC05412D7677C058604F544B2EE8548E9372064C0CEB79BADEF8755F86E8DC894BD043DE697ECE323D624156B731D99C12FD1F42BB2FCADF8CFFEAB8DB59F9CB5843C1A01018DB3E415B4BF00D7F3F20FAAD86938C6B3061BC2A4ED0D18FAD01B1E53D0C8D41D208189D6E341E167B4B975236701B76C72097A34AAC46F4781185A7A63E4FB4A3CDDAB793EE4DFBA3D57481AF41ACD06A45F8D59D33FEBABCD3B98675A9C3F54B0AB42CFCABCA47021C709867AB12F830C4E93AE48AE5EBDD109E3F672AAE6A2EFFEAF07648D3110EE52627D44C8EA35482502C1CDC7B655F4D4A5E7DA1A064E138D00A9CC85DA5E833221AC5FF62F7871B53A8CE279AD441A5795D092F257C9BD2A871D098B3583ED9876342351C063BC2EA9FF111D245FE68A6A087B9E0B7AB0C47F2C6BD98A5CB4DFC57B71A1CF13A83308DA1E3BEB572AFDA9B88F05CCE1DBE359A44E849CAE4AB6196262877B119EDF241326C0F523ACF04DDF90601DC0D4107B935444D5C9E019B340227A386996D071BAA64D62FA049F285F12366ACDD439FCD3D0BAF9C37519177AAC6CF3B6986BAB5F68BDC9FB6E3B82FA157BE36D452FC0EDC4CDB95F9677F97C0F98725F275EAE0FF15C53957D1EFA9CABCE7B68FC186F117C40C5D24BD982A7F21AD6FE4A9CAC6C763FB68DD0B1C725E5DBC4522B86A42B02E3F5E704595977829607FDEB0922C497A9A93F327FA921D8BFBCD9C18272506A1A9F23171787FCBA72E4670C857D089DB5A22AE801EEBD567D48D697EBF25E6183374FC4C47C1747C3F69E650333F6F7ABEB3081E525193F
+20210525061916 2 6 100 6143 2 CAED937BA3084DFE7B4C1B59AC23C7EA9F28E677B8AFA536E9079DECED93EDAAEFB2C757F9E7AE4E90C4C68C8C937CAA8A0FB92A36FBBD24F777D579E264E8750B365A59AF83C5925262981B301C94CA57CE2A4825438EE089B2E0A5A8D90B51B7DB6044383542685F2D543030403741A6337C0280866A08D15BBFF32D9326073E6F8BAE510E66CF5A5DC6C7D96EFA13984EA383224CD59C7F8A49BA170EBD0BCF896FAD0FD67AB88D4D25CC81D29FFB7062328C9BA3BCD7EB107B74FAC05412D7677C058604F544B2EE8548E9372064C0CEB79BADEF8755F86E8DC894BD043DE697ECE323D624156B731D99C12FD1F42BB2FCADF8CFFEAB8DB59F9CB5843C1A01018DB3E415B4BF00D7F3F20FAAD86938C6B3061BC2A4ED0D18FAD01B1E53D0C8D41D208189D6E341E167B4B975236701B76C72097A34AAC46F4781185A7A63E4FB4A3CDDAB793EE4DFBA3D57481AF41ACD06A45F8D59D33FEBABCD3B98675A9C3F54B0AB42CFCABCA47021C709867AB12F830C4E93AE48AE5EBDD109E3F672AAE6A2EFFEAF07648D3110EE52627D44C8EA35482502C1CDC7B655F4D4A5E7DA1A064E138D00A9CC85DA5E833221AC5FF62F7871B53A8CE279AD441A5795D092F257C9BD2A871D098B3583ED9876342351C063BC2EA9FF111D245FE68A6A087B9E0B7AB0C47F2C6BD98A5CB4DFC57B71A1CF13A83308DA1E3BEB572AFDA9B88F05CCE1DBE359A44E849CAE4AB6196262877B119EDF241326C0F523ACF04DDF90601DC0D4107B935444D5C9E019B340227A386996D071BAA64D62FA049F285F12366ACDD439FCD3D0BAF9C37519177AAC6CF3B6986BAB5F68BDC9FB6E3B82FA157BE36D452FC0EDC4CDB95F9677F97C0F98725F275EAE0FF15C53957D1EFA9CABCE7B68FC186F117C40C5D24BD982A7F21AD6FE4A9CAC6C763FB68DD0B1C725E5DBC4522B86A42B02E3F5E704595977829607FDEB0922C497A9A93F327FA921D8BFBCD9C18272506A1A9F23171787FCBA72E4670C857D089DB5A22AE801EEBD567D48D697EBF25E6183374FC4C47C1747C3F69E650333F6F7ABEB3081E723D123
+20210525062421 2 6 100 6143 2 CAED937BA3084DFE7B4C1B59AC23C7EA9F28E677B8AFA536E9079DECED93EDAAEFB2C757F9E7AE4E90C4C68C8C937CAA8A0FB92A36FBBD24F777D579E264E8750B365A59AF83C5925262981B301C94CA57CE2A4825438EE089B2E0A5A8D90B51B7DB6044383542685F2D543030403741A6337C0280866A08D15BBFF32D9326073E6F8BAE510E66CF5A5DC6C7D96EFA13984EA383224CD59C7F8A49BA170EBD0BCF896FAD0FD67AB88D4D25CC81D29FFB7062328C9BA3BCD7EB107B74FAC05412D7677C058604F544B2EE8548E9372064C0CEB79BADEF8755F86E8DC894BD043DE697ECE323D624156B731D99C12FD1F42BB2FCADF8CFFEAB8DB59F9CB5843C1A01018DB3E415B4BF00D7F3F20FAAD86938C6B3061BC2A4ED0D18FAD01B1E53D0C8D41D208189D6E341E167B4B975236701B76C72097A34AAC46F4781185A7A63E4FB4A3CDDAB793EE4DFBA3D57481AF41ACD06A45F8D59D33FEBABCD3B98675A9C3F54B0AB42CFCABCA47021C709867AB12F830C4E93AE48AE5EBDD109E3F672AAE6A2EFFEAF07648D3110EE52627D44C8EA35482502C1CDC7B655F4D4A5E7DA1A064E138D00A9CC85DA5E833221AC5FF62F7871B53A8CE279AD441A5795D092F257C9BD2A871D098B3583ED9876342351C063BC2EA9FF111D245FE68A6A087B9E0B7AB0C47F2C6BD98A5CB4DFC57B71A1CF13A83308DA1E3BEB572AFDA9B88F05CCE1DBE359A44E849CAE4AB6196262877B119EDF241326C0F523ACF04DDF90601DC0D4107B935444D5C9E019B340227A386996D071BAA64D62FA049F285F12366ACDD439FCD3D0BAF9C37519177AAC6CF3B6986BAB5F68BDC9FB6E3B82FA157BE36D452FC0EDC4CDB95F9677F97C0F98725F275EAE0FF15C53957D1EFA9CABCE7B68FC186F117C40C5D24BD982A7F21AD6FE4A9CAC6C763FB68DD0B1C725E5DBC4522B86A42B02E3F5E704595977829607FDEB0922C497A9A93F327FA921D8BFBCD9C18272506A1A9F23171787FCBA72E4670C857D089DB5A22AE801EEBD567D48D697EBF25E6183374FC4C47C1747C3F69E650333F6F7ABEB3081E7DAEAA3
+20210525062728 2 6 100 6143 2 CAED937BA3084DFE7B4C1B59AC23C7EA9F28E677B8AFA536E9079DECED93EDAAEFB2C757F9E7AE4E90C4C68C8C937CAA8A0FB92A36FBBD24F777D579E264E8750B365A59AF83C5925262981B301C94CA57CE2A4825438EE089B2E0A5A8D90B51B7DB6044383542685F2D543030403741A6337C0280866A08D15BBFF32D9326073E6F8BAE510E66CF5A5DC6C7D96EFA13984EA383224CD59C7F8A49BA170EBD0BCF896FAD0FD67AB88D4D25CC81D29FFB7062328C9BA3BCD7EB107B74FAC05412D7677C058604F544B2EE8548E9372064C0CEB79BADEF8755F86E8DC894BD043DE697ECE323D624156B731D99C12FD1F42BB2FCADF8CFFEAB8DB59F9CB5843C1A01018DB3E415B4BF00D7F3F20FAAD86938C6B3061BC2A4ED0D18FAD01B1E53D0C8D41D208189D6E341E167B4B975236701B76C72097A34AAC46F4781185A7A63E4FB4A3CDDAB793EE4DFBA3D57481AF41ACD06A45F8D59D33FEBABCD3B98675A9C3F54B0AB42CFCABCA47021C709867AB12F830C4E93AE48AE5EBDD109E3F672AAE6A2EFFEAF07648D3110EE52627D44C8EA35482502C1CDC7B655F4D4A5E7DA1A064E138D00A9CC85DA5E833221AC5FF62F7871B53A8CE279AD441A5795D092F257C9BD2A871D098B3583ED9876342351C063BC2EA9FF111D245FE68A6A087B9E0B7AB0C47F2C6BD98A5CB4DFC57B71A1CF13A83308DA1E3BEB572AFDA9B88F05CCE1DBE359A44E849CAE4AB6196262877B119EDF241326C0F523ACF04DDF90601DC0D4107B935444D5C9E019B340227A386996D071BAA64D62FA049F285F12366ACDD439FCD3D0BAF9C37519177AAC6CF3B6986BAB5F68BDC9FB6E3B82FA157BE36D452FC0EDC4CDB95F9677F97C0F98725F275EAE0FF15C53957D1EFA9CABCE7B68FC186F117C40C5D24BD982A7F21AD6FE4A9CAC6C763FB68DD0B1C725E5DBC4522B86A42B02E3F5E704595977829607FDEB0922C497A9A93F327FA921D8BFBCD9C18272506A1A9F23171787FCBA72E4670C857D089DB5A22AE801EEBD567D48D697EBF25E6183374FC4C47C1747C3F69E650333F6F7ABEB3081E8449753
+20210525064313 2 6 100 6143 2 CAED937BA3084DFE7B4C1B59AC23C7EA9F28E677B8AFA536E9079DECED93EDAAEFB2C757F9E7AE4E90C4C68C8C937CAA8A0FB92A36FBBD24F777D579E264E8750B365A59AF83C5925262981B301C94CA57CE2A4825438EE089B2E0A5A8D90B51B7DB6044383542685F2D543030403741A6337C0280866A08D15BBFF32D9326073E6F8BAE510E66CF5A5DC6C7D96EFA13984EA383224CD59C7F8A49BA170EBD0BCF896FAD0FD67AB88D4D25CC81D29FFB7062328C9BA3BCD7EB107B74FAC05412D7677C058604F544B2EE8548E9372064C0CEB79BADEF8755F86E8DC894BD043DE697ECE323D624156B731D99C12FD1F42BB2FCADF8CFFEAB8DB59F9CB5843C1A01018DB3E415B4BF00D7F3F20FAAD86938C6B3061BC2A4ED0D18FAD01B1E53D0C8D41D208189D6E341E167B4B975236701B76C72097A34AAC46F4781185A7A63E4FB4A3CDDAB793EE4DFBA3D57481AF41ACD06A45F8D59D33FEBABCD3B98675A9C3F54B0AB42CFCABCA47021C709867AB12F830C4E93AE48AE5EBDD109E3F672AAE6A2EFFEAF07648D3110EE52627D44C8EA35482502C1CDC7B655F4D4A5E7DA1A064E138D00A9CC85DA5E833221AC5FF62F7871B53A8CE279AD441A5795D092F257C9BD2A871D098B3583ED9876342351C063BC2EA9FF111D245FE68A6A087B9E0B7AB0C47F2C6BD98A5CB4DFC57B71A1CF13A83308DA1E3BEB572AFDA9B88F05CCE1DBE359A44E849CAE4AB6196262877B119EDF241326C0F523ACF04DDF90601DC0D4107B935444D5C9E019B340227A386996D071BAA64D62FA049F285F12366ACDD439FCD3D0BAF9C37519177AAC6CF3B6986BAB5F68BDC9FB6E3B82FA157BE36D452FC0EDC4CDB95F9677F97C0F98725F275EAE0FF15C53957D1EFA9CABCE7B68FC186F117C40C5D24BD982A7F21AD6FE4A9CAC6C763FB68DD0B1C725E5DBC4522B86A42B02E3F5E704595977829607FDEB0922C497A9A93F327FA921D8BFBCD9C18272506A1A9F23171787FCBA72E4670C857D089DB5A22AE801EEBD567D48D697EBF25E6183374FC4C47C1747C3F69E650333F6F7ABEB3081EA8CAE5B
+20210525072251 2 6 100 6143 2 CAED937BA3084DFE7B4C1B59AC23C7EA9F28E677B8AFA536E9079DECED93EDAAEFB2C757F9E7AE4E90C4C68C8C937CAA8A0FB92A36FBBD24F777D579E264E8750B365A59AF83C5925262981B301C94CA57CE2A4825438EE089B2E0A5A8D90B51B7DB6044383542685F2D543030403741A6337C0280866A08D15BBFF32D9326073E6F8BAE510E66CF5A5DC6C7D96EFA13984EA383224CD59C7F8A49BA170EBD0BCF896FAD0FD67AB88D4D25CC81D29FFB7062328C9BA3BCD7EB107B74FAC05412D7677C058604F544B2EE8548E9372064C0CEB79BADEF8755F86E8DC894BD043DE697ECE323D624156B731D99C12FD1F42BB2FCADF8CFFEAB8DB59F9CB5843C1A01018DB3E415B4BF00D7F3F20FAAD86938C6B3061BC2A4ED0D18FAD01B1E53D0C8D41D208189D6E341E167B4B975236701B76C72097A34AAC46F4781185A7A63E4FB4A3CDDAB793EE4DFBA3D57481AF41ACD06A45F8D59D33FEBABCD3B98675A9C3F54B0AB42CFCABCA47021C709867AB12F830C4E93AE48AE5EBDD109E3F672AAE6A2EFFEAF07648D3110EE52627D44C8EA35482502C1CDC7B655F4D4A5E7DA1A064E138D00A9CC85DA5E833221AC5FF62F7871B53A8CE279AD441A5795D092F257C9BD2A871D098B3583ED9876342351C063BC2EA9FF111D245FE68A6A087B9E0B7AB0C47F2C6BD98A5CB4DFC57B71A1CF13A83308DA1E3BEB572AFDA9B88F05CCE1DBE359A44E849CAE4AB6196262877B119EDF241326C0F523ACF04DDF90601DC0D4107B935444D5C9E019B340227A386996D071BAA64D62FA049F285F12366ACDD439FCD3D0BAF9C37519177AAC6CF3B6986BAB5F68BDC9FB6E3B82FA157BE36D452FC0EDC4CDB95F9677F97C0F98725F275EAE0FF15C53957D1EFA9CABCE7B68FC186F117C40C5D24BD982A7F21AD6FE4A9CAC6C763FB68DD0B1C725E5DBC4522B86A42B02E3F5E704595977829607FDEB0922C497A9A93F327FA921D8BFBCD9C18272506A1A9F23171787FCBA72E4670C857D089DB5A22AE801EEBD567D48D697EBF25E6183374FC4C47C1747C3F69E650333F6F7ABEB3081F04FCEC3
+20210525082731 2 6 100 6143 5 CAED937BA3084DFE7B4C1B59AC23C7EA9F28E677B8AFA536E9079DECED93EDAAEFB2C757F9E7AE4E90C4C68C8C937CAA8A0FB92A36FBBD24F777D579E264E8750B365A59AF83C5925262981B301C94CA57CE2A4825438EE089B2E0A5A8D90B51B7DB6044383542685F2D543030403741A6337C0280866A08D15BBFF32D9326073E6F8BAE510E66CF5A5DC6C7D96EFA13984EA383224CD59C7F8A49BA170EBD0BCF896FAD0FD67AB88D4D25CC81D29FFB7062328C9BA3BCD7EB107B74FAC05412D7677C058604F544B2EE8548E9372064C0CEB79BADEF8755F86E8DC894BD043DE697ECE323D624156B731D99C12FD1F42BB2FCADF8CFFEAB8DB59F9CB5843C1A01018DB3E415B4BF00D7F3F20FAAD86938C6B3061BC2A4ED0D18FAD01B1E53D0C8D41D208189D6E341E167B4B975236701B76C72097A34AAC46F4781185A7A63E4FB4A3CDDAB793EE4DFBA3D57481AF41ACD06A45F8D59D33FEBABCD3B98675A9C3F54B0AB42CFCABCA47021C709867AB12F830C4E93AE48AE5EBDD109E3F672AAE6A2EFFEAF07648D3110EE52627D44C8EA35482502C1CDC7B655F4D4A5E7DA1A064E138D00A9CC85DA5E833221AC5FF62F7871B53A8CE279AD441A5795D092F257C9BD2A871D098B3583ED9876342351C063BC2EA9FF111D245FE68A6A087B9E0B7AB0C47F2C6BD98A5CB4DFC57B71A1CF13A83308DA1E3BEB572AFDA9B88F05CCE1DBE359A44E849CAE4AB6196262877B119EDF241326C0F523ACF04DDF90601DC0D4107B935444D5C9E019B340227A386996D071BAA64D62FA049F285F12366ACDD439FCD3D0BAF9C37519177AAC6CF3B6986BAB5F68BDC9FB6E3B82FA157BE36D452FC0EDC4CDB95F9677F97C0F98725F275EAE0FF15C53957D1EFA9CABCE7B68FC186F117C40C5D24BD982A7F21AD6FE4A9CAC6C763FB68DD0B1C725E5DBC4522B86A42B02E3F5E704595977829607FDEB0922C497A9A93F327FA921D8BFBCD9C18272506A1A9F23171787FCBA72E4670C857D089DB5A22AE801EEBD567D48D697EBF25E6183374FC4C47C1747C3F69E650333F6F7ABEB3081F9AA3067
+20210525090241 2 6 100 6143 2 CAED937BA3084DFE7B4C1B59AC23C7EA9F28E677B8AFA536E9079DECED93EDAAEFB2C757F9E7AE4E90C4C68C8C937CAA8A0FB92A36FBBD24F777D579E264E8750B365A59AF83C5925262981B301C94CA57CE2A4825438EE089B2E0A5A8D90B51B7DB6044383542685F2D543030403741A6337C0280866A08D15BBFF32D9326073E6F8BAE510E66CF5A5DC6C7D96EFA13984EA383224CD59C7F8A49BA170EBD0BCF896FAD0FD67AB88D4D25CC81D29FFB7062328C9BA3BCD7EB107B74FAC05412D7677C058604F544B2EE8548E9372064C0CEB79BADEF8755F86E8DC894BD043DE697ECE323D624156B731D99C12FD1F42BB2FCADF8CFFEAB8DB59F9CB5843C1A01018DB3E415B4BF00D7F3F20FAAD86938C6B3061BC2A4ED0D18FAD01B1E53D0C8D41D208189D6E341E167B4B975236701B76C72097A34AAC46F4781185A7A63E4FB4A3CDDAB793EE4DFBA3D57481AF41ACD06A45F8D59D33FEBABCD3B98675A9C3F54B0AB42CFCABCA47021C709867AB12F830C4E93AE48AE5EBDD109E3F672AAE6A2EFFEAF07648D3110EE52627D44C8EA35482502C1CDC7B655F4D4A5E7DA1A064E138D00A9CC85DA5E833221AC5FF62F7871B53A8CE279AD441A5795D092F257C9BD2A871D098B3583ED9876342351C063BC2EA9FF111D245FE68A6A087B9E0B7AB0C47F2C6BD98A5CB4DFC57B71A1CF13A83308DA1E3BEB572AFDA9B88F05CCE1DBE359A44E849CAE4AB6196262877B119EDF241326C0F523ACF04DDF90601DC0D4107B935444D5C9E019B340227A386996D071BAA64D62FA049F285F12366ACDD439FCD3D0BAF9C37519177AAC6CF3B6986BAB5F68BDC9FB6E3B82FA157BE36D452FC0EDC4CDB95F9677F97C0F98725F275EAE0FF15C53957D1EFA9CABCE7B68FC186F117C40C5D24BD982A7F21AD6FE4A9CAC6C763FB68DD0B1C725E5DBC4522B86A42B02E3F5E704595977829607FDEB0922C497A9A93F327FA921D8BFBCD9C18272506A1A9F23171787FCBA72E4670C857D089DB5A22AE801EEBD567D48D697EBF25E6183374FC4C47C1747C3F69E650333F6F7ABEB3081FEACB11B
+20210525093810 2 6 100 6143 2 CAED937BA3084DFE7B4C1B59AC23C7EA9F28E677B8AFA536E9079DECED93EDAAEFB2C757F9E7AE4E90C4C68C8C937CAA8A0FB92A36FBBD24F777D579E264E8750B365A59AF83C5925262981B301C94CA57CE2A4825438EE089B2E0A5A8D90B51B7DB6044383542685F2D543030403741A6337C0280866A08D15BBFF32D9326073E6F8BAE510E66CF5A5DC6C7D96EFA13984EA383224CD59C7F8A49BA170EBD0BCF896FAD0FD67AB88D4D25CC81D29FFB7062328C9BA3BCD7EB107B74FAC05412D7677C058604F544B2EE8548E9372064C0CEB79BADEF8755F86E8DC894BD043DE697ECE323D624156B731D99C12FD1F42BB2FCADF8CFFEAB8DB59F9CB5843C1A01018DB3E415B4BF00D7F3F20FAAD86938C6B3061BC2A4ED0D18FAD01B1E53D0C8D41D208189D6E341E167B4B975236701B76C72097A34AAC46F4781185A7A63E4FB4A3CDDAB793EE4DFBA3D57481AF41ACD06A45F8D59D33FEBABCD3B98675A9C3F54B0AB42CFCABCA47021C709867AB12F830C4E93AE48AE5EBDD109E3F672AAE6A2EFFEAF07648D3110EE52627D44C8EA35482502C1CDC7B655F4D4A5E7DA1A064E138D00A9CC85DA5E833221AC5FF62F7871B53A8CE279AD441A5795D092F257C9BD2A871D098B3583ED9876342351C063BC2EA9FF111D245FE68A6A087B9E0B7AB0C47F2C6BD98A5CB4DFC57B71A1CF13A83308DA1E3BEB572AFDA9B88F05CCE1DBE359A44E849CAE4AB6196262877B119EDF241326C0F523ACF04DDF90601DC0D4107B935444D5C9E019B340227A386996D071BAA64D62FA049F285F12366ACDD439FCD3D0BAF9C37519177AAC6CF3B6986BAB5F68BDC9FB6E3B82FA157BE36D452FC0EDC4CDB95F9677F97C0F98725F275EAE0FF15C53957D1EFA9CABCE7B68FC186F117C40C5D24BD982A7F21AD6FE4A9CAC6C763FB68DD0B1C725E5DBC4522B86A42B02E3F5E704595977829607FDEB0922C497A9A93F327FA921D8BFBCD9C18272506A1A9F23171787FCBA72E4670C857D089DB5A22AE801EEBD567D48D697EBF25E6183374FC4C47C1747C3F69E650333F6F7ABEB308203BF9E43
+20210525094831 2 6 100 6143 5 CAED937BA3084DFE7B4C1B59AC23C7EA9F28E677B8AFA536E9079DECED93EDAAEFB2C757F9E7AE4E90C4C68C8C937CAA8A0FB92A36FBBD24F777D579E264E8750B365A59AF83C5925262981B301C94CA57CE2A4825438EE089B2E0A5A8D90B51B7DB6044383542685F2D543030403741A6337C0280866A08D15BBFF32D9326073E6F8BAE510E66CF5A5DC6C7D96EFA13984EA383224CD59C7F8A49BA170EBD0BCF896FAD0FD67AB88D4D25CC81D29FFB7062328C9BA3BCD7EB107B74FAC05412D7677C058604F544B2EE8548E9372064C0CEB79BADEF8755F86E8DC894BD043DE697ECE323D624156B731D99C12FD1F42BB2FCADF8CFFEAB8DB59F9CB5843C1A01018DB3E415B4BF00D7F3F20FAAD86938C6B3061BC2A4ED0D18FAD01B1E53D0C8D41D208189D6E341E167B4B975236701B76C72097A34AAC46F4781185A7A63E4FB4A3CDDAB793EE4DFBA3D57481AF41ACD06A45F8D59D33FEBABCD3B98675A9C3F54B0AB42CFCABCA47021C709867AB12F830C4E93AE48AE5EBDD109E3F672AAE6A2EFFEAF07648D3110EE52627D44C8EA35482502C1CDC7B655F4D4A5E7DA1A064E138D00A9CC85DA5E833221AC5FF62F7871B53A8CE279AD441A5795D092F257C9BD2A871D098B3583ED9876342351C063BC2EA9FF111D245FE68A6A087B9E0B7AB0C47F2C6BD98A5CB4DFC57B71A1CF13A83308DA1E3BEB572AFDA9B88F05CCE1DBE359A44E849CAE4AB6196262877B119EDF241326C0F523ACF04DDF90601DC0D4107B935444D5C9E019B340227A386996D071BAA64D62FA049F285F12366ACDD439FCD3D0BAF9C37519177AAC6CF3B6986BAB5F68BDC9FB6E3B82FA157BE36D452FC0EDC4CDB95F9677F97C0F98725F275EAE0FF15C53957D1EFA9CABCE7B68FC186F117C40C5D24BD982A7F21AD6FE4A9CAC6C763FB68DD0B1C725E5DBC4522B86A42B02E3F5E704595977829607FDEB0922C497A9A93F327FA921D8BFBCD9C18272506A1A9F23171787FCBA72E4670C857D089DB5A22AE801EEBD567D48D697EBF25E6183374FC4C47C1747C3F69E650333F6F7ABEB30820532247F
+20210525101346 2 6 100 6143 5 E14FDFEE7787F1C28112A16D64FE7C953E3A963B98675E5C078465D774DDD60D0689616D88E223B1D75C4D124BD32324D828137D8AF145AED00162977FA394F7D9657F5E892CDAC98461E41CCF76B3F42471E8DC112FB82F65AD55AE55ADE7F3B85C9EE6E914F2DEE618D55A9FA0F72F6C03664BCDAEDC64ACD9DAE85B0396321F79565522DE272B5D041155C8949BE08B5B09712887BE1E20C31FE5A5A90E0F9610000EF7E1BBA8C7EF3A9F7E3BD2710BCA36C5390673FC55FC47CF63A356472C491229E283A236DB444E75BCD2F43B0FF35B809E6336314945B725912A1C3423141007FFC129C65CCD772966D9E394AECC3252F9C9AD019950C188FE8922A959E19F226B33235BA30D0F3B163F21BE8964C67D0CD118EB7EDBE0DB21762006A115ECCF829452B51E533AC29A836DC6CF40135FCB31B77A287E5CD377A0A80D7F2683A9D9E760F3EA479CFCE9627AFF5BF6AEC257043D71E0CC695D2DF4589C3255DBA1A2F58FA3F673C23FEF80366042BC0DBD7AE2556E3EA38577FC0CA9D56324CB084E6EBE01ADFAD00AB41CF94822FC7680A9007A6BA804A2242E8EDE7D599A46F59886D36E6B7F4AA20D92E682AFC1BB0BD5F5AC0203185B978F438508933EE2A85666467A95051DF1EA0C6366CC28D36030242A4B51820D043190B310D5D51DCE6A6AF333629FAEE5F3A6D88DDC325321A3767CF1C97B6B5FD8E2AC2E95C54F142BD4F5A5F5609E6D4BC09C55FA03F92BA35C006662FC08BEE197777F3E8CC1730F754447D349BF93AA8683D226EBD2FD872CB8383A03058AE9210891886DB9E4DB2300D109B2C32E26C460DA6E362F72214999EFDEED5E7299AA4C6A9DC9A9BB5A8D59374F92C339314BCEDFE44E5F805F37934C94FB6D8C8E2C9045BF0C1CE9A659A40937870F51F36947A89EA941990F743666D6B27C71CDF6366666E3623471945AB3F52F98C6034CE808AF2F10F21541A3B3C1CBF2A204770E10953F63913D1A5695C1A68E48D21F65C210097F931E4DD82A31BEE9EC842D8898A73CB84E236B8A10D3B7D8BE6097E4679CC8BE8C77A1CB824F6231E7A84C1DCF
+20210525102328 2 6 100 6143 2 E14FDFEE7787F1C28112A16D64FE7C953E3A963B98675E5C078465D774DDD60D0689616D88E223B1D75C4D124BD32324D828137D8AF145AED00162977FA394F7D9657F5E892CDAC98461E41CCF76B3F42471E8DC112FB82F65AD55AE55ADE7F3B85C9EE6E914F2DEE618D55A9FA0F72F6C03664BCDAEDC64ACD9DAE85B0396321F79565522DE272B5D041155C8949BE08B5B09712887BE1E20C31FE5A5A90E0F9610000EF7E1BBA8C7EF3A9F7E3BD2710BCA36C5390673FC55FC47CF63A356472C491229E283A236DB444E75BCD2F43B0FF35B809E6336314945B725912A1C3423141007FFC129C65CCD772966D9E394AECC3252F9C9AD019950C188FE8922A959E19F226B33235BA30D0F3B163F21BE8964C67D0CD118EB7EDBE0DB21762006A115ECCF829452B51E533AC29A836DC6CF40135FCB31B77A287E5CD377A0A80D7F2683A9D9E760F3EA479CFCE9627AFF5BF6AEC257043D71E0CC695D2DF4589C3255DBA1A2F58FA3F673C23FEF80366042BC0DBD7AE2556E3EA38577FC0CA9D56324CB084E6EBE01ADFAD00AB41CF94822FC7680A9007A6BA804A2242E8EDE7D599A46F59886D36E6B7F4AA20D92E682AFC1BB0BD5F5AC0203185B978F438508933EE2A85666467A95051DF1EA0C6366CC28D36030242A4B51820D043190B310D5D51DCE6A6AF333629FAEE5F3A6D88DDC325321A3767CF1C97B6B5FD8E2AC2E95C54F142BD4F5A5F5609E6D4BC09C55FA03F92BA35C006662FC08BEE197777F3E8CC1730F754447D349BF93AA8683D226EBD2FD872CB8383A03058AE9210891886DB9E4DB2300D109B2C32E26C460DA6E362F72214999EFDEED5E7299AA4C6A9DC9A9BB5A8D59374F92C339314BCEDFE44E5F805F37934C94FB6D8C8E2C9045BF0C1CE9A659A40937870F51F36947A89EA941990F743666D6B27C71CDF6366666E3623471945AB3F52F98C6034CE808AF2F10F21541A3B3C1CBF2A204770E10953F63913D1A5695C1A68E48D21F65C210097F931E4DD82A31BEE9EC842D8898A73CB84E236B8A10D3B7D8BE6097E4679CC8BE8C77A1CB824F6231E7A9C0F78B
+20210525102507 2 6 100 6143 2 E14FDFEE7787F1C28112A16D64FE7C953E3A963B98675E5C078465D774DDD60D0689616D88E223B1D75C4D124BD32324D828137D8AF145AED00162977FA394F7D9657F5E892CDAC98461E41CCF76B3F42471E8DC112FB82F65AD55AE55ADE7F3B85C9EE6E914F2DEE618D55A9FA0F72F6C03664BCDAEDC64ACD9DAE85B0396321F79565522DE272B5D041155C8949BE08B5B09712887BE1E20C31FE5A5A90E0F9610000EF7E1BBA8C7EF3A9F7E3BD2710BCA36C5390673FC55FC47CF63A356472C491229E283A236DB444E75BCD2F43B0FF35B809E6336314945B725912A1C3423141007FFC129C65CCD772966D9E394AECC3252F9C9AD019950C188FE8922A959E19F226B33235BA30D0F3B163F21BE8964C67D0CD118EB7EDBE0DB21762006A115ECCF829452B51E533AC29A836DC6CF40135FCB31B77A287E5CD377A0A80D7F2683A9D9E760F3EA479CFCE9627AFF5BF6AEC257043D71E0CC695D2DF4589C3255DBA1A2F58FA3F673C23FEF80366042BC0DBD7AE2556E3EA38577FC0CA9D56324CB084E6EBE01ADFAD00AB41CF94822FC7680A9007A6BA804A2242E8EDE7D599A46F59886D36E6B7F4AA20D92E682AFC1BB0BD5F5AC0203185B978F438508933EE2A85666467A95051DF1EA0C6366CC28D36030242A4B51820D043190B310D5D51DCE6A6AF333629FAEE5F3A6D88DDC325321A3767CF1C97B6B5FD8E2AC2E95C54F142BD4F5A5F5609E6D4BC09C55FA03F92BA35C006662FC08BEE197777F3E8CC1730F754447D349BF93AA8683D226EBD2FD872CB8383A03058AE9210891886DB9E4DB2300D109B2C32E26C460DA6E362F72214999EFDEED5E7299AA4C6A9DC9A9BB5A8D59374F92C339314BCEDFE44E5F805F37934C94FB6D8C8E2C9045BF0C1CE9A659A40937870F51F36947A89EA941990F743666D6B27C71CDF6366666E3623471945AB3F52F98C6034CE808AF2F10F21541A3B3C1CBF2A204770E10953F63913D1A5695C1A68E48D21F65C210097F931E4DD82A31BEE9EC842D8898A73CB84E236B8A10D3B7D8BE6097E4679CC8BE8C77A1CB824F6231E7A9F844D3
+20210525105019 2 6 100 6143 5 E14FDFEE7787F1C28112A16D64FE7C953E3A963B98675E5C078465D774DDD60D0689616D88E223B1D75C4D124BD32324D828137D8AF145AED00162977FA394F7D9657F5E892CDAC98461E41CCF76B3F42471E8DC112FB82F65AD55AE55ADE7F3B85C9EE6E914F2DEE618D55A9FA0F72F6C03664BCDAEDC64ACD9DAE85B0396321F79565522DE272B5D041155C8949BE08B5B09712887BE1E20C31FE5A5A90E0F9610000EF7E1BBA8C7EF3A9F7E3BD2710BCA36C5390673FC55FC47CF63A356472C491229E283A236DB444E75BCD2F43B0FF35B809E6336314945B725912A1C3423141007FFC129C65CCD772966D9E394AECC3252F9C9AD019950C188FE8922A959E19F226B33235BA30D0F3B163F21BE8964C67D0CD118EB7EDBE0DB21762006A115ECCF829452B51E533AC29A836DC6CF40135FCB31B77A287E5CD377A0A80D7F2683A9D9E760F3EA479CFCE9627AFF5BF6AEC257043D71E0CC695D2DF4589C3255DBA1A2F58FA3F673C23FEF80366042BC0DBD7AE2556E3EA38577FC0CA9D56324CB084E6EBE01ADFAD00AB41CF94822FC7680A9007A6BA804A2242E8EDE7D599A46F59886D36E6B7F4AA20D92E682AFC1BB0BD5F5AC0203185B978F438508933EE2A85666467A95051DF1EA0C6366CC28D36030242A4B51820D043190B310D5D51DCE6A6AF333629FAEE5F3A6D88DDC325321A3767CF1C97B6B5FD8E2AC2E95C54F142BD4F5A5F5609E6D4BC09C55FA03F92BA35C006662FC08BEE197777F3E8CC1730F754447D349BF93AA8683D226EBD2FD872CB8383A03058AE9210891886DB9E4DB2300D109B2C32E26C460DA6E362F72214999EFDEED5E7299AA4C6A9DC9A9BB5A8D59374F92C339314BCEDFE44E5F805F37934C94FB6D8C8E2C9045BF0C1CE9A659A40937870F51F36947A89EA941990F743666D6B27C71CDF6366666E3623471945AB3F52F98C6034CE808AF2F10F21541A3B3C1CBF2A204770E10953F63913D1A5695C1A68E48D21F65C210097F931E4DD82A31BEE9EC842D8898A73CB84E236B8A10D3B7D8BE6097E4679CC8BE8C77A1CB824F6231E7ADB803E7
+20210525110206 2 6 100 6143 5 E14FDFEE7787F1C28112A16D64FE7C953E3A963B98675E5C078465D774DDD60D0689616D88E223B1D75C4D124BD32324D828137D8AF145AED00162977FA394F7D9657F5E892CDAC98461E41CCF76B3F42471E8DC112FB82F65AD55AE55ADE7F3B85C9EE6E914F2DEE618D55A9FA0F72F6C03664BCDAEDC64ACD9DAE85B0396321F79565522DE272B5D041155C8949BE08B5B09712887BE1E20C31FE5A5A90E0F9610000EF7E1BBA8C7EF3A9F7E3BD2710BCA36C5390673FC55FC47CF63A356472C491229E283A236DB444E75BCD2F43B0FF35B809E6336314945B725912A1C3423141007FFC129C65CCD772966D9E394AECC3252F9C9AD019950C188FE8922A959E19F226B33235BA30D0F3B163F21BE8964C67D0CD118EB7EDBE0DB21762006A115ECCF829452B51E533AC29A836DC6CF40135FCB31B77A287E5CD377A0A80D7F2683A9D9E760F3EA479CFCE9627AFF5BF6AEC257043D71E0CC695D2DF4589C3255DBA1A2F58FA3F673C23FEF80366042BC0DBD7AE2556E3EA38577FC0CA9D56324CB084E6EBE01ADFAD00AB41CF94822FC7680A9007A6BA804A2242E8EDE7D599A46F59886D36E6B7F4AA20D92E682AFC1BB0BD5F5AC0203185B978F438508933EE2A85666467A95051DF1EA0C6366CC28D36030242A4B51820D043190B310D5D51DCE6A6AF333629FAEE5F3A6D88DDC325321A3767CF1C97B6B5FD8E2AC2E95C54F142BD4F5A5F5609E6D4BC09C55FA03F92BA35C006662FC08BEE197777F3E8CC1730F754447D349BF93AA8683D226EBD2FD872CB8383A03058AE9210891886DB9E4DB2300D109B2C32E26C460DA6E362F72214999EFDEED5E7299AA4C6A9DC9A9BB5A8D59374F92C339314BCEDFE44E5F805F37934C94FB6D8C8E2C9045BF0C1CE9A659A40937870F51F36947A89EA941990F743666D6B27C71CDF6366666E3623471945AB3F52F98C6034CE808AF2F10F21541A3B3C1CBF2A204770E10953F63913D1A5695C1A68E48D21F65C210097F931E4DD82A31BEE9EC842D8898A73CB84E236B8A10D3B7D8BE6097E4679CC8BE8C77A1CB824F6231E7AF734957
+20210525110823 2 6 100 6143 2 E14FDFEE7787F1C28112A16D64FE7C953E3A963B98675E5C078465D774DDD60D0689616D88E223B1D75C4D124BD32324D828137D8AF145AED00162977FA394F7D9657F5E892CDAC98461E41CCF76B3F42471E8DC112FB82F65AD55AE55ADE7F3B85C9EE6E914F2DEE618D55A9FA0F72F6C03664BCDAEDC64ACD9DAE85B0396321F79565522DE272B5D041155C8949BE08B5B09712887BE1E20C31FE5A5A90E0F9610000EF7E1BBA8C7EF3A9F7E3BD2710BCA36C5390673FC55FC47CF63A356472C491229E283A236DB444E75BCD2F43B0FF35B809E6336314945B725912A1C3423141007FFC129C65CCD772966D9E394AECC3252F9C9AD019950C188FE8922A959E19F226B33235BA30D0F3B163F21BE8964C67D0CD118EB7EDBE0DB21762006A115ECCF829452B51E533AC29A836DC6CF40135FCB31B77A287E5CD377A0A80D7F2683A9D9E760F3EA479CFCE9627AFF5BF6AEC257043D71E0CC695D2DF4589C3255DBA1A2F58FA3F673C23FEF80366042BC0DBD7AE2556E3EA38577FC0CA9D56324CB084E6EBE01ADFAD00AB41CF94822FC7680A9007A6BA804A2242E8EDE7D599A46F59886D36E6B7F4AA20D92E682AFC1BB0BD5F5AC0203185B978F438508933EE2A85666467A95051DF1EA0C6366CC28D36030242A4B51820D043190B310D5D51DCE6A6AF333629FAEE5F3A6D88DDC325321A3767CF1C97B6B5FD8E2AC2E95C54F142BD4F5A5F5609E6D4BC09C55FA03F92BA35C006662FC08BEE197777F3E8CC1730F754447D349BF93AA8683D226EBD2FD872CB8383A03058AE9210891886DB9E4DB2300D109B2C32E26C460DA6E362F72214999EFDEED5E7299AA4C6A9DC9A9BB5A8D59374F92C339314BCEDFE44E5F805F37934C94FB6D8C8E2C9045BF0C1CE9A659A40937870F51F36947A89EA941990F743666D6B27C71CDF6366666E3623471945AB3F52F98C6034CE808AF2F10F21541A3B3C1CBF2A204770E10953F63913D1A5695C1A68E48D21F65C210097F931E4DD82A31BEE9EC842D8898A73CB84E236B8A10D3B7D8BE6097E4679CC8BE8C77A1CB824F6231E7B0605EAB
+20210525113051 2 6 100 6143 2 E14FDFEE7787F1C28112A16D64FE7C953E3A963B98675E5C078465D774DDD60D0689616D88E223B1D75C4D124BD32324D828137D8AF145AED00162977FA394F7D9657F5E892CDAC98461E41CCF76B3F42471E8DC112FB82F65AD55AE55ADE7F3B85C9EE6E914F2DEE618D55A9FA0F72F6C03664BCDAEDC64ACD9DAE85B0396321F79565522DE272B5D041155C8949BE08B5B09712887BE1E20C31FE5A5A90E0F9610000EF7E1BBA8C7EF3A9F7E3BD2710BCA36C5390673FC55FC47CF63A356472C491229E283A236DB444E75BCD2F43B0FF35B809E6336314945B725912A1C3423141007FFC129C65CCD772966D9E394AECC3252F9C9AD019950C188FE8922A959E19F226B33235BA30D0F3B163F21BE8964C67D0CD118EB7EDBE0DB21762006A115ECCF829452B51E533AC29A836DC6CF40135FCB31B77A287E5CD377A0A80D7F2683A9D9E760F3EA479CFCE9627AFF5BF6AEC257043D71E0CC695D2DF4589C3255DBA1A2F58FA3F673C23FEF80366042BC0DBD7AE2556E3EA38577FC0CA9D56324CB084E6EBE01ADFAD00AB41CF94822FC7680A9007A6BA804A2242E8EDE7D599A46F59886D36E6B7F4AA20D92E682AFC1BB0BD5F5AC0203185B978F438508933EE2A85666467A95051DF1EA0C6366CC28D36030242A4B51820D043190B310D5D51DCE6A6AF333629FAEE5F3A6D88DDC325321A3767CF1C97B6B5FD8E2AC2E95C54F142BD4F5A5F5609E6D4BC09C55FA03F92BA35C006662FC08BEE197777F3E8CC1730F754447D349BF93AA8683D226EBD2FD872CB8383A03058AE9210891886DB9E4DB2300D109B2C32E26C460DA6E362F72214999EFDEED5E7299AA4C6A9DC9A9BB5A8D59374F92C339314BCEDFE44E5F805F37934C94FB6D8C8E2C9045BF0C1CE9A659A40937870F51F36947A89EA941990F743666D6B27C71CDF6366666E3623471945AB3F52F98C6034CE808AF2F10F21541A3B3C1CBF2A204770E10953F63913D1A5695C1A68E48D21F65C210097F931E4DD82A31BEE9EC842D8898A73CB84E236B8A10D3B7D8BE6097E4679CC8BE8C77A1CB824F6231E7B3C762EB
+20210525114458 2 6 100 6143 2 E14FDFEE7787F1C28112A16D64FE7C953E3A963B98675E5C078465D774DDD60D0689616D88E223B1D75C4D124BD32324D828137D8AF145AED00162977FA394F7D9657F5E892CDAC98461E41CCF76B3F42471E8DC112FB82F65AD55AE55ADE7F3B85C9EE6E914F2DEE618D55A9FA0F72F6C03664BCDAEDC64ACD9DAE85B0396321F79565522DE272B5D041155C8949BE08B5B09712887BE1E20C31FE5A5A90E0F9610000EF7E1BBA8C7EF3A9F7E3BD2710BCA36C5390673FC55FC47CF63A356472C491229E283A236DB444E75BCD2F43B0FF35B809E6336314945B725912A1C3423141007FFC129C65CCD772966D9E394AECC3252F9C9AD019950C188FE8922A959E19F226B33235BA30D0F3B163F21BE8964C67D0CD118EB7EDBE0DB21762006A115ECCF829452B51E533AC29A836DC6CF40135FCB31B77A287E5CD377A0A80D7F2683A9D9E760F3EA479CFCE9627AFF5BF6AEC257043D71E0CC695D2DF4589C3255DBA1A2F58FA3F673C23FEF80366042BC0DBD7AE2556E3EA38577FC0CA9D56324CB084E6EBE01ADFAD00AB41CF94822FC7680A9007A6BA804A2242E8EDE7D599A46F59886D36E6B7F4AA20D92E682AFC1BB0BD5F5AC0203185B978F438508933EE2A85666467A95051DF1EA0C6366CC28D36030242A4B51820D043190B310D5D51DCE6A6AF333629FAEE5F3A6D88DDC325321A3767CF1C97B6B5FD8E2AC2E95C54F142BD4F5A5F5609E6D4BC09C55FA03F92BA35C006662FC08BEE197777F3E8CC1730F754447D349BF93AA8683D226EBD2FD872CB8383A03058AE9210891886DB9E4DB2300D109B2C32E26C460DA6E362F72214999EFDEED5E7299AA4C6A9DC9A9BB5A8D59374F92C339314BCEDFE44E5F805F37934C94FB6D8C8E2C9045BF0C1CE9A659A40937870F51F36947A89EA941990F743666D6B27C71CDF6366666E3623471945AB3F52F98C6034CE808AF2F10F21541A3B3C1CBF2A204770E10953F63913D1A5695C1A68E48D21F65C210097F931E4DD82A31BEE9EC842D8898A73CB84E236B8A10D3B7D8BE6097E4679CC8BE8C77A1CB824F6231E7B5E9D203
+20210525120436 2 6 100 6143 2 E14FDFEE7787F1C28112A16D64FE7C953E3A963B98675E5C078465D774DDD60D0689616D88E223B1D75C4D124BD32324D828137D8AF145AED00162977FA394F7D9657F5E892CDAC98461E41CCF76B3F42471E8DC112FB82F65AD55AE55ADE7F3B85C9EE6E914F2DEE618D55A9FA0F72F6C03664BCDAEDC64ACD9DAE85B0396321F79565522DE272B5D041155C8949BE08B5B09712887BE1E20C31FE5A5A90E0F9610000EF7E1BBA8C7EF3A9F7E3BD2710BCA36C5390673FC55FC47CF63A356472C491229E283A236DB444E75BCD2F43B0FF35B809E6336314945B725912A1C3423141007FFC129C65CCD772966D9E394AECC3252F9C9AD019950C188FE8922A959E19F226B33235BA30D0F3B163F21BE8964C67D0CD118EB7EDBE0DB21762006A115ECCF829452B51E533AC29A836DC6CF40135FCB31B77A287E5CD377A0A80D7F2683A9D9E760F3EA479CFCE9627AFF5BF6AEC257043D71E0CC695D2DF4589C3255DBA1A2F58FA3F673C23FEF80366042BC0DBD7AE2556E3EA38577FC0CA9D56324CB084E6EBE01ADFAD00AB41CF94822FC7680A9007A6BA804A2242E8EDE7D599A46F59886D36E6B7F4AA20D92E682AFC1BB0BD5F5AC0203185B978F438508933EE2A85666467A95051DF1EA0C6366CC28D36030242A4B51820D043190B310D5D51DCE6A6AF333629FAEE5F3A6D88DDC325321A3767CF1C97B6B5FD8E2AC2E95C54F142BD4F5A5F5609E6D4BC09C55FA03F92BA35C006662FC08BEE197777F3E8CC1730F754447D349BF93AA8683D226EBD2FD872CB8383A03058AE9210891886DB9E4DB2300D109B2C32E26C460DA6E362F72214999EFDEED5E7299AA4C6A9DC9A9BB5A8D59374F92C339314BCEDFE44E5F805F37934C94FB6D8C8E2C9045BF0C1CE9A659A40937870F51F36947A89EA941990F743666D6B27C71CDF6366666E3623471945AB3F52F98C6034CE808AF2F10F21541A3B3C1CBF2A204770E10953F63913D1A5695C1A68E48D21F65C210097F931E4DD82A31BEE9EC842D8898A73CB84E236B8A10D3B7D8BE6097E4679CC8BE8C77A1CB824F6231E7B8DCCD03
+20210525120944 2 6 100 6143 2 E14FDFEE7787F1C28112A16D64FE7C953E3A963B98675E5C078465D774DDD60D0689616D88E223B1D75C4D124BD32324D828137D8AF145AED00162977FA394F7D9657F5E892CDAC98461E41CCF76B3F42471E8DC112FB82F65AD55AE55ADE7F3B85C9EE6E914F2DEE618D55A9FA0F72F6C03664BCDAEDC64ACD9DAE85B0396321F79565522DE272B5D041155C8949BE08B5B09712887BE1E20C31FE5A5A90E0F9610000EF7E1BBA8C7EF3A9F7E3BD2710BCA36C5390673FC55FC47CF63A356472C491229E283A236DB444E75BCD2F43B0FF35B809E6336314945B725912A1C3423141007FFC129C65CCD772966D9E394AECC3252F9C9AD019950C188FE8922A959E19F226B33235BA30D0F3B163F21BE8964C67D0CD118EB7EDBE0DB21762006A115ECCF829452B51E533AC29A836DC6CF40135FCB31B77A287E5CD377A0A80D7F2683A9D9E760F3EA479CFCE9627AFF5BF6AEC257043D71E0CC695D2DF4589C3255DBA1A2F58FA3F673C23FEF80366042BC0DBD7AE2556E3EA38577FC0CA9D56324CB084E6EBE01ADFAD00AB41CF94822FC7680A9007A6BA804A2242E8EDE7D599A46F59886D36E6B7F4AA20D92E682AFC1BB0BD5F5AC0203185B978F438508933EE2A85666467A95051DF1EA0C6366CC28D36030242A4B51820D043190B310D5D51DCE6A6AF333629FAEE5F3A6D88DDC325321A3767CF1C97B6B5FD8E2AC2E95C54F142BD4F5A5F5609E6D4BC09C55FA03F92BA35C006662FC08BEE197777F3E8CC1730F754447D349BF93AA8683D226EBD2FD872CB8383A03058AE9210891886DB9E4DB2300D109B2C32E26C460DA6E362F72214999EFDEED5E7299AA4C6A9DC9A9BB5A8D59374F92C339314BCEDFE44E5F805F37934C94FB6D8C8E2C9045BF0C1CE9A659A40937870F51F36947A89EA941990F743666D6B27C71CDF6366666E3623471945AB3F52F98C6034CE808AF2F10F21541A3B3C1CBF2A204770E10953F63913D1A5695C1A68E48D21F65C210097F931E4DD82A31BEE9EC842D8898A73CB84E236B8A10D3B7D8BE6097E4679CC8BE8C77A1CB824F6231E7B9A11BE3
+20210525122534 2 6 100 6143 5 E14FDFEE7787F1C28112A16D64FE7C953E3A963B98675E5C078465D774DDD60D0689616D88E223B1D75C4D124BD32324D828137D8AF145AED00162977FA394F7D9657F5E892CDAC98461E41CCF76B3F42471E8DC112FB82F65AD55AE55ADE7F3B85C9EE6E914F2DEE618D55A9FA0F72F6C03664BCDAEDC64ACD9DAE85B0396321F79565522DE272B5D041155C8949BE08B5B09712887BE1E20C31FE5A5A90E0F9610000EF7E1BBA8C7EF3A9F7E3BD2710BCA36C5390673FC55FC47CF63A356472C491229E283A236DB444E75BCD2F43B0FF35B809E6336314945B725912A1C3423141007FFC129C65CCD772966D9E394AECC3252F9C9AD019950C188FE8922A959E19F226B33235BA30D0F3B163F21BE8964C67D0CD118EB7EDBE0DB21762006A115ECCF829452B51E533AC29A836DC6CF40135FCB31B77A287E5CD377A0A80D7F2683A9D9E760F3EA479CFCE9627AFF5BF6AEC257043D71E0CC695D2DF4589C3255DBA1A2F58FA3F673C23FEF80366042BC0DBD7AE2556E3EA38577FC0CA9D56324CB084E6EBE01ADFAD00AB41CF94822FC7680A9007A6BA804A2242E8EDE7D599A46F59886D36E6B7F4AA20D92E682AFC1BB0BD5F5AC0203185B978F438508933EE2A85666467A95051DF1EA0C6366CC28D36030242A4B51820D043190B310D5D51DCE6A6AF333629FAEE5F3A6D88DDC325321A3767CF1C97B6B5FD8E2AC2E95C54F142BD4F5A5F5609E6D4BC09C55FA03F92BA35C006662FC08BEE197777F3E8CC1730F754447D349BF93AA8683D226EBD2FD872CB8383A03058AE9210891886DB9E4DB2300D109B2C32E26C460DA6E362F72214999EFDEED5E7299AA4C6A9DC9A9BB5A8D59374F92C339314BCEDFE44E5F805F37934C94FB6D8C8E2C9045BF0C1CE9A659A40937870F51F36947A89EA941990F743666D6B27C71CDF6366666E3623471945AB3F52F98C6034CE808AF2F10F21541A3B3C1CBF2A204770E10953F63913D1A5695C1A68E48D21F65C210097F931E4DD82A31BEE9EC842D8898A73CB84E236B8A10D3B7D8BE6097E4679CC8BE8C77A1CB824F6231E7BBFCC14F
+20210525140523 2 6 100 6143 2 E14FDFEE7787F1C28112A16D64FE7C953E3A963B98675E5C078465D774DDD60D0689616D88E223B1D75C4D124BD32324D828137D8AF145AED00162977FA394F7D9657F5E892CDAC98461E41CCF76B3F42471E8DC112FB82F65AD55AE55ADE7F3B85C9EE6E914F2DEE618D55A9FA0F72F6C03664BCDAEDC64ACD9DAE85B0396321F79565522DE272B5D041155C8949BE08B5B09712887BE1E20C31FE5A5A90E0F9610000EF7E1BBA8C7EF3A9F7E3BD2710BCA36C5390673FC55FC47CF63A356472C491229E283A236DB444E75BCD2F43B0FF35B809E6336314945B725912A1C3423141007FFC129C65CCD772966D9E394AECC3252F9C9AD019950C188FE8922A959E19F226B33235BA30D0F3B163F21BE8964C67D0CD118EB7EDBE0DB21762006A115ECCF829452B51E533AC29A836DC6CF40135FCB31B77A287E5CD377A0A80D7F2683A9D9E760F3EA479CFCE9627AFF5BF6AEC257043D71E0CC695D2DF4589C3255DBA1A2F58FA3F673C23FEF80366042BC0DBD7AE2556E3EA38577FC0CA9D56324CB084E6EBE01ADFAD00AB41CF94822FC7680A9007A6BA804A2242E8EDE7D599A46F59886D36E6B7F4AA20D92E682AFC1BB0BD5F5AC0203185B978F438508933EE2A85666467A95051DF1EA0C6366CC28D36030242A4B51820D043190B310D5D51DCE6A6AF333629FAEE5F3A6D88DDC325321A3767CF1C97B6B5FD8E2AC2E95C54F142BD4F5A5F5609E6D4BC09C55FA03F92BA35C006662FC08BEE197777F3E8CC1730F754447D349BF93AA8683D226EBD2FD872CB8383A03058AE9210891886DB9E4DB2300D109B2C32E26C460DA6E362F72214999EFDEED5E7299AA4C6A9DC9A9BB5A8D59374F92C339314BCEDFE44E5F805F37934C94FB6D8C8E2C9045BF0C1CE9A659A40937870F51F36947A89EA941990F743666D6B27C71CDF6366666E3623471945AB3F52F98C6034CE808AF2F10F21541A3B3C1CBF2A204770E10953F63913D1A5695C1A68E48D21F65C210097F931E4DD82A31BEE9EC842D8898A73CB84E236B8A10D3B7D8BE6097E4679CC8BE8C77A1CB824F6231E7CAD4CEEB
+20210525141051 2 6 100 6143 2 E14FDFEE7787F1C28112A16D64FE7C953E3A963B98675E5C078465D774DDD60D0689616D88E223B1D75C4D124BD32324D828137D8AF145AED00162977FA394F7D9657F5E892CDAC98461E41CCF76B3F42471E8DC112FB82F65AD55AE55ADE7F3B85C9EE6E914F2DEE618D55A9FA0F72F6C03664BCDAEDC64ACD9DAE85B0396321F79565522DE272B5D041155C8949BE08B5B09712887BE1E20C31FE5A5A90E0F9610000EF7E1BBA8C7EF3A9F7E3BD2710BCA36C5390673FC55FC47CF63A356472C491229E283A236DB444E75BCD2F43B0FF35B809E6336314945B725912A1C3423141007FFC129C65CCD772966D9E394AECC3252F9C9AD019950C188FE8922A959E19F226B33235BA30D0F3B163F21BE8964C67D0CD118EB7EDBE0DB21762006A115ECCF829452B51E533AC29A836DC6CF40135FCB31B77A287E5CD377A0A80D7F2683A9D9E760F3EA479CFCE9627AFF5BF6AEC257043D71E0CC695D2DF4589C3255DBA1A2F58FA3F673C23FEF80366042BC0DBD7AE2556E3EA38577FC0CA9D56324CB084E6EBE01ADFAD00AB41CF94822FC7680A9007A6BA804A2242E8EDE7D599A46F59886D36E6B7F4AA20D92E682AFC1BB0BD5F5AC0203185B978F438508933EE2A85666467A95051DF1EA0C6366CC28D36030242A4B51820D043190B310D5D51DCE6A6AF333629FAEE5F3A6D88DDC325321A3767CF1C97B6B5FD8E2AC2E95C54F142BD4F5A5F5609E6D4BC09C55FA03F92BA35C006662FC08BEE197777F3E8CC1730F754447D349BF93AA8683D226EBD2FD872CB8383A03058AE9210891886DB9E4DB2300D109B2C32E26C460DA6E362F72214999EFDEED5E7299AA4C6A9DC9A9BB5A8D59374F92C339314BCEDFE44E5F805F37934C94FB6D8C8E2C9045BF0C1CE9A659A40937870F51F36947A89EA941990F743666D6B27C71CDF6366666E3623471945AB3F52F98C6034CE808AF2F10F21541A3B3C1CBF2A204770E10953F63913D1A5695C1A68E48D21F65C210097F931E4DD82A31BEE9EC842D8898A73CB84E236B8A10D3B7D8BE6097E4679CC8BE8C77A1CB824F6231E7CB96ECE3
+20210525141705 2 6 100 6143 5 E14FDFEE7787F1C28112A16D64FE7C953E3A963B98675E5C078465D774DDD60D0689616D88E223B1D75C4D124BD32324D828137D8AF145AED00162977FA394F7D9657F5E892CDAC98461E41CCF76B3F42471E8DC112FB82F65AD55AE55ADE7F3B85C9EE6E914F2DEE618D55A9FA0F72F6C03664BCDAEDC64ACD9DAE85B0396321F79565522DE272B5D041155C8949BE08B5B09712887BE1E20C31FE5A5A90E0F9610000EF7E1BBA8C7EF3A9F7E3BD2710BCA36C5390673FC55FC47CF63A356472C491229E283A236DB444E75BCD2F43B0FF35B809E6336314945B725912A1C3423141007FFC129C65CCD772966D9E394AECC3252F9C9AD019950C188FE8922A959E19F226B33235BA30D0F3B163F21BE8964C67D0CD118EB7EDBE0DB21762006A115ECCF829452B51E533AC29A836DC6CF40135FCB31B77A287E5CD377A0A80D7F2683A9D9E760F3EA479CFCE9627AFF5BF6AEC257043D71E0CC695D2DF4589C3255DBA1A2F58FA3F673C23FEF80366042BC0DBD7AE2556E3EA38577FC0CA9D56324CB084E6EBE01ADFAD00AB41CF94822FC7680A9007A6BA804A2242E8EDE7D599A46F59886D36E6B7F4AA20D92E682AFC1BB0BD5F5AC0203185B978F438508933EE2A85666467A95051DF1EA0C6366CC28D36030242A4B51820D043190B310D5D51DCE6A6AF333629FAEE5F3A6D88DDC325321A3767CF1C97B6B5FD8E2AC2E95C54F142BD4F5A5F5609E6D4BC09C55FA03F92BA35C006662FC08BEE197777F3E8CC1730F754447D349BF93AA8683D226EBD2FD872CB8383A03058AE9210891886DB9E4DB2300D109B2C32E26C460DA6E362F72214999EFDEED5E7299AA4C6A9DC9A9BB5A8D59374F92C339314BCEDFE44E5F805F37934C94FB6D8C8E2C9045BF0C1CE9A659A40937870F51F36947A89EA941990F743666D6B27C71CDF6366666E3623471945AB3F52F98C6034CE808AF2F10F21541A3B3C1CBF2A204770E10953F63913D1A5695C1A68E48D21F65C210097F931E4DD82A31BEE9EC842D8898A73CB84E236B8A10D3B7D8BE6097E4679CC8BE8C77A1CB824F6231E7CC76C197
+20210525145447 2 6 100 6143 2 E14FDFEE7787F1C28112A16D64FE7C953E3A963B98675E5C078465D774DDD60D0689616D88E223B1D75C4D124BD32324D828137D8AF145AED00162977FA394F7D9657F5E892CDAC98461E41CCF76B3F42471E8DC112FB82F65AD55AE55ADE7F3B85C9EE6E914F2DEE618D55A9FA0F72F6C03664BCDAEDC64ACD9DAE85B0396321F79565522DE272B5D041155C8949BE08B5B09712887BE1E20C31FE5A5A90E0F9610000EF7E1BBA8C7EF3A9F7E3BD2710BCA36C5390673FC55FC47CF63A356472C491229E283A236DB444E75BCD2F43B0FF35B809E6336314945B725912A1C3423141007FFC129C65CCD772966D9E394AECC3252F9C9AD019950C188FE8922A959E19F226B33235BA30D0F3B163F21BE8964C67D0CD118EB7EDBE0DB21762006A115ECCF829452B51E533AC29A836DC6CF40135FCB31B77A287E5CD377A0A80D7F2683A9D9E760F3EA479CFCE9627AFF5BF6AEC257043D71E0CC695D2DF4589C3255DBA1A2F58FA3F673C23FEF80366042BC0DBD7AE2556E3EA38577FC0CA9D56324CB084E6EBE01ADFAD00AB41CF94822FC7680A9007A6BA804A2242E8EDE7D599A46F59886D36E6B7F4AA20D92E682AFC1BB0BD5F5AC0203185B978F438508933EE2A85666467A95051DF1EA0C6366CC28D36030242A4B51820D043190B310D5D51DCE6A6AF333629FAEE5F3A6D88DDC325321A3767CF1C97B6B5FD8E2AC2E95C54F142BD4F5A5F5609E6D4BC09C55FA03F92BA35C006662FC08BEE197777F3E8CC1730F754447D349BF93AA8683D226EBD2FD872CB8383A03058AE9210891886DB9E4DB2300D109B2C32E26C460DA6E362F72214999EFDEED5E7299AA4C6A9DC9A9BB5A8D59374F92C339314BCEDFE44E5F805F37934C94FB6D8C8E2C9045BF0C1CE9A659A40937870F51F36947A89EA941990F743666D6B27C71CDF6366666E3623471945AB3F52F98C6034CE808AF2F10F21541A3B3C1CBF2A204770E10953F63913D1A5695C1A68E48D21F65C210097F931E4DD82A31BEE9EC842D8898A73CB84E236B8A10D3B7D8BE6097E4679CC8BE8C77A1CB824F6231E7D1FC10C3
+20210525152246 2 6 100 6143 2 E14FDFEE7787F1C28112A16D64FE7C953E3A963B98675E5C078465D774DDD60D0689616D88E223B1D75C4D124BD32324D828137D8AF145AED00162977FA394F7D9657F5E892CDAC98461E41CCF76B3F42471E8DC112FB82F65AD55AE55ADE7F3B85C9EE6E914F2DEE618D55A9FA0F72F6C03664BCDAEDC64ACD9DAE85B0396321F79565522DE272B5D041155C8949BE08B5B09712887BE1E20C31FE5A5A90E0F9610000EF7E1BBA8C7EF3A9F7E3BD2710BCA36C5390673FC55FC47CF63A356472C491229E283A236DB444E75BCD2F43B0FF35B809E6336314945B725912A1C3423141007FFC129C65CCD772966D9E394AECC3252F9C9AD019950C188FE8922A959E19F226B33235BA30D0F3B163F21BE8964C67D0CD118EB7EDBE0DB21762006A115ECCF829452B51E533AC29A836DC6CF40135FCB31B77A287E5CD377A0A80D7F2683A9D9E760F3EA479CFCE9627AFF5BF6AEC257043D71E0CC695D2DF4589C3255DBA1A2F58FA3F673C23FEF80366042BC0DBD7AE2556E3EA38577FC0CA9D56324CB084E6EBE01ADFAD00AB41CF94822FC7680A9007A6BA804A2242E8EDE7D599A46F59886D36E6B7F4AA20D92E682AFC1BB0BD5F5AC0203185B978F438508933EE2A85666467A95051DF1EA0C6366CC28D36030242A4B51820D043190B310D5D51DCE6A6AF333629FAEE5F3A6D88DDC325321A3767CF1C97B6B5FD8E2AC2E95C54F142BD4F5A5F5609E6D4BC09C55FA03F92BA35C006662FC08BEE197777F3E8CC1730F754447D349BF93AA8683D226EBD2FD872CB8383A03058AE9210891886DB9E4DB2300D109B2C32E26C460DA6E362F72214999EFDEED5E7299AA4C6A9DC9A9BB5A8D59374F92C339314BCEDFE44E5F805F37934C94FB6D8C8E2C9045BF0C1CE9A659A40937870F51F36947A89EA941990F743666D6B27C71CDF6366666E3623471945AB3F52F98C6034CE808AF2F10F21541A3B3C1CBF2A204770E10953F63913D1A5695C1A68E48D21F65C210097F931E4DD82A31BEE9EC842D8898A73CB84E236B8A10D3B7D8BE6097E4679CC8BE8C77A1CB824F6231E7D605451B
+20210525153139 2 6 100 6143 2 E14FDFEE7787F1C28112A16D64FE7C953E3A963B98675E5C078465D774DDD60D0689616D88E223B1D75C4D124BD32324D828137D8AF145AED00162977FA394F7D9657F5E892CDAC98461E41CCF76B3F42471E8DC112FB82F65AD55AE55ADE7F3B85C9EE6E914F2DEE618D55A9FA0F72F6C03664BCDAEDC64ACD9DAE85B0396321F79565522DE272B5D041155C8949BE08B5B09712887BE1E20C31FE5A5A90E0F9610000EF7E1BBA8C7EF3A9F7E3BD2710BCA36C5390673FC55FC47CF63A356472C491229E283A236DB444E75BCD2F43B0FF35B809E6336314945B725912A1C3423141007FFC129C65CCD772966D9E394AECC3252F9C9AD019950C188FE8922A959E19F226B33235BA30D0F3B163F21BE8964C67D0CD118EB7EDBE0DB21762006A115ECCF829452B51E533AC29A836DC6CF40135FCB31B77A287E5CD377A0A80D7F2683A9D9E760F3EA479CFCE9627AFF5BF6AEC257043D71E0CC695D2DF4589C3255DBA1A2F58FA3F673C23FEF80366042BC0DBD7AE2556E3EA38577FC0CA9D56324CB084E6EBE01ADFAD00AB41CF94822FC7680A9007A6BA804A2242E8EDE7D599A46F59886D36E6B7F4AA20D92E682AFC1BB0BD5F5AC0203185B978F438508933EE2A85666467A95051DF1EA0C6366CC28D36030242A4B51820D043190B310D5D51DCE6A6AF333629FAEE5F3A6D88DDC325321A3767CF1C97B6B5FD8E2AC2E95C54F142BD4F5A5F5609E6D4BC09C55FA03F92BA35C006662FC08BEE197777F3E8CC1730F754447D349BF93AA8683D226EBD2FD872CB8383A03058AE9210891886DB9E4DB2300D109B2C32E26C460DA6E362F72214999EFDEED5E7299AA4C6A9DC9A9BB5A8D59374F92C339314BCEDFE44E5F805F37934C94FB6D8C8E2C9045BF0C1CE9A659A40937870F51F36947A89EA941990F743666D6B27C71CDF6366666E3623471945AB3F52F98C6034CE808AF2F10F21541A3B3C1CBF2A204770E10953F63913D1A5695C1A68E48D21F65C210097F931E4DD82A31BEE9EC842D8898A73CB84E236B8A10D3B7D8BE6097E4679CC8BE8C77A1CB824F6231E7D73E819B
+20210525153550 2 6 100 6143 2 E14FDFEE7787F1C28112A16D64FE7C953E3A963B98675E5C078465D774DDD60D0689616D88E223B1D75C4D124BD32324D828137D8AF145AED00162977FA394F7D9657F5E892CDAC98461E41CCF76B3F42471E8DC112FB82F65AD55AE55ADE7F3B85C9EE6E914F2DEE618D55A9FA0F72F6C03664BCDAEDC64ACD9DAE85B0396321F79565522DE272B5D041155C8949BE08B5B09712887BE1E20C31FE5A5A90E0F9610000EF7E1BBA8C7EF3A9F7E3BD2710BCA36C5390673FC55FC47CF63A356472C491229E283A236DB444E75BCD2F43B0FF35B809E6336314945B725912A1C3423141007FFC129C65CCD772966D9E394AECC3252F9C9AD019950C188FE8922A959E19F226B33235BA30D0F3B163F21BE8964C67D0CD118EB7EDBE0DB21762006A115ECCF829452B51E533AC29A836DC6CF40135FCB31B77A287E5CD377A0A80D7F2683A9D9E760F3EA479CFCE9627AFF5BF6AEC257043D71E0CC695D2DF4589C3255DBA1A2F58FA3F673C23FEF80366042BC0DBD7AE2556E3EA38577FC0CA9D56324CB084E6EBE01ADFAD00AB41CF94822FC7680A9007A6BA804A2242E8EDE7D599A46F59886D36E6B7F4AA20D92E682AFC1BB0BD5F5AC0203185B978F438508933EE2A85666467A95051DF1EA0C6366CC28D36030242A4B51820D043190B310D5D51DCE6A6AF333629FAEE5F3A6D88DDC325321A3767CF1C97B6B5FD8E2AC2E95C54F142BD4F5A5F5609E6D4BC09C55FA03F92BA35C006662FC08BEE197777F3E8CC1730F754447D349BF93AA8683D226EBD2FD872CB8383A03058AE9210891886DB9E4DB2300D109B2C32E26C460DA6E362F72214999EFDEED5E7299AA4C6A9DC9A9BB5A8D59374F92C339314BCEDFE44E5F805F37934C94FB6D8C8E2C9045BF0C1CE9A659A40937870F51F36947A89EA941990F743666D6B27C71CDF6366666E3623471945AB3F52F98C6034CE808AF2F10F21541A3B3C1CBF2A204770E10953F63913D1A5695C1A68E48D21F65C210097F931E4DD82A31BEE9EC842D8898A73CB84E236B8A10D3B7D8BE6097E4679CC8BE8C77A1CB824F6231E7D7D225C3
+20210525161421 2 6 100 6143 5 E14FDFEE7787F1C28112A16D64FE7C953E3A963B98675E5C078465D774DDD60D0689616D88E223B1D75C4D124BD32324D828137D8AF145AED00162977FA394F7D9657F5E892CDAC98461E41CCF76B3F42471E8DC112FB82F65AD55AE55ADE7F3B85C9EE6E914F2DEE618D55A9FA0F72F6C03664BCDAEDC64ACD9DAE85B0396321F79565522DE272B5D041155C8949BE08B5B09712887BE1E20C31FE5A5A90E0F9610000EF7E1BBA8C7EF3A9F7E3BD2710BCA36C5390673FC55FC47CF63A356472C491229E283A236DB444E75BCD2F43B0FF35B809E6336314945B725912A1C3423141007FFC129C65CCD772966D9E394AECC3252F9C9AD019950C188FE8922A959E19F226B33235BA30D0F3B163F21BE8964C67D0CD118EB7EDBE0DB21762006A115ECCF829452B51E533AC29A836DC6CF40135FCB31B77A287E5CD377A0A80D7F2683A9D9E760F3EA479CFCE9627AFF5BF6AEC257043D71E0CC695D2DF4589C3255DBA1A2F58FA3F673C23FEF80366042BC0DBD7AE2556E3EA38577FC0CA9D56324CB084E6EBE01ADFAD00AB41CF94822FC7680A9007A6BA804A2242E8EDE7D599A46F59886D36E6B7F4AA20D92E682AFC1BB0BD5F5AC0203185B978F438508933EE2A85666467A95051DF1EA0C6366CC28D36030242A4B51820D043190B310D5D51DCE6A6AF333629FAEE5F3A6D88DDC325321A3767CF1C97B6B5FD8E2AC2E95C54F142BD4F5A5F5609E6D4BC09C55FA03F92BA35C006662FC08BEE197777F3E8CC1730F754447D349BF93AA8683D226EBD2FD872CB8383A03058AE9210891886DB9E4DB2300D109B2C32E26C460DA6E362F72214999EFDEED5E7299AA4C6A9DC9A9BB5A8D59374F92C339314BCEDFE44E5F805F37934C94FB6D8C8E2C9045BF0C1CE9A659A40937870F51F36947A89EA941990F743666D6B27C71CDF6366666E3623471945AB3F52F98C6034CE808AF2F10F21541A3B3C1CBF2A204770E10953F63913D1A5695C1A68E48D21F65C210097F931E4DD82A31BEE9EC842D8898A73CB84E236B8A10D3B7D8BE6097E4679CC8BE8C77A1CB824F6231E7DD5B0F27
+20210525163744 2 6 100 6143 2 E14FDFEE7787F1C28112A16D64FE7C953E3A963B98675E5C078465D774DDD60D0689616D88E223B1D75C4D124BD32324D828137D8AF145AED00162977FA394F7D9657F5E892CDAC98461E41CCF76B3F42471E8DC112FB82F65AD55AE55ADE7F3B85C9EE6E914F2DEE618D55A9FA0F72F6C03664BCDAEDC64ACD9DAE85B0396321F79565522DE272B5D041155C8949BE08B5B09712887BE1E20C31FE5A5A90E0F9610000EF7E1BBA8C7EF3A9F7E3BD2710BCA36C5390673FC55FC47CF63A356472C491229E283A236DB444E75BCD2F43B0FF35B809E6336314945B725912A1C3423141007FFC129C65CCD772966D9E394AECC3252F9C9AD019950C188FE8922A959E19F226B33235BA30D0F3B163F21BE8964C67D0CD118EB7EDBE0DB21762006A115ECCF829452B51E533AC29A836DC6CF40135FCB31B77A287E5CD377A0A80D7F2683A9D9E760F3EA479CFCE9627AFF5BF6AEC257043D71E0CC695D2DF4589C3255DBA1A2F58FA3F673C23FEF80366042BC0DBD7AE2556E3EA38577FC0CA9D56324CB084E6EBE01ADFAD00AB41CF94822FC7680A9007A6BA804A2242E8EDE7D599A46F59886D36E6B7F4AA20D92E682AFC1BB0BD5F5AC0203185B978F438508933EE2A85666467A95051DF1EA0C6366CC28D36030242A4B51820D043190B310D5D51DCE6A6AF333629FAEE5F3A6D88DDC325321A3767CF1C97B6B5FD8E2AC2E95C54F142BD4F5A5F5609E6D4BC09C55FA03F92BA35C006662FC08BEE197777F3E8CC1730F754447D349BF93AA8683D226EBD2FD872CB8383A03058AE9210891886DB9E4DB2300D109B2C32E26C460DA6E362F72214999EFDEED5E7299AA4C6A9DC9A9BB5A8D59374F92C339314BCEDFE44E5F805F37934C94FB6D8C8E2C9045BF0C1CE9A659A40937870F51F36947A89EA941990F743666D6B27C71CDF6366666E3623471945AB3F52F98C6034CE808AF2F10F21541A3B3C1CBF2A204770E10953F63913D1A5695C1A68E48D21F65C210097F931E4DD82A31BEE9EC842D8898A73CB84E236B8A10D3B7D8BE6097E4679CC8BE8C77A1CB824F6231E7E0BFFE7B
+20210525165044 2 6 100 6143 2 E14FDFEE7787F1C28112A16D64FE7C953E3A963B98675E5C078465D774DDD60D0689616D88E223B1D75C4D124BD32324D828137D8AF145AED00162977FA394F7D9657F5E892CDAC98461E41CCF76B3F42471E8DC112FB82F65AD55AE55ADE7F3B85C9EE6E914F2DEE618D55A9FA0F72F6C03664BCDAEDC64ACD9DAE85B0396321F79565522DE272B5D041155C8949BE08B5B09712887BE1E20C31FE5A5A90E0F9610000EF7E1BBA8C7EF3A9F7E3BD2710BCA36C5390673FC55FC47CF63A356472C491229E283A236DB444E75BCD2F43B0FF35B809E6336314945B725912A1C3423141007FFC129C65CCD772966D9E394AECC3252F9C9AD019950C188FE8922A959E19F226B33235BA30D0F3B163F21BE8964C67D0CD118EB7EDBE0DB21762006A115ECCF829452B51E533AC29A836DC6CF40135FCB31B77A287E5CD377A0A80D7F2683A9D9E760F3EA479CFCE9627AFF5BF6AEC257043D71E0CC695D2DF4589C3255DBA1A2F58FA3F673C23FEF80366042BC0DBD7AE2556E3EA38577FC0CA9D56324CB084E6EBE01ADFAD00AB41CF94822FC7680A9007A6BA804A2242E8EDE7D599A46F59886D36E6B7F4AA20D92E682AFC1BB0BD5F5AC0203185B978F438508933EE2A85666467A95051DF1EA0C6366CC28D36030242A4B51820D043190B310D5D51DCE6A6AF333629FAEE5F3A6D88DDC325321A3767CF1C97B6B5FD8E2AC2E95C54F142BD4F5A5F5609E6D4BC09C55FA03F92BA35C006662FC08BEE197777F3E8CC1730F754447D349BF93AA8683D226EBD2FD872CB8383A03058AE9210891886DB9E4DB2300D109B2C32E26C460DA6E362F72214999EFDEED5E7299AA4C6A9DC9A9BB5A8D59374F92C339314BCEDFE44E5F805F37934C94FB6D8C8E2C9045BF0C1CE9A659A40937870F51F36947A89EA941990F743666D6B27C71CDF6366666E3623471945AB3F52F98C6034CE808AF2F10F21541A3B3C1CBF2A204770E10953F63913D1A5695C1A68E48D21F65C210097F931E4DD82A31BEE9EC842D8898A73CB84E236B8A10D3B7D8BE6097E4679CC8BE8C77A1CB824F6231E7E29682EB
+20210525172301 2 6 100 6143 2 E14FDFEE7787F1C28112A16D64FE7C953E3A963B98675E5C078465D774DDD60D0689616D88E223B1D75C4D124BD32324D828137D8AF145AED00162977FA394F7D9657F5E892CDAC98461E41CCF76B3F42471E8DC112FB82F65AD55AE55ADE7F3B85C9EE6E914F2DEE618D55A9FA0F72F6C03664BCDAEDC64ACD9DAE85B0396321F79565522DE272B5D041155C8949BE08B5B09712887BE1E20C31FE5A5A90E0F9610000EF7E1BBA8C7EF3A9F7E3BD2710BCA36C5390673FC55FC47CF63A356472C491229E283A236DB444E75BCD2F43B0FF35B809E6336314945B725912A1C3423141007FFC129C65CCD772966D9E394AECC3252F9C9AD019950C188FE8922A959E19F226B33235BA30D0F3B163F21BE8964C67D0CD118EB7EDBE0DB21762006A115ECCF829452B51E533AC29A836DC6CF40135FCB31B77A287E5CD377A0A80D7F2683A9D9E760F3EA479CFCE9627AFF5BF6AEC257043D71E0CC695D2DF4589C3255DBA1A2F58FA3F673C23FEF80366042BC0DBD7AE2556E3EA38577FC0CA9D56324CB084E6EBE01ADFAD00AB41CF94822FC7680A9007A6BA804A2242E8EDE7D599A46F59886D36E6B7F4AA20D92E682AFC1BB0BD5F5AC0203185B978F438508933EE2A85666467A95051DF1EA0C6366CC28D36030242A4B51820D043190B310D5D51DCE6A6AF333629FAEE5F3A6D88DDC325321A3767CF1C97B6B5FD8E2AC2E95C54F142BD4F5A5F5609E6D4BC09C55FA03F92BA35C006662FC08BEE197777F3E8CC1730F754447D349BF93AA8683D226EBD2FD872CB8383A03058AE9210891886DB9E4DB2300D109B2C32E26C460DA6E362F72214999EFDEED5E7299AA4C6A9DC9A9BB5A8D59374F92C339314BCEDFE44E5F805F37934C94FB6D8C8E2C9045BF0C1CE9A659A40937870F51F36947A89EA941990F743666D6B27C71CDF6366666E3623471945AB3F52F98C6034CE808AF2F10F21541A3B3C1CBF2A204770E10953F63913D1A5695C1A68E48D21F65C210097F931E4DD82A31BEE9EC842D8898A73CB84E236B8A10D3B7D8BE6097E4679CC8BE8C77A1CB824F6231E7E730C6C3
+20210525172835 2 6 100 6143 5 E14FDFEE7787F1C28112A16D64FE7C953E3A963B98675E5C078465D774DDD60D0689616D88E223B1D75C4D124BD32324D828137D8AF145AED00162977FA394F7D9657F5E892CDAC98461E41CCF76B3F42471E8DC112FB82F65AD55AE55ADE7F3B85C9EE6E914F2DEE618D55A9FA0F72F6C03664BCDAEDC64ACD9DAE85B0396321F79565522DE272B5D041155C8949BE08B5B09712887BE1E20C31FE5A5A90E0F9610000EF7E1BBA8C7EF3A9F7E3BD2710BCA36C5390673FC55FC47CF63A356472C491229E283A236DB444E75BCD2F43B0FF35B809E6336314945B725912A1C3423141007FFC129C65CCD772966D9E394AECC3252F9C9AD019950C188FE8922A959E19F226B33235BA30D0F3B163F21BE8964C67D0CD118EB7EDBE0DB21762006A115ECCF829452B51E533AC29A836DC6CF40135FCB31B77A287E5CD377A0A80D7F2683A9D9E760F3EA479CFCE9627AFF5BF6AEC257043D71E0CC695D2DF4589C3255DBA1A2F58FA3F673C23FEF80366042BC0DBD7AE2556E3EA38577FC0CA9D56324CB084E6EBE01ADFAD00AB41CF94822FC7680A9007A6BA804A2242E8EDE7D599A46F59886D36E6B7F4AA20D92E682AFC1BB0BD5F5AC0203185B978F438508933EE2A85666467A95051DF1EA0C6366CC28D36030242A4B51820D043190B310D5D51DCE6A6AF333629FAEE5F3A6D88DDC325321A3767CF1C97B6B5FD8E2AC2E95C54F142BD4F5A5F5609E6D4BC09C55FA03F92BA35C006662FC08BEE197777F3E8CC1730F754447D349BF93AA8683D226EBD2FD872CB8383A03058AE9210891886DB9E4DB2300D109B2C32E26C460DA6E362F72214999EFDEED5E7299AA4C6A9DC9A9BB5A8D59374F92C339314BCEDFE44E5F805F37934C94FB6D8C8E2C9045BF0C1CE9A659A40937870F51F36947A89EA941990F743666D6B27C71CDF6366666E3623471945AB3F52F98C6034CE808AF2F10F21541A3B3C1CBF2A204770E10953F63913D1A5695C1A68E48D21F65C210097F931E4DD82A31BEE9EC842D8898A73CB84E236B8A10D3B7D8BE6097E4679CC8BE8C77A1CB824F6231E7E7F17D9F
+20210525173319 2 6 100 6143 5 E14FDFEE7787F1C28112A16D64FE7C953E3A963B98675E5C078465D774DDD60D0689616D88E223B1D75C4D124BD32324D828137D8AF145AED00162977FA394F7D9657F5E892CDAC98461E41CCF76B3F42471E8DC112FB82F65AD55AE55ADE7F3B85C9EE6E914F2DEE618D55A9FA0F72F6C03664BCDAEDC64ACD9DAE85B0396321F79565522DE272B5D041155C8949BE08B5B09712887BE1E20C31FE5A5A90E0F9610000EF7E1BBA8C7EF3A9F7E3BD2710BCA36C5390673FC55FC47CF63A356472C491229E283A236DB444E75BCD2F43B0FF35B809E6336314945B725912A1C3423141007FFC129C65CCD772966D9E394AECC3252F9C9AD019950C188FE8922A959E19F226B33235BA30D0F3B163F21BE8964C67D0CD118EB7EDBE0DB21762006A115ECCF829452B51E533AC29A836DC6CF40135FCB31B77A287E5CD377A0A80D7F2683A9D9E760F3EA479CFCE9627AFF5BF6AEC257043D71E0CC695D2DF4589C3255DBA1A2F58FA3F673C23FEF80366042BC0DBD7AE2556E3EA38577FC0CA9D56324CB084E6EBE01ADFAD00AB41CF94822FC7680A9007A6BA804A2242E8EDE7D599A46F59886D36E6B7F4AA20D92E682AFC1BB0BD5F5AC0203185B978F438508933EE2A85666467A95051DF1EA0C6366CC28D36030242A4B51820D043190B310D5D51DCE6A6AF333629FAEE5F3A6D88DDC325321A3767CF1C97B6B5FD8E2AC2E95C54F142BD4F5A5F5609E6D4BC09C55FA03F92BA35C006662FC08BEE197777F3E8CC1730F754447D349BF93AA8683D226EBD2FD872CB8383A03058AE9210891886DB9E4DB2300D109B2C32E26C460DA6E362F72214999EFDEED5E7299AA4C6A9DC9A9BB5A8D59374F92C339314BCEDFE44E5F805F37934C94FB6D8C8E2C9045BF0C1CE9A659A40937870F51F36947A89EA941990F743666D6B27C71CDF6366666E3623471945AB3F52F98C6034CE808AF2F10F21541A3B3C1CBF2A204770E10953F63913D1A5695C1A68E48D21F65C210097F931E4DD82A31BEE9EC842D8898A73CB84E236B8A10D3B7D8BE6097E4679CC8BE8C77A1CB824F6231E7E89CD397
+20210525174552 2 6 100 6143 2 E14FDFEE7787F1C28112A16D64FE7C953E3A963B98675E5C078465D774DDD60D0689616D88E223B1D75C4D124BD32324D828137D8AF145AED00162977FA394F7D9657F5E892CDAC98461E41CCF76B3F42471E8DC112FB82F65AD55AE55ADE7F3B85C9EE6E914F2DEE618D55A9FA0F72F6C03664BCDAEDC64ACD9DAE85B0396321F79565522DE272B5D041155C8949BE08B5B09712887BE1E20C31FE5A5A90E0F9610000EF7E1BBA8C7EF3A9F7E3BD2710BCA36C5390673FC55FC47CF63A356472C491229E283A236DB444E75BCD2F43B0FF35B809E6336314945B725912A1C3423141007FFC129C65CCD772966D9E394AECC3252F9C9AD019950C188FE8922A959E19F226B33235BA30D0F3B163F21BE8964C67D0CD118EB7EDBE0DB21762006A115ECCF829452B51E533AC29A836DC6CF40135FCB31B77A287E5CD377A0A80D7F2683A9D9E760F3EA479CFCE9627AFF5BF6AEC257043D71E0CC695D2DF4589C3255DBA1A2F58FA3F673C23FEF80366042BC0DBD7AE2556E3EA38577FC0CA9D56324CB084E6EBE01ADFAD00AB41CF94822FC7680A9007A6BA804A2242E8EDE7D599A46F59886D36E6B7F4AA20D92E682AFC1BB0BD5F5AC0203185B978F438508933EE2A85666467A95051DF1EA0C6366CC28D36030242A4B51820D043190B310D5D51DCE6A6AF333629FAEE5F3A6D88DDC325321A3767CF1C97B6B5FD8E2AC2E95C54F142BD4F5A5F5609E6D4BC09C55FA03F92BA35C006662FC08BEE197777F3E8CC1730F754447D349BF93AA8683D226EBD2FD872CB8383A03058AE9210891886DB9E4DB2300D109B2C32E26C460DA6E362F72214999EFDEED5E7299AA4C6A9DC9A9BB5A8D59374F92C339314BCEDFE44E5F805F37934C94FB6D8C8E2C9045BF0C1CE9A659A40937870F51F36947A89EA941990F743666D6B27C71CDF6366666E3623471945AB3F52F98C6034CE808AF2F10F21541A3B3C1CBF2A204770E10953F63913D1A5695C1A68E48D21F65C210097F931E4DD82A31BEE9EC842D8898A73CB84E236B8A10D3B7D8BE6097E4679CC8BE8C77A1CB824F6231E7EA6442E3
+20210525175415 2 6 100 6143 5 E14FDFEE7787F1C28112A16D64FE7C953E3A963B98675E5C078465D774DDD60D0689616D88E223B1D75C4D124BD32324D828137D8AF145AED00162977FA394F7D9657F5E892CDAC98461E41CCF76B3F42471E8DC112FB82F65AD55AE55ADE7F3B85C9EE6E914F2DEE618D55A9FA0F72F6C03664BCDAEDC64ACD9DAE85B0396321F79565522DE272B5D041155C8949BE08B5B09712887BE1E20C31FE5A5A90E0F9610000EF7E1BBA8C7EF3A9F7E3BD2710BCA36C5390673FC55FC47CF63A356472C491229E283A236DB444E75BCD2F43B0FF35B809E6336314945B725912A1C3423141007FFC129C65CCD772966D9E394AECC3252F9C9AD019950C188FE8922A959E19F226B33235BA30D0F3B163F21BE8964C67D0CD118EB7EDBE0DB21762006A115ECCF829452B51E533AC29A836DC6CF40135FCB31B77A287E5CD377A0A80D7F2683A9D9E760F3EA479CFCE9627AFF5BF6AEC257043D71E0CC695D2DF4589C3255DBA1A2F58FA3F673C23FEF80366042BC0DBD7AE2556E3EA38577FC0CA9D56324CB084E6EBE01ADFAD00AB41CF94822FC7680A9007A6BA804A2242E8EDE7D599A46F59886D36E6B7F4AA20D92E682AFC1BB0BD5F5AC0203185B978F438508933EE2A85666467A95051DF1EA0C6366CC28D36030242A4B51820D043190B310D5D51DCE6A6AF333629FAEE5F3A6D88DDC325321A3767CF1C97B6B5FD8E2AC2E95C54F142BD4F5A5F5609E6D4BC09C55FA03F92BA35C006662FC08BEE197777F3E8CC1730F754447D349BF93AA8683D226EBD2FD872CB8383A03058AE9210891886DB9E4DB2300D109B2C32E26C460DA6E362F72214999EFDEED5E7299AA4C6A9DC9A9BB5A8D59374F92C339314BCEDFE44E5F805F37934C94FB6D8C8E2C9045BF0C1CE9A659A40937870F51F36947A89EA941990F743666D6B27C71CDF6366666E3623471945AB3F52F98C6034CE808AF2F10F21541A3B3C1CBF2A204770E10953F63913D1A5695C1A68E48D21F65C210097F931E4DD82A31BEE9EC842D8898A73CB84E236B8A10D3B7D8BE6097E4679CC8BE8C77A1CB824F6231E7EB8F5A57
+20210525183229 2 6 100 7679 2 E3F4DC1A68758284B2950A16204A7D9CB3972B0E74E2CDF12518B48DA3F349640BFEDA5162CB2EC47E2593EDB3BB51D743F3F4948A4D940B37B724B6D7E5F5BFD44F9D3CFB0F6E2CC1B33AEB7FCA7C2E26EFC55208D15DD12B08925383346148CA7CEEE874499CBE6E5D34AF7EF47742F683398B5418E3FA261013922180C6EEB4250632A2F93CDC281E6E76A488FEB4CE7B4C9783A37201CE4B551B53EEBF291234454CD0A4DC1B78C2D0F1BF72EC5D64EDBE8CB662F373ED861194F02AFBC8B7133ED9BDDFEEBA8E7C19C58505DF691960346B4F9E0FC1076DE872E6CB4323B8AD7FB4B086B26E10A55ECEB23F6FE78A5224A0679E5EA529C1327D38EDCCD340788D6216D1388B33A8E93B41B0B13ECAB9B7D647BBFBA2181E752B9DE7230C13B38E0988CAD88E2B1F8B8B1C938B93BAD62F250289CE33E3BE77C04B8090B806B031C23413EAE7799E6FB6DFB02ACCD308EA8688245527ED4918ACE575748DC01C02A6420C9CEECCAF8CBA73F16282DEEC6697CF82C880E3FFC8FD149411C6AD19AAF3B30BF2EE89977B7536C9607777F6E4F6E83B84BB4D9B359EDA6A5A1167B6D352F4D6CCE10F2C974EB81CB1C75280406B2F891A7E500BD58648A5A88ACDD1A6D7A2D80690BB441E533171930ABA557A52BD2512E3FD9A3E5DE6A378E3FED42D6ED5480093D3B0E068F2A24B54FF43BEE12BDD5A646B4A2C1746C27328792A4B9528FB45F6AF56C6F917978B535D98C2441EE79D825E73BF97A7D49B5DC85B12B0C257DF6AF0907B771C5EA582C9DECDDC3CC1852AE403FDCA636DB4B111747646CF893260651567C4C63B391013CA9047AE7F77BCE46A16FBE54054CA8D74AE248A5C5A22B841D31B89C82C8D9567A03B249A07FC1CEFB03B569AB328B0028DA5F3D4D2E2BBE076D9DAAE0DA86DA2648E7311709D0A8C6083C42F9FE430418C2597BF533D294E15E53D5E045A95222A23F4CA7AC9FF35A0E1CBFB80227D800ADA8F79FE463F1C9FA0D8A4E9F6C42ACAB07B5A7CE6E1BB649264EF1EBBDE073A1892B3EDA5CF60D0921754A5848FE47F32168A094CAB1D242EF095BAAD113824511114B4714DDAAA585E3A653DEF46A70DB8D43E4813E6A03E5779B9A9194925CC967DF08F1EB9CEC35EA96BB3D78C40B0A4B8AA79D101CD8110E37119267CC3F2ADA62E3CA0F444C22CF5A73D46BBFDE56BBD1E4FC397A9D6975E77923B6E3AD4CAB4A4E3C5EEB01DC1B7690BF44197AAD7D1B802BB4F6494095E708F4A7F9642AAD64B0511037DC9A65663C4AA6046575A56226103E282B61286CFE6BD8672A3C297DB544E3CF08013BD2B32130D21E521351E9AA9F37816BFE560FB
+20210525190732 2 6 100 7679 2 E3F4DC1A68758284B2950A16204A7D9CB3972B0E74E2CDF12518B48DA3F349640BFEDA5162CB2EC47E2593EDB3BB51D743F3F4948A4D940B37B724B6D7E5F5BFD44F9D3CFB0F6E2CC1B33AEB7FCA7C2E26EFC55208D15DD12B08925383346148CA7CEEE874499CBE6E5D34AF7EF47742F683398B5418E3FA261013922180C6EEB4250632A2F93CDC281E6E76A488FEB4CE7B4C9783A37201CE4B551B53EEBF291234454CD0A4DC1B78C2D0F1BF72EC5D64EDBE8CB662F373ED861194F02AFBC8B7133ED9BDDFEEBA8E7C19C58505DF691960346B4F9E0FC1076DE872E6CB4323B8AD7FB4B086B26E10A55ECEB23F6FE78A5224A0679E5EA529C1327D38EDCCD340788D6216D1388B33A8E93B41B0B13ECAB9B7D647BBFBA2181E752B9DE7230C13B38E0988CAD88E2B1F8B8B1C938B93BAD62F250289CE33E3BE77C04B8090B806B031C23413EAE7799E6FB6DFB02ACCD308EA8688245527ED4918ACE575748DC01C02A6420C9CEECCAF8CBA73F16282DEEC6697CF82C880E3FFC8FD149411C6AD19AAF3B30BF2EE89977B7536C9607777F6E4F6E83B84BB4D9B359EDA6A5A1167B6D352F4D6CCE10F2C974EB81CB1C75280406B2F891A7E500BD58648A5A88ACDD1A6D7A2D80690BB441E533171930ABA557A52BD2512E3FD9A3E5DE6A378E3FED42D6ED5480093D3B0E068F2A24B54FF43BEE12BDD5A646B4A2C1746C27328792A4B9528FB45F6AF56C6F917978B535D98C2441EE79D825E73BF97A7D49B5DC85B12B0C257DF6AF0907B771C5EA582C9DECDDC3CC1852AE403FDCA636DB4B111747646CF893260651567C4C63B391013CA9047AE7F77BCE46A16FBE54054CA8D74AE248A5C5A22B841D31B89C82C8D9567A03B249A07FC1CEFB03B569AB328B0028DA5F3D4D2E2BBE076D9DAAE0DA86DA2648E7311709D0A8C6083C42F9FE430418C2597BF533D294E15E53D5E045A95222A23F4CA7AC9FF35A0E1CBFB80227D800ADA8F79FE463F1C9FA0D8A4E9F6C42ACAB07B5A7CE6E1BB649264EF1EBBDE073A1892B3EDA5CF60D0921754A5848FE47F32168A094CAB1D242EF095BAAD113824511114B4714DDAAA585E3A653DEF46A70DB8D43E4813E6A03E5779B9A9194925CC967DF08F1EB9CEC35EA96BB3D78C40B0A4B8AA79D101CD8110E37119267CC3F2ADA62E3CA0F444C22CF5A73D46BBFDE56BBD1E4FC397A9D6975E77923B6E3AD4CAB4A4E3C5EEB01DC1B7690BF44197AAD7D1B802BB4F6494095E708F4A7F9642AAD64B0511037DC9A65663C4AA6046575A56226103E282B61286CFE6BD8672A3C297DB544E3CF08013BD2B32130D21E521351E9AA9F37816C2E82C7B
+20210525191937 2 6 100 7679 5 E3F4DC1A68758284B2950A16204A7D9CB3972B0E74E2CDF12518B48DA3F349640BFEDA5162CB2EC47E2593EDB3BB51D743F3F4948A4D940B37B724B6D7E5F5BFD44F9D3CFB0F6E2CC1B33AEB7FCA7C2E26EFC55208D15DD12B08925383346148CA7CEEE874499CBE6E5D34AF7EF47742F683398B5418E3FA261013922180C6EEB4250632A2F93CDC281E6E76A488FEB4CE7B4C9783A37201CE4B551B53EEBF291234454CD0A4DC1B78C2D0F1BF72EC5D64EDBE8CB662F373ED861194F02AFBC8B7133ED9BDDFEEBA8E7C19C58505DF691960346B4F9E0FC1076DE872E6CB4323B8AD7FB4B086B26E10A55ECEB23F6FE78A5224A0679E5EA529C1327D38EDCCD340788D6216D1388B33A8E93B41B0B13ECAB9B7D647BBFBA2181E752B9DE7230C13B38E0988CAD88E2B1F8B8B1C938B93BAD62F250289CE33E3BE77C04B8090B806B031C23413EAE7799E6FB6DFB02ACCD308EA8688245527ED4918ACE575748DC01C02A6420C9CEECCAF8CBA73F16282DEEC6697CF82C880E3FFC8FD149411C6AD19AAF3B30BF2EE89977B7536C9607777F6E4F6E83B84BB4D9B359EDA6A5A1167B6D352F4D6CCE10F2C974EB81CB1C75280406B2F891A7E500BD58648A5A88ACDD1A6D7A2D80690BB441E533171930ABA557A52BD2512E3FD9A3E5DE6A378E3FED42D6ED5480093D3B0E068F2A24B54FF43BEE12BDD5A646B4A2C1746C27328792A4B9528FB45F6AF56C6F917978B535D98C2441EE79D825E73BF97A7D49B5DC85B12B0C257DF6AF0907B771C5EA582C9DECDDC3CC1852AE403FDCA636DB4B111747646CF893260651567C4C63B391013CA9047AE7F77BCE46A16FBE54054CA8D74AE248A5C5A22B841D31B89C82C8D9567A03B249A07FC1CEFB03B569AB328B0028DA5F3D4D2E2BBE076D9DAAE0DA86DA2648E7311709D0A8C6083C42F9FE430418C2597BF533D294E15E53D5E045A95222A23F4CA7AC9FF35A0E1CBFB80227D800ADA8F79FE463F1C9FA0D8A4E9F6C42ACAB07B5A7CE6E1BB649264EF1EBBDE073A1892B3EDA5CF60D0921754A5848FE47F32168A094CAB1D242EF095BAAD113824511114B4714DDAAA585E3A653DEF46A70DB8D43E4813E6A03E5779B9A9194925CC967DF08F1EB9CEC35EA96BB3D78C40B0A4B8AA79D101CD8110E37119267CC3F2ADA62E3CA0F444C22CF5A73D46BBFDE56BBD1E4FC397A9D6975E77923B6E3AD4CAB4A4E3C5EEB01DC1B7690BF44197AAD7D1B802BB4F6494095E708F4A7F9642AAD64B0511037DC9A65663C4AA6046575A56226103E282B61286CFE6BD8672A3C297DB544E3CF08013BD2B32130D21E521351E9AA9F37816C3EC147F
+20210525193159 2 6 100 7679 2 E3F4DC1A68758284B2950A16204A7D9CB3972B0E74E2CDF12518B48DA3F349640BFEDA5162CB2EC47E2593EDB3BB51D743F3F4948A4D940B37B724B6D7E5F5BFD44F9D3CFB0F6E2CC1B33AEB7FCA7C2E26EFC55208D15DD12B08925383346148CA7CEEE874499CBE6E5D34AF7EF47742F683398B5418E3FA261013922180C6EEB4250632A2F93CDC281E6E76A488FEB4CE7B4C9783A37201CE4B551B53EEBF291234454CD0A4DC1B78C2D0F1BF72EC5D64EDBE8CB662F373ED861194F02AFBC8B7133ED9BDDFEEBA8E7C19C58505DF691960346B4F9E0FC1076DE872E6CB4323B8AD7FB4B086B26E10A55ECEB23F6FE78A5224A0679E5EA529C1327D38EDCCD340788D6216D1388B33A8E93B41B0B13ECAB9B7D647BBFBA2181E752B9DE7230C13B38E0988CAD88E2B1F8B8B1C938B93BAD62F250289CE33E3BE77C04B8090B806B031C23413EAE7799E6FB6DFB02ACCD308EA8688245527ED4918ACE575748DC01C02A6420C9CEECCAF8CBA73F16282DEEC6697CF82C880E3FFC8FD149411C6AD19AAF3B30BF2EE89977B7536C9607777F6E4F6E83B84BB4D9B359EDA6A5A1167B6D352F4D6CCE10F2C974EB81CB1C75280406B2F891A7E500BD58648A5A88ACDD1A6D7A2D80690BB441E533171930ABA557A52BD2512E3FD9A3E5DE6A378E3FED42D6ED5480093D3B0E068F2A24B54FF43BEE12BDD5A646B4A2C1746C27328792A4B9528FB45F6AF56C6F917978B535D98C2441EE79D825E73BF97A7D49B5DC85B12B0C257DF6AF0907B771C5EA582C9DECDDC3CC1852AE403FDCA636DB4B111747646CF893260651567C4C63B391013CA9047AE7F77BCE46A16FBE54054CA8D74AE248A5C5A22B841D31B89C82C8D9567A03B249A07FC1CEFB03B569AB328B0028DA5F3D4D2E2BBE076D9DAAE0DA86DA2648E7311709D0A8C6083C42F9FE430418C2597BF533D294E15E53D5E045A95222A23F4CA7AC9FF35A0E1CBFB80227D800ADA8F79FE463F1C9FA0D8A4E9F6C42ACAB07B5A7CE6E1BB649264EF1EBBDE073A1892B3EDA5CF60D0921754A5848FE47F32168A094CAB1D242EF095BAAD113824511114B4714DDAAA585E3A653DEF46A70DB8D43E4813E6A03E5779B9A9194925CC967DF08F1EB9CEC35EA96BB3D78C40B0A4B8AA79D101CD8110E37119267CC3F2ADA62E3CA0F444C22CF5A73D46BBFDE56BBD1E4FC397A9D6975E77923B6E3AD4CAB4A4E3C5EEB01DC1B7690BF44197AAD7D1B802BB4F6494095E708F4A7F9642AAD64B0511037DC9A65663C4AA6046575A56226103E282B61286CFE6BD8672A3C297DB544E3CF08013BD2B32130D21E521351E9AA9F37816C4F60C8B
+20210525194246 2 6 100 7679 2 E3F4DC1A68758284B2950A16204A7D9CB3972B0E74E2CDF12518B48DA3F349640BFEDA5162CB2EC47E2593EDB3BB51D743F3F4948A4D940B37B724B6D7E5F5BFD44F9D3CFB0F6E2CC1B33AEB7FCA7C2E26EFC55208D15DD12B08925383346148CA7CEEE874499CBE6E5D34AF7EF47742F683398B5418E3FA261013922180C6EEB4250632A2F93CDC281E6E76A488FEB4CE7B4C9783A37201CE4B551B53EEBF291234454CD0A4DC1B78C2D0F1BF72EC5D64EDBE8CB662F373ED861194F02AFBC8B7133ED9BDDFEEBA8E7C19C58505DF691960346B4F9E0FC1076DE872E6CB4323B8AD7FB4B086B26E10A55ECEB23F6FE78A5224A0679E5EA529C1327D38EDCCD340788D6216D1388B33A8E93B41B0B13ECAB9B7D647BBFBA2181E752B9DE7230C13B38E0988CAD88E2B1F8B8B1C938B93BAD62F250289CE33E3BE77C04B8090B806B031C23413EAE7799E6FB6DFB02ACCD308EA8688245527ED4918ACE575748DC01C02A6420C9CEECCAF8CBA73F16282DEEC6697CF82C880E3FFC8FD149411C6AD19AAF3B30BF2EE89977B7536C9607777F6E4F6E83B84BB4D9B359EDA6A5A1167B6D352F4D6CCE10F2C974EB81CB1C75280406B2F891A7E500BD58648A5A88ACDD1A6D7A2D80690BB441E533171930ABA557A52BD2512E3FD9A3E5DE6A378E3FED42D6ED5480093D3B0E068F2A24B54FF43BEE12BDD5A646B4A2C1746C27328792A4B9528FB45F6AF56C6F917978B535D98C2441EE79D825E73BF97A7D49B5DC85B12B0C257DF6AF0907B771C5EA582C9DECDDC3CC1852AE403FDCA636DB4B111747646CF893260651567C4C63B391013CA9047AE7F77BCE46A16FBE54054CA8D74AE248A5C5A22B841D31B89C82C8D9567A03B249A07FC1CEFB03B569AB328B0028DA5F3D4D2E2BBE076D9DAAE0DA86DA2648E7311709D0A8C6083C42F9FE430418C2597BF533D294E15E53D5E045A95222A23F4CA7AC9FF35A0E1CBFB80227D800ADA8F79FE463F1C9FA0D8A4E9F6C42ACAB07B5A7CE6E1BB649264EF1EBBDE073A1892B3EDA5CF60D0921754A5848FE47F32168A094CAB1D242EF095BAAD113824511114B4714DDAAA585E3A653DEF46A70DB8D43E4813E6A03E5779B9A9194925CC967DF08F1EB9CEC35EA96BB3D78C40B0A4B8AA79D101CD8110E37119267CC3F2ADA62E3CA0F444C22CF5A73D46BBFDE56BBD1E4FC397A9D6975E77923B6E3AD4CAB4A4E3C5EEB01DC1B7690BF44197AAD7D1B802BB4F6494095E708F4A7F9642AAD64B0511037DC9A65663C4AA6046575A56226103E282B61286CFE6BD8672A3C297DB544E3CF08013BD2B32130D21E521351E9AA9F37816C5D97313
+20210525203443 2 6 100 7679 2 E3F4DC1A68758284B2950A16204A7D9CB3972B0E74E2CDF12518B48DA3F349640BFEDA5162CB2EC47E2593EDB3BB51D743F3F4948A4D940B37B724B6D7E5F5BFD44F9D3CFB0F6E2CC1B33AEB7FCA7C2E26EFC55208D15DD12B08925383346148CA7CEEE874499CBE6E5D34AF7EF47742F683398B5418E3FA261013922180C6EEB4250632A2F93CDC281E6E76A488FEB4CE7B4C9783A37201CE4B551B53EEBF291234454CD0A4DC1B78C2D0F1BF72EC5D64EDBE8CB662F373ED861194F02AFBC8B7133ED9BDDFEEBA8E7C19C58505DF691960346B4F9E0FC1076DE872E6CB4323B8AD7FB4B086B26E10A55ECEB23F6FE78A5224A0679E5EA529C1327D38EDCCD340788D6216D1388B33A8E93B41B0B13ECAB9B7D647BBFBA2181E752B9DE7230C13B38E0988CAD88E2B1F8B8B1C938B93BAD62F250289CE33E3BE77C04B8090B806B031C23413EAE7799E6FB6DFB02ACCD308EA8688245527ED4918ACE575748DC01C02A6420C9CEECCAF8CBA73F16282DEEC6697CF82C880E3FFC8FD149411C6AD19AAF3B30BF2EE89977B7536C9607777F6E4F6E83B84BB4D9B359EDA6A5A1167B6D352F4D6CCE10F2C974EB81CB1C75280406B2F891A7E500BD58648A5A88ACDD1A6D7A2D80690BB441E533171930ABA557A52BD2512E3FD9A3E5DE6A378E3FED42D6ED5480093D3B0E068F2A24B54FF43BEE12BDD5A646B4A2C1746C27328792A4B9528FB45F6AF56C6F917978B535D98C2441EE79D825E73BF97A7D49B5DC85B12B0C257DF6AF0907B771C5EA582C9DECDDC3CC1852AE403FDCA636DB4B111747646CF893260651567C4C63B391013CA9047AE7F77BCE46A16FBE54054CA8D74AE248A5C5A22B841D31B89C82C8D9567A03B249A07FC1CEFB03B569AB328B0028DA5F3D4D2E2BBE076D9DAAE0DA86DA2648E7311709D0A8C6083C42F9FE430418C2597BF533D294E15E53D5E045A95222A23F4CA7AC9FF35A0E1CBFB80227D800ADA8F79FE463F1C9FA0D8A4E9F6C42ACAB07B5A7CE6E1BB649264EF1EBBDE073A1892B3EDA5CF60D0921754A5848FE47F32168A094CAB1D242EF095BAAD113824511114B4714DDAAA585E3A653DEF46A70DB8D43E4813E6A03E5779B9A9194925CC967DF08F1EB9CEC35EA96BB3D78C40B0A4B8AA79D101CD8110E37119267CC3F2ADA62E3CA0F444C22CF5A73D46BBFDE56BBD1E4FC397A9D6975E77923B6E3AD4CAB4A4E3C5EEB01DC1B7690BF44197AAD7D1B802BB4F6494095E708F4A7F9642AAD64B0511037DC9A65663C4AA6046575A56226103E282B61286CFE6BD8672A3C297DB544E3CF08013BD2B32130D21E521351E9AA9F37816CA459133
+20210525215204 2 6 100 7679 2 E3F4DC1A68758284B2950A16204A7D9CB3972B0E74E2CDF12518B48DA3F349640BFEDA5162CB2EC47E2593EDB3BB51D743F3F4948A4D940B37B724B6D7E5F5BFD44F9D3CFB0F6E2CC1B33AEB7FCA7C2E26EFC55208D15DD12B08925383346148CA7CEEE874499CBE6E5D34AF7EF47742F683398B5418E3FA261013922180C6EEB4250632A2F93CDC281E6E76A488FEB4CE7B4C9783A37201CE4B551B53EEBF291234454CD0A4DC1B78C2D0F1BF72EC5D64EDBE8CB662F373ED861194F02AFBC8B7133ED9BDDFEEBA8E7C19C58505DF691960346B4F9E0FC1076DE872E6CB4323B8AD7FB4B086B26E10A55ECEB23F6FE78A5224A0679E5EA529C1327D38EDCCD340788D6216D1388B33A8E93B41B0B13ECAB9B7D647BBFBA2181E752B9DE7230C13B38E0988CAD88E2B1F8B8B1C938B93BAD62F250289CE33E3BE77C04B8090B806B031C23413EAE7799E6FB6DFB02ACCD308EA8688245527ED4918ACE575748DC01C02A6420C9CEECCAF8CBA73F16282DEEC6697CF82C880E3FFC8FD149411C6AD19AAF3B30BF2EE89977B7536C9607777F6E4F6E83B84BB4D9B359EDA6A5A1167B6D352F4D6CCE10F2C974EB81CB1C75280406B2F891A7E500BD58648A5A88ACDD1A6D7A2D80690BB441E533171930ABA557A52BD2512E3FD9A3E5DE6A378E3FED42D6ED5480093D3B0E068F2A24B54FF43BEE12BDD5A646B4A2C1746C27328792A4B9528FB45F6AF56C6F917978B535D98C2441EE79D825E73BF97A7D49B5DC85B12B0C257DF6AF0907B771C5EA582C9DECDDC3CC1852AE403FDCA636DB4B111747646CF893260651567C4C63B391013CA9047AE7F77BCE46A16FBE54054CA8D74AE248A5C5A22B841D31B89C82C8D9567A03B249A07FC1CEFB03B569AB328B0028DA5F3D4D2E2BBE076D9DAAE0DA86DA2648E7311709D0A8C6083C42F9FE430418C2597BF533D294E15E53D5E045A95222A23F4CA7AC9FF35A0E1CBFB80227D800ADA8F79FE463F1C9FA0D8A4E9F6C42ACAB07B5A7CE6E1BB649264EF1EBBDE073A1892B3EDA5CF60D0921754A5848FE47F32168A094CAB1D242EF095BAAD113824511114B4714DDAAA585E3A653DEF46A70DB8D43E4813E6A03E5779B9A9194925CC967DF08F1EB9CEC35EA96BB3D78C40B0A4B8AA79D101CD8110E37119267CC3F2ADA62E3CA0F444C22CF5A73D46BBFDE56BBD1E4FC397A9D6975E77923B6E3AD4CAB4A4E3C5EEB01DC1B7690BF44197AAD7D1B802BB4F6494095E708F4A7F9642AAD64B0511037DC9A65663C4AA6046575A56226103E282B61286CFE6BD8672A3C297DB544E3CF08013BD2B32130D21E521351E9AA9F37816D0DE4FDB
+20210525233543 2 6 100 7679 5 E3F4DC1A68758284B2950A16204A7D9CB3972B0E74E2CDF12518B48DA3F349640BFEDA5162CB2EC47E2593EDB3BB51D743F3F4948A4D940B37B724B6D7E5F5BFD44F9D3CFB0F6E2CC1B33AEB7FCA7C2E26EFC55208D15DD12B08925383346148CA7CEEE874499CBE6E5D34AF7EF47742F683398B5418E3FA261013922180C6EEB4250632A2F93CDC281E6E76A488FEB4CE7B4C9783A37201CE4B551B53EEBF291234454CD0A4DC1B78C2D0F1BF72EC5D64EDBE8CB662F373ED861194F02AFBC8B7133ED9BDDFEEBA8E7C19C58505DF691960346B4F9E0FC1076DE872E6CB4323B8AD7FB4B086B26E10A55ECEB23F6FE78A5224A0679E5EA529C1327D38EDCCD340788D6216D1388B33A8E93B41B0B13ECAB9B7D647BBFBA2181E752B9DE7230C13B38E0988CAD88E2B1F8B8B1C938B93BAD62F250289CE33E3BE77C04B8090B806B031C23413EAE7799E6FB6DFB02ACCD308EA8688245527ED4918ACE575748DC01C02A6420C9CEECCAF8CBA73F16282DEEC6697CF82C880E3FFC8FD149411C6AD19AAF3B30BF2EE89977B7536C9607777F6E4F6E83B84BB4D9B359EDA6A5A1167B6D352F4D6CCE10F2C974EB81CB1C75280406B2F891A7E500BD58648A5A88ACDD1A6D7A2D80690BB441E533171930ABA557A52BD2512E3FD9A3E5DE6A378E3FED42D6ED5480093D3B0E068F2A24B54FF43BEE12BDD5A646B4A2C1746C27328792A4B9528FB45F6AF56C6F917978B535D98C2441EE79D825E73BF97A7D49B5DC85B12B0C257DF6AF0907B771C5EA582C9DECDDC3CC1852AE403FDCA636DB4B111747646CF893260651567C4C63B391013CA9047AE7F77BCE46A16FBE54054CA8D74AE248A5C5A22B841D31B89C82C8D9567A03B249A07FC1CEFB03B569AB328B0028DA5F3D4D2E2BBE076D9DAAE0DA86DA2648E7311709D0A8C6083C42F9FE430418C2597BF533D294E15E53D5E045A95222A23F4CA7AC9FF35A0E1CBFB80227D800ADA8F79FE463F1C9FA0D8A4E9F6C42ACAB07B5A7CE6E1BB649264EF1EBBDE073A1892B3EDA5CF60D0921754A5848FE47F32168A094CAB1D242EF095BAAD113824511114B4714DDAAA585E3A653DEF46A70DB8D43E4813E6A03E5779B9A9194925CC967DF08F1EB9CEC35EA96BB3D78C40B0A4B8AA79D101CD8110E37119267CC3F2ADA62E3CA0F444C22CF5A73D46BBFDE56BBD1E4FC397A9D6975E77923B6E3AD4CAB4A4E3C5EEB01DC1B7690BF44197AAD7D1B802BB4F6494095E708F4A7F9642AAD64B0511037DC9A65663C4AA6046575A56226103E282B61286CFE6BD8672A3C297DB544E3CF08013BD2B32130D21E521351E9AA9F37816D9A29577
+20210525234619 2 6 100 7679 2 E3F4DC1A68758284B2950A16204A7D9CB3972B0E74E2CDF12518B48DA3F349640BFEDA5162CB2EC47E2593EDB3BB51D743F3F4948A4D940B37B724B6D7E5F5BFD44F9D3CFB0F6E2CC1B33AEB7FCA7C2E26EFC55208D15DD12B08925383346148CA7CEEE874499CBE6E5D34AF7EF47742F683398B5418E3FA261013922180C6EEB4250632A2F93CDC281E6E76A488FEB4CE7B4C9783A37201CE4B551B53EEBF291234454CD0A4DC1B78C2D0F1BF72EC5D64EDBE8CB662F373ED861194F02AFBC8B7133ED9BDDFEEBA8E7C19C58505DF691960346B4F9E0FC1076DE872E6CB4323B8AD7FB4B086B26E10A55ECEB23F6FE78A5224A0679E5EA529C1327D38EDCCD340788D6216D1388B33A8E93B41B0B13ECAB9B7D647BBFBA2181E752B9DE7230C13B38E0988CAD88E2B1F8B8B1C938B93BAD62F250289CE33E3BE77C04B8090B806B031C23413EAE7799E6FB6DFB02ACCD308EA8688245527ED4918ACE575748DC01C02A6420C9CEECCAF8CBA73F16282DEEC6697CF82C880E3FFC8FD149411C6AD19AAF3B30BF2EE89977B7536C9607777F6E4F6E83B84BB4D9B359EDA6A5A1167B6D352F4D6CCE10F2C974EB81CB1C75280406B2F891A7E500BD58648A5A88ACDD1A6D7A2D80690BB441E533171930ABA557A52BD2512E3FD9A3E5DE6A378E3FED42D6ED5480093D3B0E068F2A24B54FF43BEE12BDD5A646B4A2C1746C27328792A4B9528FB45F6AF56C6F917978B535D98C2441EE79D825E73BF97A7D49B5DC85B12B0C257DF6AF0907B771C5EA582C9DECDDC3CC1852AE403FDCA636DB4B111747646CF893260651567C4C63B391013CA9047AE7F77BCE46A16FBE54054CA8D74AE248A5C5A22B841D31B89C82C8D9567A03B249A07FC1CEFB03B569AB328B0028DA5F3D4D2E2BBE076D9DAAE0DA86DA2648E7311709D0A8C6083C42F9FE430418C2597BF533D294E15E53D5E045A95222A23F4CA7AC9FF35A0E1CBFB80227D800ADA8F79FE463F1C9FA0D8A4E9F6C42ACAB07B5A7CE6E1BB649264EF1EBBDE073A1892B3EDA5CF60D0921754A5848FE47F32168A094CAB1D242EF095BAAD113824511114B4714DDAAA585E3A653DEF46A70DB8D43E4813E6A03E5779B9A9194925CC967DF08F1EB9CEC35EA96BB3D78C40B0A4B8AA79D101CD8110E37119267CC3F2ADA62E3CA0F444C22CF5A73D46BBFDE56BBD1E4FC397A9D6975E77923B6E3AD4CAB4A4E3C5EEB01DC1B7690BF44197AAD7D1B802BB4F6494095E708F4A7F9642AAD64B0511037DC9A65663C4AA6046575A56226103E282B61286CFE6BD8672A3C297DB544E3CF08013BD2B32130D21E521351E9AA9F37816DA7ADFAB
+20210525235329 2 6 100 7679 2 E3F4DC1A68758284B2950A16204A7D9CB3972B0E74E2CDF12518B48DA3F349640BFEDA5162CB2EC47E2593EDB3BB51D743F3F4948A4D940B37B724B6D7E5F5BFD44F9D3CFB0F6E2CC1B33AEB7FCA7C2E26EFC55208D15DD12B08925383346148CA7CEEE874499CBE6E5D34AF7EF47742F683398B5418E3FA261013922180C6EEB4250632A2F93CDC281E6E76A488FEB4CE7B4C9783A37201CE4B551B53EEBF291234454CD0A4DC1B78C2D0F1BF72EC5D64EDBE8CB662F373ED861194F02AFBC8B7133ED9BDDFEEBA8E7C19C58505DF691960346B4F9E0FC1076DE872E6CB4323B8AD7FB4B086B26E10A55ECEB23F6FE78A5224A0679E5EA529C1327D38EDCCD340788D6216D1388B33A8E93B41B0B13ECAB9B7D647BBFBA2181E752B9DE7230C13B38E0988CAD88E2B1F8B8B1C938B93BAD62F250289CE33E3BE77C04B8090B806B031C23413EAE7799E6FB6DFB02ACCD308EA8688245527ED4918ACE575748DC01C02A6420C9CEECCAF8CBA73F16282DEEC6697CF82C880E3FFC8FD149411C6AD19AAF3B30BF2EE89977B7536C9607777F6E4F6E83B84BB4D9B359EDA6A5A1167B6D352F4D6CCE10F2C974EB81CB1C75280406B2F891A7E500BD58648A5A88ACDD1A6D7A2D80690BB441E533171930ABA557A52BD2512E3FD9A3E5DE6A378E3FED42D6ED5480093D3B0E068F2A24B54FF43BEE12BDD5A646B4A2C1746C27328792A4B9528FB45F6AF56C6F917978B535D98C2441EE79D825E73BF97A7D49B5DC85B12B0C257DF6AF0907B771C5EA582C9DECDDC3CC1852AE403FDCA636DB4B111747646CF893260651567C4C63B391013CA9047AE7F77BCE46A16FBE54054CA8D74AE248A5C5A22B841D31B89C82C8D9567A03B249A07FC1CEFB03B569AB328B0028DA5F3D4D2E2BBE076D9DAAE0DA86DA2648E7311709D0A8C6083C42F9FE430418C2597BF533D294E15E53D5E045A95222A23F4CA7AC9FF35A0E1CBFB80227D800ADA8F79FE463F1C9FA0D8A4E9F6C42ACAB07B5A7CE6E1BB649264EF1EBBDE073A1892B3EDA5CF60D0921754A5848FE47F32168A094CAB1D242EF095BAAD113824511114B4714DDAAA585E3A653DEF46A70DB8D43E4813E6A03E5779B9A9194925CC967DF08F1EB9CEC35EA96BB3D78C40B0A4B8AA79D101CD8110E37119267CC3F2ADA62E3CA0F444C22CF5A73D46BBFDE56BBD1E4FC397A9D6975E77923B6E3AD4CAB4A4E3C5EEB01DC1B7690BF44197AAD7D1B802BB4F6494095E708F4A7F9642AAD64B0511037DC9A65663C4AA6046575A56226103E282B61286CFE6BD8672A3C297DB544E3CF08013BD2B32130D21E521351E9AA9F37816DB0B2673
+20210525235513 2 6 100 7679 2 E3F4DC1A68758284B2950A16204A7D9CB3972B0E74E2CDF12518B48DA3F349640BFEDA5162CB2EC47E2593EDB3BB51D743F3F4948A4D940B37B724B6D7E5F5BFD44F9D3CFB0F6E2CC1B33AEB7FCA7C2E26EFC55208D15DD12B08925383346148CA7CEEE874499CBE6E5D34AF7EF47742F683398B5418E3FA261013922180C6EEB4250632A2F93CDC281E6E76A488FEB4CE7B4C9783A37201CE4B551B53EEBF291234454CD0A4DC1B78C2D0F1BF72EC5D64EDBE8CB662F373ED861194F02AFBC8B7133ED9BDDFEEBA8E7C19C58505DF691960346B4F9E0FC1076DE872E6CB4323B8AD7FB4B086B26E10A55ECEB23F6FE78A5224A0679E5EA529C1327D38EDCCD340788D6216D1388B33A8E93B41B0B13ECAB9B7D647BBFBA2181E752B9DE7230C13B38E0988CAD88E2B1F8B8B1C938B93BAD62F250289CE33E3BE77C04B8090B806B031C23413EAE7799E6FB6DFB02ACCD308EA8688245527ED4918ACE575748DC01C02A6420C9CEECCAF8CBA73F16282DEEC6697CF82C880E3FFC8FD149411C6AD19AAF3B30BF2EE89977B7536C9607777F6E4F6E83B84BB4D9B359EDA6A5A1167B6D352F4D6CCE10F2C974EB81CB1C75280406B2F891A7E500BD58648A5A88ACDD1A6D7A2D80690BB441E533171930ABA557A52BD2512E3FD9A3E5DE6A378E3FED42D6ED5480093D3B0E068F2A24B54FF43BEE12BDD5A646B4A2C1746C27328792A4B9528FB45F6AF56C6F917978B535D98C2441EE79D825E73BF97A7D49B5DC85B12B0C257DF6AF0907B771C5EA582C9DECDDC3CC1852AE403FDCA636DB4B111747646CF893260651567C4C63B391013CA9047AE7F77BCE46A16FBE54054CA8D74AE248A5C5A22B841D31B89C82C8D9567A03B249A07FC1CEFB03B569AB328B0028DA5F3D4D2E2BBE076D9DAAE0DA86DA2648E7311709D0A8C6083C42F9FE430418C2597BF533D294E15E53D5E045A95222A23F4CA7AC9FF35A0E1CBFB80227D800ADA8F79FE463F1C9FA0D8A4E9F6C42ACAB07B5A7CE6E1BB649264EF1EBBDE073A1892B3EDA5CF60D0921754A5848FE47F32168A094CAB1D242EF095BAAD113824511114B4714DDAAA585E3A653DEF46A70DB8D43E4813E6A03E5779B9A9194925CC967DF08F1EB9CEC35EA96BB3D78C40B0A4B8AA79D101CD8110E37119267CC3F2ADA62E3CA0F444C22CF5A73D46BBFDE56BBD1E4FC397A9D6975E77923B6E3AD4CAB4A4E3C5EEB01DC1B7690BF44197AAD7D1B802BB4F6494095E708F4A7F9642AAD64B0511037DC9A65663C4AA6046575A56226103E282B61286CFE6BD8672A3C297DB544E3CF08013BD2B32130D21E521351E9AA9F37816DB26C1CB
+20210526022844 2 6 100 7679 2 E3F4DC1A68758284B2950A16204A7D9CB3972B0E74E2CDF12518B48DA3F349640BFEDA5162CB2EC47E2593EDB3BB51D743F3F4948A4D940B37B724B6D7E5F5BFD44F9D3CFB0F6E2CC1B33AEB7FCA7C2E26EFC55208D15DD12B08925383346148CA7CEEE874499CBE6E5D34AF7EF47742F683398B5418E3FA261013922180C6EEB4250632A2F93CDC281E6E76A488FEB4CE7B4C9783A37201CE4B551B53EEBF291234454CD0A4DC1B78C2D0F1BF72EC5D64EDBE8CB662F373ED861194F02AFBC8B7133ED9BDDFEEBA8E7C19C58505DF691960346B4F9E0FC1076DE872E6CB4323B8AD7FB4B086B26E10A55ECEB23F6FE78A5224A0679E5EA529C1327D38EDCCD340788D6216D1388B33A8E93B41B0B13ECAB9B7D647BBFBA2181E752B9DE7230C13B38E0988CAD88E2B1F8B8B1C938B93BAD62F250289CE33E3BE77C04B8090B806B031C23413EAE7799E6FB6DFB02ACCD308EA8688245527ED4918ACE575748DC01C02A6420C9CEECCAF8CBA73F16282DEEC6697CF82C880E3FFC8FD149411C6AD19AAF3B30BF2EE89977B7536C9607777F6E4F6E83B84BB4D9B359EDA6A5A1167B6D352F4D6CCE10F2C974EB81CB1C75280406B2F891A7E500BD58648A5A88ACDD1A6D7A2D80690BB441E533171930ABA557A52BD2512E3FD9A3E5DE6A378E3FED42D6ED5480093D3B0E068F2A24B54FF43BEE12BDD5A646B4A2C1746C27328792A4B9528FB45F6AF56C6F917978B535D98C2441EE79D825E73BF97A7D49B5DC85B12B0C257DF6AF0907B771C5EA582C9DECDDC3CC1852AE403FDCA636DB4B111747646CF893260651567C4C63B391013CA9047AE7F77BCE46A16FBE54054CA8D74AE248A5C5A22B841D31B89C82C8D9567A03B249A07FC1CEFB03B569AB328B0028DA5F3D4D2E2BBE076D9DAAE0DA86DA2648E7311709D0A8C6083C42F9FE430418C2597BF533D294E15E53D5E045A95222A23F4CA7AC9FF35A0E1CBFB80227D800ADA8F79FE463F1C9FA0D8A4E9F6C42ACAB07B5A7CE6E1BB649264EF1EBBDE073A1892B3EDA5CF60D0921754A5848FE47F32168A094CAB1D242EF095BAAD113824511114B4714DDAAA585E3A653DEF46A70DB8D43E4813E6A03E5779B9A9194925CC967DF08F1EB9CEC35EA96BB3D78C40B0A4B8AA79D101CD8110E37119267CC3F2ADA62E3CA0F444C22CF5A73D46BBFDE56BBD1E4FC397A9D6975E77923B6E3AD4CAB4A4E3C5EEB01DC1B7690BF44197AAD7D1B802BB4F6494095E708F4A7F9642AAD64B0511037DC9A65663C4AA6046575A56226103E282B61286CFE6BD8672A3C297DB544E3CF08013BD2B32130D21E521351E9AA9F37816E7D6D73B
+20210526023323 2 6 100 7679 5 E3F4DC1A68758284B2950A16204A7D9CB3972B0E74E2CDF12518B48DA3F349640BFEDA5162CB2EC47E2593EDB3BB51D743F3F4948A4D940B37B724B6D7E5F5BFD44F9D3CFB0F6E2CC1B33AEB7FCA7C2E26EFC55208D15DD12B08925383346148CA7CEEE874499CBE6E5D34AF7EF47742F683398B5418E3FA261013922180C6EEB4250632A2F93CDC281E6E76A488FEB4CE7B4C9783A37201CE4B551B53EEBF291234454CD0A4DC1B78C2D0F1BF72EC5D64EDBE8CB662F373ED861194F02AFBC8B7133ED9BDDFEEBA8E7C19C58505DF691960346B4F9E0FC1076DE872E6CB4323B8AD7FB4B086B26E10A55ECEB23F6FE78A5224A0679E5EA529C1327D38EDCCD340788D6216D1388B33A8E93B41B0B13ECAB9B7D647BBFBA2181E752B9DE7230C13B38E0988CAD88E2B1F8B8B1C938B93BAD62F250289CE33E3BE77C04B8090B806B031C23413EAE7799E6FB6DFB02ACCD308EA8688245527ED4918ACE575748DC01C02A6420C9CEECCAF8CBA73F16282DEEC6697CF82C880E3FFC8FD149411C6AD19AAF3B30BF2EE89977B7536C9607777F6E4F6E83B84BB4D9B359EDA6A5A1167B6D352F4D6CCE10F2C974EB81CB1C75280406B2F891A7E500BD58648A5A88ACDD1A6D7A2D80690BB441E533171930ABA557A52BD2512E3FD9A3E5DE6A378E3FED42D6ED5480093D3B0E068F2A24B54FF43BEE12BDD5A646B4A2C1746C27328792A4B9528FB45F6AF56C6F917978B535D98C2441EE79D825E73BF97A7D49B5DC85B12B0C257DF6AF0907B771C5EA582C9DECDDC3CC1852AE403FDCA636DB4B111747646CF893260651567C4C63B391013CA9047AE7F77BCE46A16FBE54054CA8D74AE248A5C5A22B841D31B89C82C8D9567A03B249A07FC1CEFB03B569AB328B0028DA5F3D4D2E2BBE076D9DAAE0DA86DA2648E7311709D0A8C6083C42F9FE430418C2597BF533D294E15E53D5E045A95222A23F4CA7AC9FF35A0E1CBFB80227D800ADA8F79FE463F1C9FA0D8A4E9F6C42ACAB07B5A7CE6E1BB649264EF1EBBDE073A1892B3EDA5CF60D0921754A5848FE47F32168A094CAB1D242EF095BAAD113824511114B4714DDAAA585E3A653DEF46A70DB8D43E4813E6A03E5779B9A9194925CC967DF08F1EB9CEC35EA96BB3D78C40B0A4B8AA79D101CD8110E37119267CC3F2ADA62E3CA0F444C22CF5A73D46BBFDE56BBD1E4FC397A9D6975E77923B6E3AD4CAB4A4E3C5EEB01DC1B7690BF44197AAD7D1B802BB4F6494095E708F4A7F9642AAD64B0511037DC9A65663C4AA6046575A56226103E282B61286CFE6BD8672A3C297DB544E3CF08013BD2B32130D21E521351E9AA9F37816E82F077F
+20210526062933 2 6 100 7679 2 E3F4DC1A68758284B2950A16204A7D9CB3972B0E74E2CDF12518B48DA3F349640BFEDA5162CB2EC47E2593EDB3BB51D743F3F4948A4D940B37B724B6D7E5F5BFD44F9D3CFB0F6E2CC1B33AEB7FCA7C2E26EFC55208D15DD12B08925383346148CA7CEEE874499CBE6E5D34AF7EF47742F683398B5418E3FA261013922180C6EEB4250632A2F93CDC281E6E76A488FEB4CE7B4C9783A37201CE4B551B53EEBF291234454CD0A4DC1B78C2D0F1BF72EC5D64EDBE8CB662F373ED861194F02AFBC8B7133ED9BDDFEEBA8E7C19C58505DF691960346B4F9E0FC1076DE872E6CB4323B8AD7FB4B086B26E10A55ECEB23F6FE78A5224A0679E5EA529C1327D38EDCCD340788D6216D1388B33A8E93B41B0B13ECAB9B7D647BBFBA2181E752B9DE7230C13B38E0988CAD88E2B1F8B8B1C938B93BAD62F250289CE33E3BE77C04B8090B806B031C23413EAE7799E6FB6DFB02ACCD308EA8688245527ED4918ACE575748DC01C02A6420C9CEECCAF8CBA73F16282DEEC6697CF82C880E3FFC8FD149411C6AD19AAF3B30BF2EE89977B7536C9607777F6E4F6E83B84BB4D9B359EDA6A5A1167B6D352F4D6CCE10F2C974EB81CB1C75280406B2F891A7E500BD58648A5A88ACDD1A6D7A2D80690BB441E533171930ABA557A52BD2512E3FD9A3E5DE6A378E3FED42D6ED5480093D3B0E068F2A24B54FF43BEE12BDD5A646B4A2C1746C27328792A4B9528FB45F6AF56C6F917978B535D98C2441EE79D825E73BF97A7D49B5DC85B12B0C257DF6AF0907B771C5EA582C9DECDDC3CC1852AE403FDCA636DB4B111747646CF893260651567C4C63B391013CA9047AE7F77BCE46A16FBE54054CA8D74AE248A5C5A22B841D31B89C82C8D9567A03B249A07FC1CEFB03B569AB328B0028DA5F3D4D2E2BBE076D9DAAE0DA86DA2648E7311709D0A8C6083C42F9FE430418C2597BF533D294E15E53D5E045A95222A23F4CA7AC9FF35A0E1CBFB80227D800ADA8F79FE463F1C9FA0D8A4E9F6C42ACAB07B5A7CE6E1BB649264EF1EBBDE073A1892B3EDA5CF60D0921754A5848FE47F32168A094CAB1D242EF095BAAD113824511114B4714DDAAA585E3A653DEF46A70DB8D43E4813E6A03E5779B9A9194925CC967DF08F1EB9CEC35EA96BB3D78C40B0A4B8AA79D101CD8110E37119267CC3F2ADA62E3CA0F444C22CF5A73D46BBFDE56BBD1E4FC397A9D6975E77923B6E3AD4CAB4A4E3C5EEB01DC1B7690BF44197AAD7D1B802BB4F6494095E708F4A7F9642AAD64B0511037DC9A65663C4AA6046575A56226103E282B61286CFE6BD8672A3C297DB544E3CF08013BD2B32130D21E521351E9AA9F37816FB41731B
+20210526065151 2 6 100 7679 2 E3F4DC1A68758284B2950A16204A7D9CB3972B0E74E2CDF12518B48DA3F349640BFEDA5162CB2EC47E2593EDB3BB51D743F3F4948A4D940B37B724B6D7E5F5BFD44F9D3CFB0F6E2CC1B33AEB7FCA7C2E26EFC55208D15DD12B08925383346148CA7CEEE874499CBE6E5D34AF7EF47742F683398B5418E3FA261013922180C6EEB4250632A2F93CDC281E6E76A488FEB4CE7B4C9783A37201CE4B551B53EEBF291234454CD0A4DC1B78C2D0F1BF72EC5D64EDBE8CB662F373ED861194F02AFBC8B7133ED9BDDFEEBA8E7C19C58505DF691960346B4F9E0FC1076DE872E6CB4323B8AD7FB4B086B26E10A55ECEB23F6FE78A5224A0679E5EA529C1327D38EDCCD340788D6216D1388B33A8E93B41B0B13ECAB9B7D647BBFBA2181E752B9DE7230C13B38E0988CAD88E2B1F8B8B1C938B93BAD62F250289CE33E3BE77C04B8090B806B031C23413EAE7799E6FB6DFB02ACCD308EA8688245527ED4918ACE575748DC01C02A6420C9CEECCAF8CBA73F16282DEEC6697CF82C880E3FFC8FD149411C6AD19AAF3B30BF2EE89977B7536C9607777F6E4F6E83B84BB4D9B359EDA6A5A1167B6D352F4D6CCE10F2C974EB81CB1C75280406B2F891A7E500BD58648A5A88ACDD1A6D7A2D80690BB441E533171930ABA557A52BD2512E3FD9A3E5DE6A378E3FED42D6ED5480093D3B0E068F2A24B54FF43BEE12BDD5A646B4A2C1746C27328792A4B9528FB45F6AF56C6F917978B535D98C2441EE79D825E73BF97A7D49B5DC85B12B0C257DF6AF0907B771C5EA582C9DECDDC3CC1852AE403FDCA636DB4B111747646CF893260651567C4C63B391013CA9047AE7F77BCE46A16FBE54054CA8D74AE248A5C5A22B841D31B89C82C8D9567A03B249A07FC1CEFB03B569AB328B0028DA5F3D4D2E2BBE076D9DAAE0DA86DA2648E7311709D0A8C6083C42F9FE430418C2597BF533D294E15E53D5E045A95222A23F4CA7AC9FF35A0E1CBFB80227D800ADA8F79FE463F1C9FA0D8A4E9F6C42ACAB07B5A7CE6E1BB649264EF1EBBDE073A1892B3EDA5CF60D0921754A5848FE47F32168A094CAB1D242EF095BAAD113824511114B4714DDAAA585E3A653DEF46A70DB8D43E4813E6A03E5779B9A9194925CC967DF08F1EB9CEC35EA96BB3D78C40B0A4B8AA79D101CD8110E37119267CC3F2ADA62E3CA0F444C22CF5A73D46BBFDE56BBD1E4FC397A9D6975E77923B6E3AD4CAB4A4E3C5EEB01DC1B7690BF44197AAD7D1B802BB4F6494095E708F4A7F9642AAD64B0511037DC9A65663C4AA6046575A56226103E282B61286CFE6BD8672A3C297DB544E3CF08013BD2B32130D21E521351E9AA9F37816FCF0DCD3
+20210526070545 2 6 100 7679 5 E3F4DC1A68758284B2950A16204A7D9CB3972B0E74E2CDF12518B48DA3F349640BFEDA5162CB2EC47E2593EDB3BB51D743F3F4948A4D940B37B724B6D7E5F5BFD44F9D3CFB0F6E2CC1B33AEB7FCA7C2E26EFC55208D15DD12B08925383346148CA7CEEE874499CBE6E5D34AF7EF47742F683398B5418E3FA261013922180C6EEB4250632A2F93CDC281E6E76A488FEB4CE7B4C9783A37201CE4B551B53EEBF291234454CD0A4DC1B78C2D0F1BF72EC5D64EDBE8CB662F373ED861194F02AFBC8B7133ED9BDDFEEBA8E7C19C58505DF691960346B4F9E0FC1076DE872E6CB4323B8AD7FB4B086B26E10A55ECEB23F6FE78A5224A0679E5EA529C1327D38EDCCD340788D6216D1388B33A8E93B41B0B13ECAB9B7D647BBFBA2181E752B9DE7230C13B38E0988CAD88E2B1F8B8B1C938B93BAD62F250289CE33E3BE77C04B8090B806B031C23413EAE7799E6FB6DFB02ACCD308EA8688245527ED4918ACE575748DC01C02A6420C9CEECCAF8CBA73F16282DEEC6697CF82C880E3FFC8FD149411C6AD19AAF3B30BF2EE89977B7536C9607777F6E4F6E83B84BB4D9B359EDA6A5A1167B6D352F4D6CCE10F2C974EB81CB1C75280406B2F891A7E500BD58648A5A88ACDD1A6D7A2D80690BB441E533171930ABA557A52BD2512E3FD9A3E5DE6A378E3FED42D6ED5480093D3B0E068F2A24B54FF43BEE12BDD5A646B4A2C1746C27328792A4B9528FB45F6AF56C6F917978B535D98C2441EE79D825E73BF97A7D49B5DC85B12B0C257DF6AF0907B771C5EA582C9DECDDC3CC1852AE403FDCA636DB4B111747646CF893260651567C4C63B391013CA9047AE7F77BCE46A16FBE54054CA8D74AE248A5C5A22B841D31B89C82C8D9567A03B249A07FC1CEFB03B569AB328B0028DA5F3D4D2E2BBE076D9DAAE0DA86DA2648E7311709D0A8C6083C42F9FE430418C2597BF533D294E15E53D5E045A95222A23F4CA7AC9FF35A0E1CBFB80227D800ADA8F79FE463F1C9FA0D8A4E9F6C42ACAB07B5A7CE6E1BB649264EF1EBBDE073A1892B3EDA5CF60D0921754A5848FE47F32168A094CAB1D242EF095BAAD113824511114B4714DDAAA585E3A653DEF46A70DB8D43E4813E6A03E5779B9A9194925CC967DF08F1EB9CEC35EA96BB3D78C40B0A4B8AA79D101CD8110E37119267CC3F2ADA62E3CA0F444C22CF5A73D46BBFDE56BBD1E4FC397A9D6975E77923B6E3AD4CAB4A4E3C5EEB01DC1B7690BF44197AAD7D1B802BB4F6494095E708F4A7F9642AAD64B0511037DC9A65663C4AA6046575A56226103E282B61286CFE6BD8672A3C297DB544E3CF08013BD2B32130D21E521351E9AA9F37816FDF8DB8F
+20210526071052 2 6 100 7679 2 E3F4DC1A68758284B2950A16204A7D9CB3972B0E74E2CDF12518B48DA3F349640BFEDA5162CB2EC47E2593EDB3BB51D743F3F4948A4D940B37B724B6D7E5F5BFD44F9D3CFB0F6E2CC1B33AEB7FCA7C2E26EFC55208D15DD12B08925383346148CA7CEEE874499CBE6E5D34AF7EF47742F683398B5418E3FA261013922180C6EEB4250632A2F93CDC281E6E76A488FEB4CE7B4C9783A37201CE4B551B53EEBF291234454CD0A4DC1B78C2D0F1BF72EC5D64EDBE8CB662F373ED861194F02AFBC8B7133ED9BDDFEEBA8E7C19C58505DF691960346B4F9E0FC1076DE872E6CB4323B8AD7FB4B086B26E10A55ECEB23F6FE78A5224A0679E5EA529C1327D38EDCCD340788D6216D1388B33A8E93B41B0B13ECAB9B7D647BBFBA2181E752B9DE7230C13B38E0988CAD88E2B1F8B8B1C938B93BAD62F250289CE33E3BE77C04B8090B806B031C23413EAE7799E6FB6DFB02ACCD308EA8688245527ED4918ACE575748DC01C02A6420C9CEECCAF8CBA73F16282DEEC6697CF82C880E3FFC8FD149411C6AD19AAF3B30BF2EE89977B7536C9607777F6E4F6E83B84BB4D9B359EDA6A5A1167B6D352F4D6CCE10F2C974EB81CB1C75280406B2F891A7E500BD58648A5A88ACDD1A6D7A2D80690BB441E533171930ABA557A52BD2512E3FD9A3E5DE6A378E3FED42D6ED5480093D3B0E068F2A24B54FF43BEE12BDD5A646B4A2C1746C27328792A4B9528FB45F6AF56C6F917978B535D98C2441EE79D825E73BF97A7D49B5DC85B12B0C257DF6AF0907B771C5EA582C9DECDDC3CC1852AE403FDCA636DB4B111747646CF893260651567C4C63B391013CA9047AE7F77BCE46A16FBE54054CA8D74AE248A5C5A22B841D31B89C82C8D9567A03B249A07FC1CEFB03B569AB328B0028DA5F3D4D2E2BBE076D9DAAE0DA86DA2648E7311709D0A8C6083C42F9FE430418C2597BF533D294E15E53D5E045A95222A23F4CA7AC9FF35A0E1CBFB80227D800ADA8F79FE463F1C9FA0D8A4E9F6C42ACAB07B5A7CE6E1BB649264EF1EBBDE073A1892B3EDA5CF60D0921754A5848FE47F32168A094CAB1D242EF095BAAD113824511114B4714DDAAA585E3A653DEF46A70DB8D43E4813E6A03E5779B9A9194925CC967DF08F1EB9CEC35EA96BB3D78C40B0A4B8AA79D101CD8110E37119267CC3F2ADA62E3CA0F444C22CF5A73D46BBFDE56BBD1E4FC397A9D6975E77923B6E3AD4CAB4A4E3C5EEB01DC1B7690BF44197AAD7D1B802BB4F6494095E708F4A7F9642AAD64B0511037DC9A65663C4AA6046575A56226103E282B61286CFE6BD8672A3C297DB544E3CF08013BD2B32130D21E521351E9AA9F37816FE572613
+20210526071809 2 6 100 7679 2 E3F4DC1A68758284B2950A16204A7D9CB3972B0E74E2CDF12518B48DA3F349640BFEDA5162CB2EC47E2593EDB3BB51D743F3F4948A4D940B37B724B6D7E5F5BFD44F9D3CFB0F6E2CC1B33AEB7FCA7C2E26EFC55208D15DD12B08925383346148CA7CEEE874499CBE6E5D34AF7EF47742F683398B5418E3FA261013922180C6EEB4250632A2F93CDC281E6E76A488FEB4CE7B4C9783A37201CE4B551B53EEBF291234454CD0A4DC1B78C2D0F1BF72EC5D64EDBE8CB662F373ED861194F02AFBC8B7133ED9BDDFEEBA8E7C19C58505DF691960346B4F9E0FC1076DE872E6CB4323B8AD7FB4B086B26E10A55ECEB23F6FE78A5224A0679E5EA529C1327D38EDCCD340788D6216D1388B33A8E93B41B0B13ECAB9B7D647BBFBA2181E752B9DE7230C13B38E0988CAD88E2B1F8B8B1C938B93BAD62F250289CE33E3BE77C04B8090B806B031C23413EAE7799E6FB6DFB02ACCD308EA8688245527ED4918ACE575748DC01C02A6420C9CEECCAF8CBA73F16282DEEC6697CF82C880E3FFC8FD149411C6AD19AAF3B30BF2EE89977B7536C9607777F6E4F6E83B84BB4D9B359EDA6A5A1167B6D352F4D6CCE10F2C974EB81CB1C75280406B2F891A7E500BD58648A5A88ACDD1A6D7A2D80690BB441E533171930ABA557A52BD2512E3FD9A3E5DE6A378E3FED42D6ED5480093D3B0E068F2A24B54FF43BEE12BDD5A646B4A2C1746C27328792A4B9528FB45F6AF56C6F917978B535D98C2441EE79D825E73BF97A7D49B5DC85B12B0C257DF6AF0907B771C5EA582C9DECDDC3CC1852AE403FDCA636DB4B111747646CF893260651567C4C63B391013CA9047AE7F77BCE46A16FBE54054CA8D74AE248A5C5A22B841D31B89C82C8D9567A03B249A07FC1CEFB03B569AB328B0028DA5F3D4D2E2BBE076D9DAAE0DA86DA2648E7311709D0A8C6083C42F9FE430418C2597BF533D294E15E53D5E045A95222A23F4CA7AC9FF35A0E1CBFB80227D800ADA8F79FE463F1C9FA0D8A4E9F6C42ACAB07B5A7CE6E1BB649264EF1EBBDE073A1892B3EDA5CF60D0921754A5848FE47F32168A094CAB1D242EF095BAAD113824511114B4714DDAAA585E3A653DEF46A70DB8D43E4813E6A03E5779B9A9194925CC967DF08F1EB9CEC35EA96BB3D78C40B0A4B8AA79D101CD8110E37119267CC3F2ADA62E3CA0F444C22CF5A73D46BBFDE56BBD1E4FC397A9D6975E77923B6E3AD4CAB4A4E3C5EEB01DC1B7690BF44197AAD7D1B802BB4F6494095E708F4A7F9642AAD64B0511037DC9A65663C4AA6046575A56226103E282B61286CFE6BD8672A3C297DB544E3CF08013BD2B32130D21E521351E9AA9F37816FEDF35F3
+20210526072107 2 6 100 7679 5 E3F4DC1A68758284B2950A16204A7D9CB3972B0E74E2CDF12518B48DA3F349640BFEDA5162CB2EC47E2593EDB3BB51D743F3F4948A4D940B37B724B6D7E5F5BFD44F9D3CFB0F6E2CC1B33AEB7FCA7C2E26EFC55208D15DD12B08925383346148CA7CEEE874499CBE6E5D34AF7EF47742F683398B5418E3FA261013922180C6EEB4250632A2F93CDC281E6E76A488FEB4CE7B4C9783A37201CE4B551B53EEBF291234454CD0A4DC1B78C2D0F1BF72EC5D64EDBE8CB662F373ED861194F02AFBC8B7133ED9BDDFEEBA8E7C19C58505DF691960346B4F9E0FC1076DE872E6CB4323B8AD7FB4B086B26E10A55ECEB23F6FE78A5224A0679E5EA529C1327D38EDCCD340788D6216D1388B33A8E93B41B0B13ECAB9B7D647BBFBA2181E752B9DE7230C13B38E0988CAD88E2B1F8B8B1C938B93BAD62F250289CE33E3BE77C04B8090B806B031C23413EAE7799E6FB6DFB02ACCD308EA8688245527ED4918ACE575748DC01C02A6420C9CEECCAF8CBA73F16282DEEC6697CF82C880E3FFC8FD149411C6AD19AAF3B30BF2EE89977B7536C9607777F6E4F6E83B84BB4D9B359EDA6A5A1167B6D352F4D6CCE10F2C974EB81CB1C75280406B2F891A7E500BD58648A5A88ACDD1A6D7A2D80690BB441E533171930ABA557A52BD2512E3FD9A3E5DE6A378E3FED42D6ED5480093D3B0E068F2A24B54FF43BEE12BDD5A646B4A2C1746C27328792A4B9528FB45F6AF56C6F917978B535D98C2441EE79D825E73BF97A7D49B5DC85B12B0C257DF6AF0907B771C5EA582C9DECDDC3CC1852AE403FDCA636DB4B111747646CF893260651567C4C63B391013CA9047AE7F77BCE46A16FBE54054CA8D74AE248A5C5A22B841D31B89C82C8D9567A03B249A07FC1CEFB03B569AB328B0028DA5F3D4D2E2BBE076D9DAAE0DA86DA2648E7311709D0A8C6083C42F9FE430418C2597BF533D294E15E53D5E045A95222A23F4CA7AC9FF35A0E1CBFB80227D800ADA8F79FE463F1C9FA0D8A4E9F6C42ACAB07B5A7CE6E1BB649264EF1EBBDE073A1892B3EDA5CF60D0921754A5848FE47F32168A094CAB1D242EF095BAAD113824511114B4714DDAAA585E3A653DEF46A70DB8D43E4813E6A03E5779B9A9194925CC967DF08F1EB9CEC35EA96BB3D78C40B0A4B8AA79D101CD8110E37119267CC3F2ADA62E3CA0F444C22CF5A73D46BBFDE56BBD1E4FC397A9D6975E77923B6E3AD4CAB4A4E3C5EEB01DC1B7690BF44197AAD7D1B802BB4F6494095E708F4A7F9642AAD64B0511037DC9A65663C4AA6046575A56226103E282B61286CFE6BD8672A3C297DB544E3CF08013BD2B32130D21E521351E9AA9F37816FF13DABF
+20210526072624 2 6 100 7679 5 E3F4DC1A68758284B2950A16204A7D9CB3972B0E74E2CDF12518B48DA3F349640BFEDA5162CB2EC47E2593EDB3BB51D743F3F4948A4D940B37B724B6D7E5F5BFD44F9D3CFB0F6E2CC1B33AEB7FCA7C2E26EFC55208D15DD12B08925383346148CA7CEEE874499CBE6E5D34AF7EF47742F683398B5418E3FA261013922180C6EEB4250632A2F93CDC281E6E76A488FEB4CE7B4C9783A37201CE4B551B53EEBF291234454CD0A4DC1B78C2D0F1BF72EC5D64EDBE8CB662F373ED861194F02AFBC8B7133ED9BDDFEEBA8E7C19C58505DF691960346B4F9E0FC1076DE872E6CB4323B8AD7FB4B086B26E10A55ECEB23F6FE78A5224A0679E5EA529C1327D38EDCCD340788D6216D1388B33A8E93B41B0B13ECAB9B7D647BBFBA2181E752B9DE7230C13B38E0988CAD88E2B1F8B8B1C938B93BAD62F250289CE33E3BE77C04B8090B806B031C23413EAE7799E6FB6DFB02ACCD308EA8688245527ED4918ACE575748DC01C02A6420C9CEECCAF8CBA73F16282DEEC6697CF82C880E3FFC8FD149411C6AD19AAF3B30BF2EE89977B7536C9607777F6E4F6E83B84BB4D9B359EDA6A5A1167B6D352F4D6CCE10F2C974EB81CB1C75280406B2F891A7E500BD58648A5A88ACDD1A6D7A2D80690BB441E533171930ABA557A52BD2512E3FD9A3E5DE6A378E3FED42D6ED5480093D3B0E068F2A24B54FF43BEE12BDD5A646B4A2C1746C27328792A4B9528FB45F6AF56C6F917978B535D98C2441EE79D825E73BF97A7D49B5DC85B12B0C257DF6AF0907B771C5EA582C9DECDDC3CC1852AE403FDCA636DB4B111747646CF893260651567C4C63B391013CA9047AE7F77BCE46A16FBE54054CA8D74AE248A5C5A22B841D31B89C82C8D9567A03B249A07FC1CEFB03B569AB328B0028DA5F3D4D2E2BBE076D9DAAE0DA86DA2648E7311709D0A8C6083C42F9FE430418C2597BF533D294E15E53D5E045A95222A23F4CA7AC9FF35A0E1CBFB80227D800ADA8F79FE463F1C9FA0D8A4E9F6C42ACAB07B5A7CE6E1BB649264EF1EBBDE073A1892B3EDA5CF60D0921754A5848FE47F32168A094CAB1D242EF095BAAD113824511114B4714DDAAA585E3A653DEF46A70DB8D43E4813E6A03E5779B9A9194925CC967DF08F1EB9CEC35EA96BB3D78C40B0A4B8AA79D101CD8110E37119267CC3F2ADA62E3CA0F444C22CF5A73D46BBFDE56BBD1E4FC397A9D6975E77923B6E3AD4CAB4A4E3C5EEB01DC1B7690BF44197AAD7D1B802BB4F6494095E708F4A7F9642AAD64B0511037DC9A65663C4AA6046575A56226103E282B61286CFE6BD8672A3C297DB544E3CF08013BD2B32130D21E521351E9AA9F37816FF7318C7
+20210526081148 2 6 100 7679 5 E3F4DC1A68758284B2950A16204A7D9CB3972B0E74E2CDF12518B48DA3F349640BFEDA5162CB2EC47E2593EDB3BB51D743F3F4948A4D940B37B724B6D7E5F5BFD44F9D3CFB0F6E2CC1B33AEB7FCA7C2E26EFC55208D15DD12B08925383346148CA7CEEE874499CBE6E5D34AF7EF47742F683398B5418E3FA261013922180C6EEB4250632A2F93CDC281E6E76A488FEB4CE7B4C9783A37201CE4B551B53EEBF291234454CD0A4DC1B78C2D0F1BF72EC5D64EDBE8CB662F373ED861194F02AFBC8B7133ED9BDDFEEBA8E7C19C58505DF691960346B4F9E0FC1076DE872E6CB4323B8AD7FB4B086B26E10A55ECEB23F6FE78A5224A0679E5EA529C1327D38EDCCD340788D6216D1388B33A8E93B41B0B13ECAB9B7D647BBFBA2181E752B9DE7230C13B38E0988CAD88E2B1F8B8B1C938B93BAD62F250289CE33E3BE77C04B8090B806B031C23413EAE7799E6FB6DFB02ACCD308EA8688245527ED4918ACE575748DC01C02A6420C9CEECCAF8CBA73F16282DEEC6697CF82C880E3FFC8FD149411C6AD19AAF3B30BF2EE89977B7536C9607777F6E4F6E83B84BB4D9B359EDA6A5A1167B6D352F4D6CCE10F2C974EB81CB1C75280406B2F891A7E500BD58648A5A88ACDD1A6D7A2D80690BB441E533171930ABA557A52BD2512E3FD9A3E5DE6A378E3FED42D6ED5480093D3B0E068F2A24B54FF43BEE12BDD5A646B4A2C1746C27328792A4B9528FB45F6AF56C6F917978B535D98C2441EE79D825E73BF97A7D49B5DC85B12B0C257DF6AF0907B771C5EA582C9DECDDC3CC1852AE403FDCA636DB4B111747646CF893260651567C4C63B391013CA9047AE7F77BCE46A16FBE54054CA8D74AE248A5C5A22B841D31B89C82C8D9567A03B249A07FC1CEFB03B569AB328B0028DA5F3D4D2E2BBE076D9DAAE0DA86DA2648E7311709D0A8C6083C42F9FE430418C2597BF533D294E15E53D5E045A95222A23F4CA7AC9FF35A0E1CBFB80227D800ADA8F79FE463F1C9FA0D8A4E9F6C42ACAB07B5A7CE6E1BB649264EF1EBBDE073A1892B3EDA5CF60D0921754A5848FE47F32168A094CAB1D242EF095BAAD113824511114B4714DDAAA585E3A653DEF46A70DB8D43E4813E6A03E5779B9A9194925CC967DF08F1EB9CEC35EA96BB3D78C40B0A4B8AA79D101CD8110E37119267CC3F2ADA62E3CA0F444C22CF5A73D46BBFDE56BBD1E4FC397A9D6975E77923B6E3AD4CAB4A4E3C5EEB01DC1B7690BF44197AAD7D1B802BB4F6494095E708F4A7F9642AAD64B0511037DC9A65663C4AA6046575A56226103E282B61286CFE6BD8672A3C297DB544E3CF08013BD2B32130D21E521351E9AA9F3781702F3953F
+20210526081939 2 6 100 7679 5 E3F4DC1A68758284B2950A16204A7D9CB3972B0E74E2CDF12518B48DA3F349640BFEDA5162CB2EC47E2593EDB3BB51D743F3F4948A4D940B37B724B6D7E5F5BFD44F9D3CFB0F6E2CC1B33AEB7FCA7C2E26EFC55208D15DD12B08925383346148CA7CEEE874499CBE6E5D34AF7EF47742F683398B5418E3FA261013922180C6EEB4250632A2F93CDC281E6E76A488FEB4CE7B4C9783A37201CE4B551B53EEBF291234454CD0A4DC1B78C2D0F1BF72EC5D64EDBE8CB662F373ED861194F02AFBC8B7133ED9BDDFEEBA8E7C19C58505DF691960346B4F9E0FC1076DE872E6CB4323B8AD7FB4B086B26E10A55ECEB23F6FE78A5224A0679E5EA529C1327D38EDCCD340788D6216D1388B33A8E93B41B0B13ECAB9B7D647BBFBA2181E752B9DE7230C13B38E0988CAD88E2B1F8B8B1C938B93BAD62F250289CE33E3BE77C04B8090B806B031C23413EAE7799E6FB6DFB02ACCD308EA8688245527ED4918ACE575748DC01C02A6420C9CEECCAF8CBA73F16282DEEC6697CF82C880E3FFC8FD149411C6AD19AAF3B30BF2EE89977B7536C9607777F6E4F6E83B84BB4D9B359EDA6A5A1167B6D352F4D6CCE10F2C974EB81CB1C75280406B2F891A7E500BD58648A5A88ACDD1A6D7A2D80690BB441E533171930ABA557A52BD2512E3FD9A3E5DE6A378E3FED42D6ED5480093D3B0E068F2A24B54FF43BEE12BDD5A646B4A2C1746C27328792A4B9528FB45F6AF56C6F917978B535D98C2441EE79D825E73BF97A7D49B5DC85B12B0C257DF6AF0907B771C5EA582C9DECDDC3CC1852AE403FDCA636DB4B111747646CF893260651567C4C63B391013CA9047AE7F77BCE46A16FBE54054CA8D74AE248A5C5A22B841D31B89C82C8D9567A03B249A07FC1CEFB03B569AB328B0028DA5F3D4D2E2BBE076D9DAAE0DA86DA2648E7311709D0A8C6083C42F9FE430418C2597BF533D294E15E53D5E045A95222A23F4CA7AC9FF35A0E1CBFB80227D800ADA8F79FE463F1C9FA0D8A4E9F6C42ACAB07B5A7CE6E1BB649264EF1EBBDE073A1892B3EDA5CF60D0921754A5848FE47F32168A094CAB1D242EF095BAAD113824511114B4714DDAAA585E3A653DEF46A70DB8D43E4813E6A03E5779B9A9194925CC967DF08F1EB9CEC35EA96BB3D78C40B0A4B8AA79D101CD8110E37119267CC3F2ADA62E3CA0F444C22CF5A73D46BBFDE56BBD1E4FC397A9D6975E77923B6E3AD4CAB4A4E3C5EEB01DC1B7690BF44197AAD7D1B802BB4F6494095E708F4A7F9642AAD64B0511037DC9A65663C4AA6046575A56226103E282B61286CFE6BD8672A3C297DB544E3CF08013BD2B32130D21E521351E9AA9F378170385D3EF
+20210526100857 2 6 100 7679 2 E3F4DC1A68758284B2950A16204A7D9CB3972B0E74E2CDF12518B48DA3F349640BFEDA5162CB2EC47E2593EDB3BB51D743F3F4948A4D940B37B724B6D7E5F5BFD44F9D3CFB0F6E2CC1B33AEB7FCA7C2E26EFC55208D15DD12B08925383346148CA7CEEE874499CBE6E5D34AF7EF47742F683398B5418E3FA261013922180C6EEB4250632A2F93CDC281E6E76A488FEB4CE7B4C9783A37201CE4B551B53EEBF291234454CD0A4DC1B78C2D0F1BF72EC5D64EDBE8CB662F373ED861194F02AFBC8B7133ED9BDDFEEBA8E7C19C58505DF691960346B4F9E0FC1076DE872E6CB4323B8AD7FB4B086B26E10A55ECEB23F6FE78A5224A0679E5EA529C1327D38EDCCD340788D6216D1388B33A8E93B41B0B13ECAB9B7D647BBFBA2181E752B9DE7230C13B38E0988CAD88E2B1F8B8B1C938B93BAD62F250289CE33E3BE77C04B8090B806B031C23413EAE7799E6FB6DFB02ACCD308EA8688245527ED4918ACE575748DC01C02A6420C9CEECCAF8CBA73F16282DEEC6697CF82C880E3FFC8FD149411C6AD19AAF3B30BF2EE89977B7536C9607777F6E4F6E83B84BB4D9B359EDA6A5A1167B6D352F4D6CCE10F2C974EB81CB1C75280406B2F891A7E500BD58648A5A88ACDD1A6D7A2D80690BB441E533171930ABA557A52BD2512E3FD9A3E5DE6A378E3FED42D6ED5480093D3B0E068F2A24B54FF43BEE12BDD5A646B4A2C1746C27328792A4B9528FB45F6AF56C6F917978B535D98C2441EE79D825E73BF97A7D49B5DC85B12B0C257DF6AF0907B771C5EA582C9DECDDC3CC1852AE403FDCA636DB4B111747646CF893260651567C4C63B391013CA9047AE7F77BCE46A16FBE54054CA8D74AE248A5C5A22B841D31B89C82C8D9567A03B249A07FC1CEFB03B569AB328B0028DA5F3D4D2E2BBE076D9DAAE0DA86DA2648E7311709D0A8C6083C42F9FE430418C2597BF533D294E15E53D5E045A95222A23F4CA7AC9FF35A0E1CBFB80227D800ADA8F79FE463F1C9FA0D8A4E9F6C42ACAB07B5A7CE6E1BB649264EF1EBBDE073A1892B3EDA5CF60D0921754A5848FE47F32168A094CAB1D242EF095BAAD113824511114B4714DDAAA585E3A653DEF46A70DB8D43E4813E6A03E5779B9A9194925CC967DF08F1EB9CEC35EA96BB3D78C40B0A4B8AA79D101CD8110E37119267CC3F2ADA62E3CA0F444C22CF5A73D46BBFDE56BBD1E4FC397A9D6975E77923B6E3AD4CAB4A4E3C5EEB01DC1B7690BF44197AAD7D1B802BB4F6494095E708F4A7F9642AAD64B0511037DC9A65663C4AA6046575A56226103E282B61286CFE6BD8672A3C297DB544E3CF08013BD2B32130D21E521351E9AA9F378170BEE7A0B
+20210526104252 2 6 100 7679 5 E3F4DC1A68758284B2950A16204A7D9CB3972B0E74E2CDF12518B48DA3F349640BFEDA5162CB2EC47E2593EDB3BB51D743F3F4948A4D940B37B724B6D7E5F5BFD44F9D3CFB0F6E2CC1B33AEB7FCA7C2E26EFC55208D15DD12B08925383346148CA7CEEE874499CBE6E5D34AF7EF47742F683398B5418E3FA261013922180C6EEB4250632A2F93CDC281E6E76A488FEB4CE7B4C9783A37201CE4B551B53EEBF291234454CD0A4DC1B78C2D0F1BF72EC5D64EDBE8CB662F373ED861194F02AFBC8B7133ED9BDDFEEBA8E7C19C58505DF691960346B4F9E0FC1076DE872E6CB4323B8AD7FB4B086B26E10A55ECEB23F6FE78A5224A0679E5EA529C1327D38EDCCD340788D6216D1388B33A8E93B41B0B13ECAB9B7D647BBFBA2181E752B9DE7230C13B38E0988CAD88E2B1F8B8B1C938B93BAD62F250289CE33E3BE77C04B8090B806B031C23413EAE7799E6FB6DFB02ACCD308EA8688245527ED4918ACE575748DC01C02A6420C9CEECCAF8CBA73F16282DEEC6697CF82C880E3FFC8FD149411C6AD19AAF3B30BF2EE89977B7536C9607777F6E4F6E83B84BB4D9B359EDA6A5A1167B6D352F4D6CCE10F2C974EB81CB1C75280406B2F891A7E500BD58648A5A88ACDD1A6D7A2D80690BB441E533171930ABA557A52BD2512E3FD9A3E5DE6A378E3FED42D6ED5480093D3B0E068F2A24B54FF43BEE12BDD5A646B4A2C1746C27328792A4B9528FB45F6AF56C6F917978B535D98C2441EE79D825E73BF97A7D49B5DC85B12B0C257DF6AF0907B771C5EA582C9DECDDC3CC1852AE403FDCA636DB4B111747646CF893260651567C4C63B391013CA9047AE7F77BCE46A16FBE54054CA8D74AE248A5C5A22B841D31B89C82C8D9567A03B249A07FC1CEFB03B569AB328B0028DA5F3D4D2E2BBE076D9DAAE0DA86DA2648E7311709D0A8C6083C42F9FE430418C2597BF533D294E15E53D5E045A95222A23F4CA7AC9FF35A0E1CBFB80227D800ADA8F79FE463F1C9FA0D8A4E9F6C42ACAB07B5A7CE6E1BB649264EF1EBBDE073A1892B3EDA5CF60D0921754A5848FE47F32168A094CAB1D242EF095BAAD113824511114B4714DDAAA585E3A653DEF46A70DB8D43E4813E6A03E5779B9A9194925CC967DF08F1EB9CEC35EA96BB3D78C40B0A4B8AA79D101CD8110E37119267CC3F2ADA62E3CA0F444C22CF5A73D46BBFDE56BBD1E4FC397A9D6975E77923B6E3AD4CAB4A4E3C5EEB01DC1B7690BF44197AAD7D1B802BB4F6494095E708F4A7F9642AAD64B0511037DC9A65663C4AA6046575A56226103E282B61286CFE6BD8672A3C297DB544E3CF08013BD2B32130D21E521351E9AA9F378170E7ACB07
+20210526104946 2 6 100 7679 2 E3F4DC1A68758284B2950A16204A7D9CB3972B0E74E2CDF12518B48DA3F349640BFEDA5162CB2EC47E2593EDB3BB51D743F3F4948A4D940B37B724B6D7E5F5BFD44F9D3CFB0F6E2CC1B33AEB7FCA7C2E26EFC55208D15DD12B08925383346148CA7CEEE874499CBE6E5D34AF7EF47742F683398B5418E3FA261013922180C6EEB4250632A2F93CDC281E6E76A488FEB4CE7B4C9783A37201CE4B551B53EEBF291234454CD0A4DC1B78C2D0F1BF72EC5D64EDBE8CB662F373ED861194F02AFBC8B7133ED9BDDFEEBA8E7C19C58505DF691960346B4F9E0FC1076DE872E6CB4323B8AD7FB4B086B26E10A55ECEB23F6FE78A5224A0679E5EA529C1327D38EDCCD340788D6216D1388B33A8E93B41B0B13ECAB9B7D647BBFBA2181E752B9DE7230C13B38E0988CAD88E2B1F8B8B1C938B93BAD62F250289CE33E3BE77C04B8090B806B031C23413EAE7799E6FB6DFB02ACCD308EA8688245527ED4918ACE575748DC01C02A6420C9CEECCAF8CBA73F16282DEEC6697CF82C880E3FFC8FD149411C6AD19AAF3B30BF2EE89977B7536C9607777F6E4F6E83B84BB4D9B359EDA6A5A1167B6D352F4D6CCE10F2C974EB81CB1C75280406B2F891A7E500BD58648A5A88ACDD1A6D7A2D80690BB441E533171930ABA557A52BD2512E3FD9A3E5DE6A378E3FED42D6ED5480093D3B0E068F2A24B54FF43BEE12BDD5A646B4A2C1746C27328792A4B9528FB45F6AF56C6F917978B535D98C2441EE79D825E73BF97A7D49B5DC85B12B0C257DF6AF0907B771C5EA582C9DECDDC3CC1852AE403FDCA636DB4B111747646CF893260651567C4C63B391013CA9047AE7F77BCE46A16FBE54054CA8D74AE248A5C5A22B841D31B89C82C8D9567A03B249A07FC1CEFB03B569AB328B0028DA5F3D4D2E2BBE076D9DAAE0DA86DA2648E7311709D0A8C6083C42F9FE430418C2597BF533D294E15E53D5E045A95222A23F4CA7AC9FF35A0E1CBFB80227D800ADA8F79FE463F1C9FA0D8A4E9F6C42ACAB07B5A7CE6E1BB649264EF1EBBDE073A1892B3EDA5CF60D0921754A5848FE47F32168A094CAB1D242EF095BAAD113824511114B4714DDAAA585E3A653DEF46A70DB8D43E4813E6A03E5779B9A9194925CC967DF08F1EB9CEC35EA96BB3D78C40B0A4B8AA79D101CD8110E37119267CC3F2ADA62E3CA0F444C22CF5A73D46BBFDE56BBD1E4FC397A9D6975E77923B6E3AD4CAB4A4E3C5EEB01DC1B7690BF44197AAD7D1B802BB4F6494095E708F4A7F9642AAD64B0511037DC9A65663C4AA6046575A56226103E282B61286CFE6BD8672A3C297DB544E3CF08013BD2B32130D21E521351E9AA9F378170EFA920B
+20210526105532 2 6 100 7679 2 E3F4DC1A68758284B2950A16204A7D9CB3972B0E74E2CDF12518B48DA3F349640BFEDA5162CB2EC47E2593EDB3BB51D743F3F4948A4D940B37B724B6D7E5F5BFD44F9D3CFB0F6E2CC1B33AEB7FCA7C2E26EFC55208D15DD12B08925383346148CA7CEEE874499CBE6E5D34AF7EF47742F683398B5418E3FA261013922180C6EEB4250632A2F93CDC281E6E76A488FEB4CE7B4C9783A37201CE4B551B53EEBF291234454CD0A4DC1B78C2D0F1BF72EC5D64EDBE8CB662F373ED861194F02AFBC8B7133ED9BDDFEEBA8E7C19C58505DF691960346B4F9E0FC1076DE872E6CB4323B8AD7FB4B086B26E10A55ECEB23F6FE78A5224A0679E5EA529C1327D38EDCCD340788D6216D1388B33A8E93B41B0B13ECAB9B7D647BBFBA2181E752B9DE7230C13B38E0988CAD88E2B1F8B8B1C938B93BAD62F250289CE33E3BE77C04B8090B806B031C23413EAE7799E6FB6DFB02ACCD308EA8688245527ED4918ACE575748DC01C02A6420C9CEECCAF8CBA73F16282DEEC6697CF82C880E3FFC8FD149411C6AD19AAF3B30BF2EE89977B7536C9607777F6E4F6E83B84BB4D9B359EDA6A5A1167B6D352F4D6CCE10F2C974EB81CB1C75280406B2F891A7E500BD58648A5A88ACDD1A6D7A2D80690BB441E533171930ABA557A52BD2512E3FD9A3E5DE6A378E3FED42D6ED5480093D3B0E068F2A24B54FF43BEE12BDD5A646B4A2C1746C27328792A4B9528FB45F6AF56C6F917978B535D98C2441EE79D825E73BF97A7D49B5DC85B12B0C257DF6AF0907B771C5EA582C9DECDDC3CC1852AE403FDCA636DB4B111747646CF893260651567C4C63B391013CA9047AE7F77BCE46A16FBE54054CA8D74AE248A5C5A22B841D31B89C82C8D9567A03B249A07FC1CEFB03B569AB328B0028DA5F3D4D2E2BBE076D9DAAE0DA86DA2648E7311709D0A8C6083C42F9FE430418C2597BF533D294E15E53D5E045A95222A23F4CA7AC9FF35A0E1CBFB80227D800ADA8F79FE463F1C9FA0D8A4E9F6C42ACAB07B5A7CE6E1BB649264EF1EBBDE073A1892B3EDA5CF60D0921754A5848FE47F32168A094CAB1D242EF095BAAD113824511114B4714DDAAA585E3A653DEF46A70DB8D43E4813E6A03E5779B9A9194925CC967DF08F1EB9CEC35EA96BB3D78C40B0A4B8AA79D101CD8110E37119267CC3F2ADA62E3CA0F444C22CF5A73D46BBFDE56BBD1E4FC397A9D6975E77923B6E3AD4CAB4A4E3C5EEB01DC1B7690BF44197AAD7D1B802BB4F6494095E708F4A7F9642AAD64B0511037DC9A65663C4AA6046575A56226103E282B61286CFE6BD8672A3C297DB544E3CF08013BD2B32130D21E521351E9AA9F378170F653A13
+20210526110401 2 6 100 7679 2 E3F4DC1A68758284B2950A16204A7D9CB3972B0E74E2CDF12518B48DA3F349640BFEDA5162CB2EC47E2593EDB3BB51D743F3F4948A4D940B37B724B6D7E5F5BFD44F9D3CFB0F6E2CC1B33AEB7FCA7C2E26EFC55208D15DD12B08925383346148CA7CEEE874499CBE6E5D34AF7EF47742F683398B5418E3FA261013922180C6EEB4250632A2F93CDC281E6E76A488FEB4CE7B4C9783A37201CE4B551B53EEBF291234454CD0A4DC1B78C2D0F1BF72EC5D64EDBE8CB662F373ED861194F02AFBC8B7133ED9BDDFEEBA8E7C19C58505DF691960346B4F9E0FC1076DE872E6CB4323B8AD7FB4B086B26E10A55ECEB23F6FE78A5224A0679E5EA529C1327D38EDCCD340788D6216D1388B33A8E93B41B0B13ECAB9B7D647BBFBA2181E752B9DE7230C13B38E0988CAD88E2B1F8B8B1C938B93BAD62F250289CE33E3BE77C04B8090B806B031C23413EAE7799E6FB6DFB02ACCD308EA8688245527ED4918ACE575748DC01C02A6420C9CEECCAF8CBA73F16282DEEC6697CF82C880E3FFC8FD149411C6AD19AAF3B30BF2EE89977B7536C9607777F6E4F6E83B84BB4D9B359EDA6A5A1167B6D352F4D6CCE10F2C974EB81CB1C75280406B2F891A7E500BD58648A5A88ACDD1A6D7A2D80690BB441E533171930ABA557A52BD2512E3FD9A3E5DE6A378E3FED42D6ED5480093D3B0E068F2A24B54FF43BEE12BDD5A646B4A2C1746C27328792A4B9528FB45F6AF56C6F917978B535D98C2441EE79D825E73BF97A7D49B5DC85B12B0C257DF6AF0907B771C5EA582C9DECDDC3CC1852AE403FDCA636DB4B111747646CF893260651567C4C63B391013CA9047AE7F77BCE46A16FBE54054CA8D74AE248A5C5A22B841D31B89C82C8D9567A03B249A07FC1CEFB03B569AB328B0028DA5F3D4D2E2BBE076D9DAAE0DA86DA2648E7311709D0A8C6083C42F9FE430418C2597BF533D294E15E53D5E045A95222A23F4CA7AC9FF35A0E1CBFB80227D800ADA8F79FE463F1C9FA0D8A4E9F6C42ACAB07B5A7CE6E1BB649264EF1EBBDE073A1892B3EDA5CF60D0921754A5848FE47F32168A094CAB1D242EF095BAAD113824511114B4714DDAAA585E3A653DEF46A70DB8D43E4813E6A03E5779B9A9194925CC967DF08F1EB9CEC35EA96BB3D78C40B0A4B8AA79D101CD8110E37119267CC3F2ADA62E3CA0F444C22CF5A73D46BBFDE56BBD1E4FC397A9D6975E77923B6E3AD4CAB4A4E3C5EEB01DC1B7690BF44197AAD7D1B802BB4F6494095E708F4A7F9642AAD64B0511037DC9A65663C4AA6046575A56226103E282B61286CFE6BD8672A3C297DB544E3CF08013BD2B32130D21E521351E9AA9F378171004A14B
+20210526110925 2 6 100 7679 2 E3F4DC1A68758284B2950A16204A7D9CB3972B0E74E2CDF12518B48DA3F349640BFEDA5162CB2EC47E2593EDB3BB51D743F3F4948A4D940B37B724B6D7E5F5BFD44F9D3CFB0F6E2CC1B33AEB7FCA7C2E26EFC55208D15DD12B08925383346148CA7CEEE874499CBE6E5D34AF7EF47742F683398B5418E3FA261013922180C6EEB4250632A2F93CDC281E6E76A488FEB4CE7B4C9783A37201CE4B551B53EEBF291234454CD0A4DC1B78C2D0F1BF72EC5D64EDBE8CB662F373ED861194F02AFBC8B7133ED9BDDFEEBA8E7C19C58505DF691960346B4F9E0FC1076DE872E6CB4323B8AD7FB4B086B26E10A55ECEB23F6FE78A5224A0679E5EA529C1327D38EDCCD340788D6216D1388B33A8E93B41B0B13ECAB9B7D647BBFBA2181E752B9DE7230C13B38E0988CAD88E2B1F8B8B1C938B93BAD62F250289CE33E3BE77C04B8090B806B031C23413EAE7799E6FB6DFB02ACCD308EA8688245527ED4918ACE575748DC01C02A6420C9CEECCAF8CBA73F16282DEEC6697CF82C880E3FFC8FD149411C6AD19AAF3B30BF2EE89977B7536C9607777F6E4F6E83B84BB4D9B359EDA6A5A1167B6D352F4D6CCE10F2C974EB81CB1C75280406B2F891A7E500BD58648A5A88ACDD1A6D7A2D80690BB441E533171930ABA557A52BD2512E3FD9A3E5DE6A378E3FED42D6ED5480093D3B0E068F2A24B54FF43BEE12BDD5A646B4A2C1746C27328792A4B9528FB45F6AF56C6F917978B535D98C2441EE79D825E73BF97A7D49B5DC85B12B0C257DF6AF0907B771C5EA582C9DECDDC3CC1852AE403FDCA636DB4B111747646CF893260651567C4C63B391013CA9047AE7F77BCE46A16FBE54054CA8D74AE248A5C5A22B841D31B89C82C8D9567A03B249A07FC1CEFB03B569AB328B0028DA5F3D4D2E2BBE076D9DAAE0DA86DA2648E7311709D0A8C6083C42F9FE430418C2597BF533D294E15E53D5E045A95222A23F4CA7AC9FF35A0E1CBFB80227D800ADA8F79FE463F1C9FA0D8A4E9F6C42ACAB07B5A7CE6E1BB649264EF1EBBDE073A1892B3EDA5CF60D0921754A5848FE47F32168A094CAB1D242EF095BAAD113824511114B4714DDAAA585E3A653DEF46A70DB8D43E4813E6A03E5779B9A9194925CC967DF08F1EB9CEC35EA96BB3D78C40B0A4B8AA79D101CD8110E37119267CC3F2ADA62E3CA0F444C22CF5A73D46BBFDE56BBD1E4FC397A9D6975E77923B6E3AD4CAB4A4E3C5EEB01DC1B7690BF44197AAD7D1B802BB4F6494095E708F4A7F9642AAD64B0511037DC9A65663C4AA6046575A56226103E282B61286CFE6BD8672A3C297DB544E3CF08013BD2B32130D21E521351E9AA9F378171065B293
+20210526123113 2 6 100 7679 5 E3F4DC1A68758284B2950A16204A7D9CB3972B0E74E2CDF12518B48DA3F349640BFEDA5162CB2EC47E2593EDB3BB51D743F3F4948A4D940B37B724B6D7E5F5BFD44F9D3CFB0F6E2CC1B33AEB7FCA7C2E26EFC55208D15DD12B08925383346148CA7CEEE874499CBE6E5D34AF7EF47742F683398B5418E3FA261013922180C6EEB4250632A2F93CDC281E6E76A488FEB4CE7B4C9783A37201CE4B551B53EEBF291234454CD0A4DC1B78C2D0F1BF72EC5D64EDBE8CB662F373ED861194F02AFBC8B7133ED9BDDFEEBA8E7C19C58505DF691960346B4F9E0FC1076DE872E6CB4323B8AD7FB4B086B26E10A55ECEB23F6FE78A5224A0679E5EA529C1327D38EDCCD340788D6216D1388B33A8E93B41B0B13ECAB9B7D647BBFBA2181E752B9DE7230C13B38E0988CAD88E2B1F8B8B1C938B93BAD62F250289CE33E3BE77C04B8090B806B031C23413EAE7799E6FB6DFB02ACCD308EA8688245527ED4918ACE575748DC01C02A6420C9CEECCAF8CBA73F16282DEEC6697CF82C880E3FFC8FD149411C6AD19AAF3B30BF2EE89977B7536C9607777F6E4F6E83B84BB4D9B359EDA6A5A1167B6D352F4D6CCE10F2C974EB81CB1C75280406B2F891A7E500BD58648A5A88ACDD1A6D7A2D80690BB441E533171930ABA557A52BD2512E3FD9A3E5DE6A378E3FED42D6ED5480093D3B0E068F2A24B54FF43BEE12BDD5A646B4A2C1746C27328792A4B9528FB45F6AF56C6F917978B535D98C2441EE79D825E73BF97A7D49B5DC85B12B0C257DF6AF0907B771C5EA582C9DECDDC3CC1852AE403FDCA636DB4B111747646CF893260651567C4C63B391013CA9047AE7F77BCE46A16FBE54054CA8D74AE248A5C5A22B841D31B89C82C8D9567A03B249A07FC1CEFB03B569AB328B0028DA5F3D4D2E2BBE076D9DAAE0DA86DA2648E7311709D0A8C6083C42F9FE430418C2597BF533D294E15E53D5E045A95222A23F4CA7AC9FF35A0E1CBFB80227D800ADA8F79FE463F1C9FA0D8A4E9F6C42ACAB07B5A7CE6E1BB649264EF1EBBDE073A1892B3EDA5CF60D0921754A5848FE47F32168A094CAB1D242EF095BAAD113824511114B4714DDAAA585E3A653DEF46A70DB8D43E4813E6A03E5779B9A9194925CC967DF08F1EB9CEC35EA96BB3D78C40B0A4B8AA79D101CD8110E37119267CC3F2ADA62E3CA0F444C22CF5A73D46BBFDE56BBD1E4FC397A9D6975E77923B6E3AD4CAB4A4E3C5EEB01DC1B7690BF44197AAD7D1B802BB4F6494095E708F4A7F9642AAD64B0511037DC9A65663C4AA6046575A56226103E282B61286CFE6BD8672A3C297DB544E3CF08013BD2B32130D21E521351E9AA9F37817168DDC17
+20210526123356 2 6 100 7679 2 E3F4DC1A68758284B2950A16204A7D9CB3972B0E74E2CDF12518B48DA3F349640BFEDA5162CB2EC47E2593EDB3BB51D743F3F4948A4D940B37B724B6D7E5F5BFD44F9D3CFB0F6E2CC1B33AEB7FCA7C2E26EFC55208D15DD12B08925383346148CA7CEEE874499CBE6E5D34AF7EF47742F683398B5418E3FA261013922180C6EEB4250632A2F93CDC281E6E76A488FEB4CE7B4C9783A37201CE4B551B53EEBF291234454CD0A4DC1B78C2D0F1BF72EC5D64EDBE8CB662F373ED861194F02AFBC8B7133ED9BDDFEEBA8E7C19C58505DF691960346B4F9E0FC1076DE872E6CB4323B8AD7FB4B086B26E10A55ECEB23F6FE78A5224A0679E5EA529C1327D38EDCCD340788D6216D1388B33A8E93B41B0B13ECAB9B7D647BBFBA2181E752B9DE7230C13B38E0988CAD88E2B1F8B8B1C938B93BAD62F250289CE33E3BE77C04B8090B806B031C23413EAE7799E6FB6DFB02ACCD308EA8688245527ED4918ACE575748DC01C02A6420C9CEECCAF8CBA73F16282DEEC6697CF82C880E3FFC8FD149411C6AD19AAF3B30BF2EE89977B7536C9607777F6E4F6E83B84BB4D9B359EDA6A5A1167B6D352F4D6CCE10F2C974EB81CB1C75280406B2F891A7E500BD58648A5A88ACDD1A6D7A2D80690BB441E533171930ABA557A52BD2512E3FD9A3E5DE6A378E3FED42D6ED5480093D3B0E068F2A24B54FF43BEE12BDD5A646B4A2C1746C27328792A4B9528FB45F6AF56C6F917978B535D98C2441EE79D825E73BF97A7D49B5DC85B12B0C257DF6AF0907B771C5EA582C9DECDDC3CC1852AE403FDCA636DB4B111747646CF893260651567C4C63B391013CA9047AE7F77BCE46A16FBE54054CA8D74AE248A5C5A22B841D31B89C82C8D9567A03B249A07FC1CEFB03B569AB328B0028DA5F3D4D2E2BBE076D9DAAE0DA86DA2648E7311709D0A8C6083C42F9FE430418C2597BF533D294E15E53D5E045A95222A23F4CA7AC9FF35A0E1CBFB80227D800ADA8F79FE463F1C9FA0D8A4E9F6C42ACAB07B5A7CE6E1BB649264EF1EBBDE073A1892B3EDA5CF60D0921754A5848FE47F32168A094CAB1D242EF095BAAD113824511114B4714DDAAA585E3A653DEF46A70DB8D43E4813E6A03E5779B9A9194925CC967DF08F1EB9CEC35EA96BB3D78C40B0A4B8AA79D101CD8110E37119267CC3F2ADA62E3CA0F444C22CF5A73D46BBFDE56BBD1E4FC397A9D6975E77923B6E3AD4CAB4A4E3C5EEB01DC1B7690BF44197AAD7D1B802BB4F6494095E708F4A7F9642AAD64B0511037DC9A65663C4AA6046575A56226103E282B61286CFE6BD8672A3C297DB544E3CF08013BD2B32130D21E521351E9AA9F3781716B7D3FB
+20210526135059 2 6 100 7679 5 E3F4DC1A68758284B2950A16204A7D9CB3972B0E74E2CDF12518B48DA3F349640BFEDA5162CB2EC47E2593EDB3BB51D743F3F4948A4D940B37B724B6D7E5F5BFD44F9D3CFB0F6E2CC1B33AEB7FCA7C2E26EFC55208D15DD12B08925383346148CA7CEEE874499CBE6E5D34AF7EF47742F683398B5418E3FA261013922180C6EEB4250632A2F93CDC281E6E76A488FEB4CE7B4C9783A37201CE4B551B53EEBF291234454CD0A4DC1B78C2D0F1BF72EC5D64EDBE8CB662F373ED861194F02AFBC8B7133ED9BDDFEEBA8E7C19C58505DF691960346B4F9E0FC1076DE872E6CB4323B8AD7FB4B086B26E10A55ECEB23F6FE78A5224A0679E5EA529C1327D38EDCCD340788D6216D1388B33A8E93B41B0B13ECAB9B7D647BBFBA2181E752B9DE7230C13B38E0988CAD88E2B1F8B8B1C938B93BAD62F250289CE33E3BE77C04B8090B806B031C23413EAE7799E6FB6DFB02ACCD308EA8688245527ED4918ACE575748DC01C02A6420C9CEECCAF8CBA73F16282DEEC6697CF82C880E3FFC8FD149411C6AD19AAF3B30BF2EE89977B7536C9607777F6E4F6E83B84BB4D9B359EDA6A5A1167B6D352F4D6CCE10F2C974EB81CB1C75280406B2F891A7E500BD58648A5A88ACDD1A6D7A2D80690BB441E533171930ABA557A52BD2512E3FD9A3E5DE6A378E3FED42D6ED5480093D3B0E068F2A24B54FF43BEE12BDD5A646B4A2C1746C27328792A4B9528FB45F6AF56C6F917978B535D98C2441EE79D825E73BF97A7D49B5DC85B12B0C257DF6AF0907B771C5EA582C9DECDDC3CC1852AE403FDCA636DB4B111747646CF893260651567C4C63B391013CA9047AE7F77BCE46A16FBE54054CA8D74AE248A5C5A22B841D31B89C82C8D9567A03B249A07FC1CEFB03B569AB328B0028DA5F3D4D2E2BBE076D9DAAE0DA86DA2648E7311709D0A8C6083C42F9FE430418C2597BF533D294E15E53D5E045A95222A23F4CA7AC9FF35A0E1CBFB80227D800ADA8F79FE463F1C9FA0D8A4E9F6C42ACAB07B5A7CE6E1BB649264EF1EBBDE073A1892B3EDA5CF60D0921754A5848FE47F32168A094CAB1D242EF095BAAD113824511114B4714DDAAA585E3A653DEF46A70DB8D43E4813E6A03E5779B9A9194925CC967DF08F1EB9CEC35EA96BB3D78C40B0A4B8AA79D101CD8110E37119267CC3F2ADA62E3CA0F444C22CF5A73D46BBFDE56BBD1E4FC397A9D6975E77923B6E3AD4CAB4A4E3C5EEB01DC1B7690BF44197AAD7D1B802BB4F6494095E708F4A7F9642AAD64B0511037DC9A65663C4AA6046575A56226103E282B61286CFE6BD8672A3C297DB544E3CF08013BD2B32130D21E521351E9AA9F378171C86775F
+20210526162058 2 6 100 7679 2 E3F4DC1A68758284B2950A16204A7D9CB3972B0E74E2CDF12518B48DA3F349640BFEDA5162CB2EC47E2593EDB3BB51D743F3F4948A4D940B37B724B6D7E5F5BFD44F9D3CFB0F6E2CC1B33AEB7FCA7C2E26EFC55208D15DD12B08925383346148CA7CEEE874499CBE6E5D34AF7EF47742F683398B5418E3FA261013922180C6EEB4250632A2F93CDC281E6E76A488FEB4CE7B4C9783A37201CE4B551B53EEBF291234454CD0A4DC1B78C2D0F1BF72EC5D64EDBE8CB662F373ED861194F02AFBC8B7133ED9BDDFEEBA8E7C19C58505DF691960346B4F9E0FC1076DE872E6CB4323B8AD7FB4B086B26E10A55ECEB23F6FE78A5224A0679E5EA529C1327D38EDCCD340788D6216D1388B33A8E93B41B0B13ECAB9B7D647BBFBA2181E752B9DE7230C13B38E0988CAD88E2B1F8B8B1C938B93BAD62F250289CE33E3BE77C04B8090B806B031C23413EAE7799E6FB6DFB02ACCD308EA8688245527ED4918ACE575748DC01C02A6420C9CEECCAF8CBA73F16282DEEC6697CF82C880E3FFC8FD149411C6AD19AAF3B30BF2EE89977B7536C9607777F6E4F6E83B84BB4D9B359EDA6A5A1167B6D352F4D6CCE10F2C974EB81CB1C75280406B2F891A7E500BD58648A5A88ACDD1A6D7A2D80690BB441E533171930ABA557A52BD2512E3FD9A3E5DE6A378E3FED42D6ED5480093D3B0E068F2A24B54FF43BEE12BDD5A646B4A2C1746C27328792A4B9528FB45F6AF56C6F917978B535D98C2441EE79D825E73BF97A7D49B5DC85B12B0C257DF6AF0907B771C5EA582C9DECDDC3CC1852AE403FDCA636DB4B111747646CF893260651567C4C63B391013CA9047AE7F77BCE46A16FBE54054CA8D74AE248A5C5A22B841D31B89C82C8D9567A03B249A07FC1CEFB03B569AB328B0028DA5F3D4D2E2BBE076D9DAAE0DA86DA2648E7311709D0A8C6083C42F9FE430418C2597BF533D294E15E53D5E045A95222A23F4CA7AC9FF35A0E1CBFB80227D800ADA8F79FE463F1C9FA0D8A4E9F6C42ACAB07B5A7CE6E1BB649264EF1EBBDE073A1892B3EDA5CF60D0921754A5848FE47F32168A094CAB1D242EF095BAAD113824511114B4714DDAAA585E3A653DEF46A70DB8D43E4813E6A03E5779B9A9194925CC967DF08F1EB9CEC35EA96BB3D78C40B0A4B8AA79D101CD8110E37119267CC3F2ADA62E3CA0F444C22CF5A73D46BBFDE56BBD1E4FC397A9D6975E77923B6E3AD4CAB4A4E3C5EEB01DC1B7690BF44197AAD7D1B802BB4F6494095E708F4A7F9642AAD64B0511037DC9A65663C4AA6046575A56226103E282B61286CFE6BD8672A3C297DB544E3CF08013BD2B32130D21E521351E9AA9F3781727B688EB
+20210526173849 2 6 100 7679 2 E3F4DC1A68758284B2950A16204A7D9CB3972B0E74E2CDF12518B48DA3F349640BFEDA5162CB2EC47E2593EDB3BB51D743F3F4948A4D940B37B724B6D7E5F5BFD44F9D3CFB0F6E2CC1B33AEB7FCA7C2E26EFC55208D15DD12B08925383346148CA7CEEE874499CBE6E5D34AF7EF47742F683398B5418E3FA261013922180C6EEB4250632A2F93CDC281E6E76A488FEB4CE7B4C9783A37201CE4B551B53EEBF291234454CD0A4DC1B78C2D0F1BF72EC5D64EDBE8CB662F373ED861194F02AFBC8B7133ED9BDDFEEBA8E7C19C58505DF691960346B4F9E0FC1076DE872E6CB4323B8AD7FB4B086B26E10A55ECEB23F6FE78A5224A0679E5EA529C1327D38EDCCD340788D6216D1388B33A8E93B41B0B13ECAB9B7D647BBFBA2181E752B9DE7230C13B38E0988CAD88E2B1F8B8B1C938B93BAD62F250289CE33E3BE77C04B8090B806B031C23413EAE7799E6FB6DFB02ACCD308EA8688245527ED4918ACE575748DC01C02A6420C9CEECCAF8CBA73F16282DEEC6697CF82C880E3FFC8FD149411C6AD19AAF3B30BF2EE89977B7536C9607777F6E4F6E83B84BB4D9B359EDA6A5A1167B6D352F4D6CCE10F2C974EB81CB1C75280406B2F891A7E500BD58648A5A88ACDD1A6D7A2D80690BB441E533171930ABA557A52BD2512E3FD9A3E5DE6A378E3FED42D6ED5480093D3B0E068F2A24B54FF43BEE12BDD5A646B4A2C1746C27328792A4B9528FB45F6AF56C6F917978B535D98C2441EE79D825E73BF97A7D49B5DC85B12B0C257DF6AF0907B771C5EA582C9DECDDC3CC1852AE403FDCA636DB4B111747646CF893260651567C4C63B391013CA9047AE7F77BCE46A16FBE54054CA8D74AE248A5C5A22B841D31B89C82C8D9567A03B249A07FC1CEFB03B569AB328B0028DA5F3D4D2E2BBE076D9DAAE0DA86DA2648E7311709D0A8C6083C42F9FE430418C2597BF533D294E15E53D5E045A95222A23F4CA7AC9FF35A0E1CBFB80227D800ADA8F79FE463F1C9FA0D8A4E9F6C42ACAB07B5A7CE6E1BB649264EF1EBBDE073A1892B3EDA5CF60D0921754A5848FE47F32168A094CAB1D242EF095BAAD113824511114B4714DDAAA585E3A653DEF46A70DB8D43E4813E6A03E5779B9A9194925CC967DF08F1EB9CEC35EA96BB3D78C40B0A4B8AA79D101CD8110E37119267CC3F2ADA62E3CA0F444C22CF5A73D46BBFDE56BBD1E4FC397A9D6975E77923B6E3AD4CAB4A4E3C5EEB01DC1B7690BF44197AAD7D1B802BB4F6494095E708F4A7F9642AAD64B0511037DC9A65663C4AA6046575A56226103E282B61286CFE6BD8672A3C297DB544E3CF08013BD2B32130D21E521351E9AA9F378172D7A5213
+20210526175432 2 6 100 7679 2 E3F4DC1A68758284B2950A16204A7D9CB3972B0E74E2CDF12518B48DA3F349640BFEDA5162CB2EC47E2593EDB3BB51D743F3F4948A4D940B37B724B6D7E5F5BFD44F9D3CFB0F6E2CC1B33AEB7FCA7C2E26EFC55208D15DD12B08925383346148CA7CEEE874499CBE6E5D34AF7EF47742F683398B5418E3FA261013922180C6EEB4250632A2F93CDC281E6E76A488FEB4CE7B4C9783A37201CE4B551B53EEBF291234454CD0A4DC1B78C2D0F1BF72EC5D64EDBE8CB662F373ED861194F02AFBC8B7133ED9BDDFEEBA8E7C19C58505DF691960346B4F9E0FC1076DE872E6CB4323B8AD7FB4B086B26E10A55ECEB23F6FE78A5224A0679E5EA529C1327D38EDCCD340788D6216D1388B33A8E93B41B0B13ECAB9B7D647BBFBA2181E752B9DE7230C13B38E0988CAD88E2B1F8B8B1C938B93BAD62F250289CE33E3BE77C04B8090B806B031C23413EAE7799E6FB6DFB02ACCD308EA8688245527ED4918ACE575748DC01C02A6420C9CEECCAF8CBA73F16282DEEC6697CF82C880E3FFC8FD149411C6AD19AAF3B30BF2EE89977B7536C9607777F6E4F6E83B84BB4D9B359EDA6A5A1167B6D352F4D6CCE10F2C974EB81CB1C75280406B2F891A7E500BD58648A5A88ACDD1A6D7A2D80690BB441E533171930ABA557A52BD2512E3FD9A3E5DE6A378E3FED42D6ED5480093D3B0E068F2A24B54FF43BEE12BDD5A646B4A2C1746C27328792A4B9528FB45F6AF56C6F917978B535D98C2441EE79D825E73BF97A7D49B5DC85B12B0C257DF6AF0907B771C5EA582C9DECDDC3CC1852AE403FDCA636DB4B111747646CF893260651567C4C63B391013CA9047AE7F77BCE46A16FBE54054CA8D74AE248A5C5A22B841D31B89C82C8D9567A03B249A07FC1CEFB03B569AB328B0028DA5F3D4D2E2BBE076D9DAAE0DA86DA2648E7311709D0A8C6083C42F9FE430418C2597BF533D294E15E53D5E045A95222A23F4CA7AC9FF35A0E1CBFB80227D800ADA8F79FE463F1C9FA0D8A4E9F6C42ACAB07B5A7CE6E1BB649264EF1EBBDE073A1892B3EDA5CF60D0921754A5848FE47F32168A094CAB1D242EF095BAAD113824511114B4714DDAAA585E3A653DEF46A70DB8D43E4813E6A03E5779B9A9194925CC967DF08F1EB9CEC35EA96BB3D78C40B0A4B8AA79D101CD8110E37119267CC3F2ADA62E3CA0F444C22CF5A73D46BBFDE56BBD1E4FC397A9D6975E77923B6E3AD4CAB4A4E3C5EEB01DC1B7690BF44197AAD7D1B802BB4F6494095E708F4A7F9642AAD64B0511037DC9A65663C4AA6046575A56226103E282B61286CFE6BD8672A3C297DB544E3CF08013BD2B32130D21E521351E9AA9F378172E9D4DF3
+20210526175746 2 6 100 7679 5 E3F4DC1A68758284B2950A16204A7D9CB3972B0E74E2CDF12518B48DA3F349640BFEDA5162CB2EC47E2593EDB3BB51D743F3F4948A4D940B37B724B6D7E5F5BFD44F9D3CFB0F6E2CC1B33AEB7FCA7C2E26EFC55208D15DD12B08925383346148CA7CEEE874499CBE6E5D34AF7EF47742F683398B5418E3FA261013922180C6EEB4250632A2F93CDC281E6E76A488FEB4CE7B4C9783A37201CE4B551B53EEBF291234454CD0A4DC1B78C2D0F1BF72EC5D64EDBE8CB662F373ED861194F02AFBC8B7133ED9BDDFEEBA8E7C19C58505DF691960346B4F9E0FC1076DE872E6CB4323B8AD7FB4B086B26E10A55ECEB23F6FE78A5224A0679E5EA529C1327D38EDCCD340788D6216D1388B33A8E93B41B0B13ECAB9B7D647BBFBA2181E752B9DE7230C13B38E0988CAD88E2B1F8B8B1C938B93BAD62F250289CE33E3BE77C04B8090B806B031C23413EAE7799E6FB6DFB02ACCD308EA8688245527ED4918ACE575748DC01C02A6420C9CEECCAF8CBA73F16282DEEC6697CF82C880E3FFC8FD149411C6AD19AAF3B30BF2EE89977B7536C9607777F6E4F6E83B84BB4D9B359EDA6A5A1167B6D352F4D6CCE10F2C974EB81CB1C75280406B2F891A7E500BD58648A5A88ACDD1A6D7A2D80690BB441E533171930ABA557A52BD2512E3FD9A3E5DE6A378E3FED42D6ED5480093D3B0E068F2A24B54FF43BEE12BDD5A646B4A2C1746C27328792A4B9528FB45F6AF56C6F917978B535D98C2441EE79D825E73BF97A7D49B5DC85B12B0C257DF6AF0907B771C5EA582C9DECDDC3CC1852AE403FDCA636DB4B111747646CF893260651567C4C63B391013CA9047AE7F77BCE46A16FBE54054CA8D74AE248A5C5A22B841D31B89C82C8D9567A03B249A07FC1CEFB03B569AB328B0028DA5F3D4D2E2BBE076D9DAAE0DA86DA2648E7311709D0A8C6083C42F9FE430418C2597BF533D294E15E53D5E045A95222A23F4CA7AC9FF35A0E1CBFB80227D800ADA8F79FE463F1C9FA0D8A4E9F6C42ACAB07B5A7CE6E1BB649264EF1EBBDE073A1892B3EDA5CF60D0921754A5848FE47F32168A094CAB1D242EF095BAAD113824511114B4714DDAAA585E3A653DEF46A70DB8D43E4813E6A03E5779B9A9194925CC967DF08F1EB9CEC35EA96BB3D78C40B0A4B8AA79D101CD8110E37119267CC3F2ADA62E3CA0F444C22CF5A73D46BBFDE56BBD1E4FC397A9D6975E77923B6E3AD4CAB4A4E3C5EEB01DC1B7690BF44197AAD7D1B802BB4F6494095E708F4A7F9642AAD64B0511037DC9A65663C4AA6046575A56226103E282B61286CFE6BD8672A3C297DB544E3CF08013BD2B32130D21E521351E9AA9F378172ED281E7
+20210526194658 2 6 100 7679 5 C32E7FEED6DD76E659C6961141AEC4C2E086F62A1B6FBB851A142301550CCFC2E424C3D4B1B518D97BB7DBA9B7E0E40408EA5CE767F9276D112391D7D777FC14537F787F3ADD0DA7A45B64E1330E8F7A0D23C5AFB283E766F2BD69FD286599C68CFF239900CB849E720800D52B4D7FDFBE94C6B920AFD4FE3BAB7C9F19193F96ADC0EDE471FCFCD27ABFF54EFD8F589FD4FD5DF45FC03F832C4B137F4AEAE448E9FEC83A8E1BE47FA202A243BE467219C94A5B28908635E9794C4A4D471E17297E5584CAC109082787C01B8C32C3B0D89006EABD02F17D8BAA792C71A3CA3563501206E70786FC09605B91365EBC2F31EAA94778BB63895FE13ECEBDD005255672ED2768ACAA24E317FC4D4204AEF9B69C0A7EE845B3C228A878D385BE603145DFA087D480A41AEDFA887F7B058BBBEE7D702D83611132FDDF37D0ED1D1731B905D73CDCEF06F9F2BE2A1D01099A915F545F8FFE9B42B66C5FF5DDF2CFCD38B50D45620A364650F12A6E9E94D398FBA738ED66C764901F475CC0DB8B328343180DC70E77BAFC3D8F5CD168A9D9985BA98DD632FB6691B178DE4C276FD5EADABB891680118D0F1234C21AE7788981A33AEEB5D357C28B87F82E4D7314C2A5C9C756541C9CA0C038CA03EB4A75324BBD8DEB5817EDBE6EC15FEEE0E94DBADB19DB0C53467935672C9E8DA879D83619277D37109F4002884B45A69693E5E5C0919BB3A11C89D0BDE5B944602222405EA03F1CB8B8C171C1BD01489E5690EFBFD69CE50A3C7D57FB83857B18B98FFC999D0CA1CA5BFE196485D03E6CD9DE2964091827CC7FBD6D4708D6E8C27BD38A40CF06F713544A1A862DC650F13148A039BE09E55765E27E70490EA8D5AB67009A5834ED6972FF8D76F57B4EEE311E2F395C12DF65FB0DB8F9DD405F0CFEDF3BF08C391E628A0230B6F0ABBB4D07EC644DBBFBD4F48F9A89756F1004873C3D9F20E3566B6B1A2E1ABB6C7152EFB099723469A3D4408D0C27106E09D483C705E50556A35691C99B108D5629A3BFF434A196868E460046B26F4D1FC9725A3470229BF840C86EE0FE1239AF1992C6F7E960CAD0E0D82839CB67318A084AE5BBD8CE513C4DE6EC95B74F8CABADCD825775C36247B07F2CBDCF45B6C3ABF0C4EFED04733309D6CFEBE37871B9A4180A84A822742CD47496C310BCECB574EBED53C0BFDE574D49F3E180EF575B1BFB8799434305FAB7CB970AF999407F262FDBC13CC1809B1F34A962FE8D1348D52780C4AA173E769E70CAC6D8C2E97BF92F7624B4631952FC07FAF93E43A1A8C869C3423BD9A9387CFB4B5B8B2D8475174CCA1AF38CC64E514F0281D65A9AEE4876EB7CDC72DF2567
+20210526205542 2 6 100 7679 2 C32E7FEED6DD76E659C6961141AEC4C2E086F62A1B6FBB851A142301550CCFC2E424C3D4B1B518D97BB7DBA9B7E0E40408EA5CE767F9276D112391D7D777FC14537F787F3ADD0DA7A45B64E1330E8F7A0D23C5AFB283E766F2BD69FD286599C68CFF239900CB849E720800D52B4D7FDFBE94C6B920AFD4FE3BAB7C9F19193F96ADC0EDE471FCFCD27ABFF54EFD8F589FD4FD5DF45FC03F832C4B137F4AEAE448E9FEC83A8E1BE47FA202A243BE467219C94A5B28908635E9794C4A4D471E17297E5584CAC109082787C01B8C32C3B0D89006EABD02F17D8BAA792C71A3CA3563501206E70786FC09605B91365EBC2F31EAA94778BB63895FE13ECEBDD005255672ED2768ACAA24E317FC4D4204AEF9B69C0A7EE845B3C228A878D385BE603145DFA087D480A41AEDFA887F7B058BBBEE7D702D83611132FDDF37D0ED1D1731B905D73CDCEF06F9F2BE2A1D01099A915F545F8FFE9B42B66C5FF5DDF2CFCD38B50D45620A364650F12A6E9E94D398FBA738ED66C764901F475CC0DB8B328343180DC70E77BAFC3D8F5CD168A9D9985BA98DD632FB6691B178DE4C276FD5EADABB891680118D0F1234C21AE7788981A33AEEB5D357C28B87F82E4D7314C2A5C9C756541C9CA0C038CA03EB4A75324BBD8DEB5817EDBE6EC15FEEE0E94DBADB19DB0C53467935672C9E8DA879D83619277D37109F4002884B45A69693E5E5C0919BB3A11C89D0BDE5B944602222405EA03F1CB8B8C171C1BD01489E5690EFBFD69CE50A3C7D57FB83857B18B98FFC999D0CA1CA5BFE196485D03E6CD9DE2964091827CC7FBD6D4708D6E8C27BD38A40CF06F713544A1A862DC650F13148A039BE09E55765E27E70490EA8D5AB67009A5834ED6972FF8D76F57B4EEE311E2F395C12DF65FB0DB8F9DD405F0CFEDF3BF08C391E628A0230B6F0ABBB4D07EC644DBBFBD4F48F9A89756F1004873C3D9F20E3566B6B1A2E1ABB6C7152EFB099723469A3D4408D0C27106E09D483C705E50556A35691C99B108D5629A3BFF434A196868E460046B26F4D1FC9725A3470229BF840C86EE0FE1239AF1992C6F7E960CAD0E0D82839CB67318A084AE5BBD8CE513C4DE6EC95B74F8CABADCD825775C36247B07F2CBDCF45B6C3ABF0C4EFED04733309D6CFEBE37871B9A4180A84A822742CD47496C310BCECB574EBED53C0BFDE574D49F3E180EF575B1BFB8799434305FAB7CB970AF999407F262FDBC13CC1809B1F34A962FE8D1348D52780C4AA173E769E70CAC6D8C2E97BF92F7624B4631952FC07FAF93E43A1A8C869C3423BD9A9387CFB4B5B8B2D8475174CCA1AF38CC64E514F0281D65A9AEE4876EB7CDC789BCF5B
+20210526211855 2 6 100 7679 2 C32E7FEED6DD76E659C6961141AEC4C2E086F62A1B6FBB851A142301550CCFC2E424C3D4B1B518D97BB7DBA9B7E0E40408EA5CE767F9276D112391D7D777FC14537F787F3ADD0DA7A45B64E1330E8F7A0D23C5AFB283E766F2BD69FD286599C68CFF239900CB849E720800D52B4D7FDFBE94C6B920AFD4FE3BAB7C9F19193F96ADC0EDE471FCFCD27ABFF54EFD8F589FD4FD5DF45FC03F832C4B137F4AEAE448E9FEC83A8E1BE47FA202A243BE467219C94A5B28908635E9794C4A4D471E17297E5584CAC109082787C01B8C32C3B0D89006EABD02F17D8BAA792C71A3CA3563501206E70786FC09605B91365EBC2F31EAA94778BB63895FE13ECEBDD005255672ED2768ACAA24E317FC4D4204AEF9B69C0A7EE845B3C228A878D385BE603145DFA087D480A41AEDFA887F7B058BBBEE7D702D83611132FDDF37D0ED1D1731B905D73CDCEF06F9F2BE2A1D01099A915F545F8FFE9B42B66C5FF5DDF2CFCD38B50D45620A364650F12A6E9E94D398FBA738ED66C764901F475CC0DB8B328343180DC70E77BAFC3D8F5CD168A9D9985BA98DD632FB6691B178DE4C276FD5EADABB891680118D0F1234C21AE7788981A33AEEB5D357C28B87F82E4D7314C2A5C9C756541C9CA0C038CA03EB4A75324BBD8DEB5817EDBE6EC15FEEE0E94DBADB19DB0C53467935672C9E8DA879D83619277D37109F4002884B45A69693E5E5C0919BB3A11C89D0BDE5B944602222405EA03F1CB8B8C171C1BD01489E5690EFBFD69CE50A3C7D57FB83857B18B98FFC999D0CA1CA5BFE196485D03E6CD9DE2964091827CC7FBD6D4708D6E8C27BD38A40CF06F713544A1A862DC650F13148A039BE09E55765E27E70490EA8D5AB67009A5834ED6972FF8D76F57B4EEE311E2F395C12DF65FB0DB8F9DD405F0CFEDF3BF08C391E628A0230B6F0ABBB4D07EC644DBBFBD4F48F9A89756F1004873C3D9F20E3566B6B1A2E1ABB6C7152EFB099723469A3D4408D0C27106E09D483C705E50556A35691C99B108D5629A3BFF434A196868E460046B26F4D1FC9725A3470229BF840C86EE0FE1239AF1992C6F7E960CAD0E0D82839CB67318A084AE5BBD8CE513C4DE6EC95B74F8CABADCD825775C36247B07F2CBDCF45B6C3ABF0C4EFED04733309D6CFEBE37871B9A4180A84A822742CD47496C310BCECB574EBED53C0BFDE574D49F3E180EF575B1BFB8799434305FAB7CB970AF999407F262FDBC13CC1809B1F34A962FE8D1348D52780C4AA173E769E70CAC6D8C2E97BF92F7624B4631952FC07FAF93E43A1A8C869C3423BD9A9387CFB4B5B8B2D8475174CCA1AF38CC64E514F0281D65A9AEE4876EB7CDC7A83E6AB
+20210526212819 2 6 100 7679 2 C32E7FEED6DD76E659C6961141AEC4C2E086F62A1B6FBB851A142301550CCFC2E424C3D4B1B518D97BB7DBA9B7E0E40408EA5CE767F9276D112391D7D777FC14537F787F3ADD0DA7A45B64E1330E8F7A0D23C5AFB283E766F2BD69FD286599C68CFF239900CB849E720800D52B4D7FDFBE94C6B920AFD4FE3BAB7C9F19193F96ADC0EDE471FCFCD27ABFF54EFD8F589FD4FD5DF45FC03F832C4B137F4AEAE448E9FEC83A8E1BE47FA202A243BE467219C94A5B28908635E9794C4A4D471E17297E5584CAC109082787C01B8C32C3B0D89006EABD02F17D8BAA792C71A3CA3563501206E70786FC09605B91365EBC2F31EAA94778BB63895FE13ECEBDD005255672ED2768ACAA24E317FC4D4204AEF9B69C0A7EE845B3C228A878D385BE603145DFA087D480A41AEDFA887F7B058BBBEE7D702D83611132FDDF37D0ED1D1731B905D73CDCEF06F9F2BE2A1D01099A915F545F8FFE9B42B66C5FF5DDF2CFCD38B50D45620A364650F12A6E9E94D398FBA738ED66C764901F475CC0DB8B328343180DC70E77BAFC3D8F5CD168A9D9985BA98DD632FB6691B178DE4C276FD5EADABB891680118D0F1234C21AE7788981A33AEEB5D357C28B87F82E4D7314C2A5C9C756541C9CA0C038CA03EB4A75324BBD8DEB5817EDBE6EC15FEEE0E94DBADB19DB0C53467935672C9E8DA879D83619277D37109F4002884B45A69693E5E5C0919BB3A11C89D0BDE5B944602222405EA03F1CB8B8C171C1BD01489E5690EFBFD69CE50A3C7D57FB83857B18B98FFC999D0CA1CA5BFE196485D03E6CD9DE2964091827CC7FBD6D4708D6E8C27BD38A40CF06F713544A1A862DC650F13148A039BE09E55765E27E70490EA8D5AB67009A5834ED6972FF8D76F57B4EEE311E2F395C12DF65FB0DB8F9DD405F0CFEDF3BF08C391E628A0230B6F0ABBB4D07EC644DBBFBD4F48F9A89756F1004873C3D9F20E3566B6B1A2E1ABB6C7152EFB099723469A3D4408D0C27106E09D483C705E50556A35691C99B108D5629A3BFF434A196868E460046B26F4D1FC9725A3470229BF840C86EE0FE1239AF1992C6F7E960CAD0E0D82839CB67318A084AE5BBD8CE513C4DE6EC95B74F8CABADCD825775C36247B07F2CBDCF45B6C3ABF0C4EFED04733309D6CFEBE37871B9A4180A84A822742CD47496C310BCECB574EBED53C0BFDE574D49F3E180EF575B1BFB8799434305FAB7CB970AF999407F262FDBC13CC1809B1F34A962FE8D1348D52780C4AA173E769E70CAC6D8C2E97BF92F7624B4631952FC07FAF93E43A1A8C869C3423BD9A9387CFB4B5B8B2D8475174CCA1AF38CC64E514F0281D65A9AEE4876EB7CDC7B4A5E7B
+20210526214431 2 6 100 7679 5 C32E7FEED6DD76E659C6961141AEC4C2E086F62A1B6FBB851A142301550CCFC2E424C3D4B1B518D97BB7DBA9B7E0E40408EA5CE767F9276D112391D7D777FC14537F787F3ADD0DA7A45B64E1330E8F7A0D23C5AFB283E766F2BD69FD286599C68CFF239900CB849E720800D52B4D7FDFBE94C6B920AFD4FE3BAB7C9F19193F96ADC0EDE471FCFCD27ABFF54EFD8F589FD4FD5DF45FC03F832C4B137F4AEAE448E9FEC83A8E1BE47FA202A243BE467219C94A5B28908635E9794C4A4D471E17297E5584CAC109082787C01B8C32C3B0D89006EABD02F17D8BAA792C71A3CA3563501206E70786FC09605B91365EBC2F31EAA94778BB63895FE13ECEBDD005255672ED2768ACAA24E317FC4D4204AEF9B69C0A7EE845B3C228A878D385BE603145DFA087D480A41AEDFA887F7B058BBBEE7D702D83611132FDDF37D0ED1D1731B905D73CDCEF06F9F2BE2A1D01099A915F545F8FFE9B42B66C5FF5DDF2CFCD38B50D45620A364650F12A6E9E94D398FBA738ED66C764901F475CC0DB8B328343180DC70E77BAFC3D8F5CD168A9D9985BA98DD632FB6691B178DE4C276FD5EADABB891680118D0F1234C21AE7788981A33AEEB5D357C28B87F82E4D7314C2A5C9C756541C9CA0C038CA03EB4A75324BBD8DEB5817EDBE6EC15FEEE0E94DBADB19DB0C53467935672C9E8DA879D83619277D37109F4002884B45A69693E5E5C0919BB3A11C89D0BDE5B944602222405EA03F1CB8B8C171C1BD01489E5690EFBFD69CE50A3C7D57FB83857B18B98FFC999D0CA1CA5BFE196485D03E6CD9DE2964091827CC7FBD6D4708D6E8C27BD38A40CF06F713544A1A862DC650F13148A039BE09E55765E27E70490EA8D5AB67009A5834ED6972FF8D76F57B4EEE311E2F395C12DF65FB0DB8F9DD405F0CFEDF3BF08C391E628A0230B6F0ABBB4D07EC644DBBFBD4F48F9A89756F1004873C3D9F20E3566B6B1A2E1ABB6C7152EFB099723469A3D4408D0C27106E09D483C705E50556A35691C99B108D5629A3BFF434A196868E460046B26F4D1FC9725A3470229BF840C86EE0FE1239AF1992C6F7E960CAD0E0D82839CB67318A084AE5BBD8CE513C4DE6EC95B74F8CABADCD825775C36247B07F2CBDCF45B6C3ABF0C4EFED04733309D6CFEBE37871B9A4180A84A822742CD47496C310BCECB574EBED53C0BFDE574D49F3E180EF575B1BFB8799434305FAB7CB970AF999407F262FDBC13CC1809B1F34A962FE8D1348D52780C4AA173E769E70CAC6D8C2E97BF92F7624B4631952FC07FAF93E43A1A8C869C3423BD9A9387CFB4B5B8B2D8475174CCA1AF38CC64E514F0281D65A9AEE4876EB7CDC7CA4162F
+20210526221404 2 6 100 7679 2 C32E7FEED6DD76E659C6961141AEC4C2E086F62A1B6FBB851A142301550CCFC2E424C3D4B1B518D97BB7DBA9B7E0E40408EA5CE767F9276D112391D7D777FC14537F787F3ADD0DA7A45B64E1330E8F7A0D23C5AFB283E766F2BD69FD286599C68CFF239900CB849E720800D52B4D7FDFBE94C6B920AFD4FE3BAB7C9F19193F96ADC0EDE471FCFCD27ABFF54EFD8F589FD4FD5DF45FC03F832C4B137F4AEAE448E9FEC83A8E1BE47FA202A243BE467219C94A5B28908635E9794C4A4D471E17297E5584CAC109082787C01B8C32C3B0D89006EABD02F17D8BAA792C71A3CA3563501206E70786FC09605B91365EBC2F31EAA94778BB63895FE13ECEBDD005255672ED2768ACAA24E317FC4D4204AEF9B69C0A7EE845B3C228A878D385BE603145DFA087D480A41AEDFA887F7B058BBBEE7D702D83611132FDDF37D0ED1D1731B905D73CDCEF06F9F2BE2A1D01099A915F545F8FFE9B42B66C5FF5DDF2CFCD38B50D45620A364650F12A6E9E94D398FBA738ED66C764901F475CC0DB8B328343180DC70E77BAFC3D8F5CD168A9D9985BA98DD632FB6691B178DE4C276FD5EADABB891680118D0F1234C21AE7788981A33AEEB5D357C28B87F82E4D7314C2A5C9C756541C9CA0C038CA03EB4A75324BBD8DEB5817EDBE6EC15FEEE0E94DBADB19DB0C53467935672C9E8DA879D83619277D37109F4002884B45A69693E5E5C0919BB3A11C89D0BDE5B944602222405EA03F1CB8B8C171C1BD01489E5690EFBFD69CE50A3C7D57FB83857B18B98FFC999D0CA1CA5BFE196485D03E6CD9DE2964091827CC7FBD6D4708D6E8C27BD38A40CF06F713544A1A862DC650F13148A039BE09E55765E27E70490EA8D5AB67009A5834ED6972FF8D76F57B4EEE311E2F395C12DF65FB0DB8F9DD405F0CFEDF3BF08C391E628A0230B6F0ABBB4D07EC644DBBFBD4F48F9A89756F1004873C3D9F20E3566B6B1A2E1ABB6C7152EFB099723469A3D4408D0C27106E09D483C705E50556A35691C99B108D5629A3BFF434A196868E460046B26F4D1FC9725A3470229BF840C86EE0FE1239AF1992C6F7E960CAD0E0D82839CB67318A084AE5BBD8CE513C4DE6EC95B74F8CABADCD825775C36247B07F2CBDCF45B6C3ABF0C4EFED04733309D6CFEBE37871B9A4180A84A822742CD47496C310BCECB574EBED53C0BFDE574D49F3E180EF575B1BFB8799434305FAB7CB970AF999407F262FDBC13CC1809B1F34A962FE8D1348D52780C4AA173E769E70CAC6D8C2E97BF92F7624B4631952FC07FAF93E43A1A8C869C3423BD9A9387CFB4B5B8B2D8475174CCA1AF38CC64E514F0281D65A9AEE4876EB7CDC7F1A2A03
+20210526224339 2 6 100 7679 2 C32E7FEED6DD76E659C6961141AEC4C2E086F62A1B6FBB851A142301550CCFC2E424C3D4B1B518D97BB7DBA9B7E0E40408EA5CE767F9276D112391D7D777FC14537F787F3ADD0DA7A45B64E1330E8F7A0D23C5AFB283E766F2BD69FD286599C68CFF239900CB849E720800D52B4D7FDFBE94C6B920AFD4FE3BAB7C9F19193F96ADC0EDE471FCFCD27ABFF54EFD8F589FD4FD5DF45FC03F832C4B137F4AEAE448E9FEC83A8E1BE47FA202A243BE467219C94A5B28908635E9794C4A4D471E17297E5584CAC109082787C01B8C32C3B0D89006EABD02F17D8BAA792C71A3CA3563501206E70786FC09605B91365EBC2F31EAA94778BB63895FE13ECEBDD005255672ED2768ACAA24E317FC4D4204AEF9B69C0A7EE845B3C228A878D385BE603145DFA087D480A41AEDFA887F7B058BBBEE7D702D83611132FDDF37D0ED1D1731B905D73CDCEF06F9F2BE2A1D01099A915F545F8FFE9B42B66C5FF5DDF2CFCD38B50D45620A364650F12A6E9E94D398FBA738ED66C764901F475CC0DB8B328343180DC70E77BAFC3D8F5CD168A9D9985BA98DD632FB6691B178DE4C276FD5EADABB891680118D0F1234C21AE7788981A33AEEB5D357C28B87F82E4D7314C2A5C9C756541C9CA0C038CA03EB4A75324BBD8DEB5817EDBE6EC15FEEE0E94DBADB19DB0C53467935672C9E8DA879D83619277D37109F4002884B45A69693E5E5C0919BB3A11C89D0BDE5B944602222405EA03F1CB8B8C171C1BD01489E5690EFBFD69CE50A3C7D57FB83857B18B98FFC999D0CA1CA5BFE196485D03E6CD9DE2964091827CC7FBD6D4708D6E8C27BD38A40CF06F713544A1A862DC650F13148A039BE09E55765E27E70490EA8D5AB67009A5834ED6972FF8D76F57B4EEE311E2F395C12DF65FB0DB8F9DD405F0CFEDF3BF08C391E628A0230B6F0ABBB4D07EC644DBBFBD4F48F9A89756F1004873C3D9F20E3566B6B1A2E1ABB6C7152EFB099723469A3D4408D0C27106E09D483C705E50556A35691C99B108D5629A3BFF434A196868E460046B26F4D1FC9725A3470229BF840C86EE0FE1239AF1992C6F7E960CAD0E0D82839CB67318A084AE5BBD8CE513C4DE6EC95B74F8CABADCD825775C36247B07F2CBDCF45B6C3ABF0C4EFED04733309D6CFEBE37871B9A4180A84A822742CD47496C310BCECB574EBED53C0BFDE574D49F3E180EF575B1BFB8799434305FAB7CB970AF999407F262FDBC13CC1809B1F34A962FE8D1348D52780C4AA173E769E70CAC6D8C2E97BF92F7624B4631952FC07FAF93E43A1A8C869C3423BD9A9387CFB4B5B8B2D8475174CCA1AF38CC64E514F0281D65A9AEE4876EB7CDC817DD633
+20210526232709 2 6 100 7679 2 C32E7FEED6DD76E659C6961141AEC4C2E086F62A1B6FBB851A142301550CCFC2E424C3D4B1B518D97BB7DBA9B7E0E40408EA5CE767F9276D112391D7D777FC14537F787F3ADD0DA7A45B64E1330E8F7A0D23C5AFB283E766F2BD69FD286599C68CFF239900CB849E720800D52B4D7FDFBE94C6B920AFD4FE3BAB7C9F19193F96ADC0EDE471FCFCD27ABFF54EFD8F589FD4FD5DF45FC03F832C4B137F4AEAE448E9FEC83A8E1BE47FA202A243BE467219C94A5B28908635E9794C4A4D471E17297E5584CAC109082787C01B8C32C3B0D89006EABD02F17D8BAA792C71A3CA3563501206E70786FC09605B91365EBC2F31EAA94778BB63895FE13ECEBDD005255672ED2768ACAA24E317FC4D4204AEF9B69C0A7EE845B3C228A878D385BE603145DFA087D480A41AEDFA887F7B058BBBEE7D702D83611132FDDF37D0ED1D1731B905D73CDCEF06F9F2BE2A1D01099A915F545F8FFE9B42B66C5FF5DDF2CFCD38B50D45620A364650F12A6E9E94D398FBA738ED66C764901F475CC0DB8B328343180DC70E77BAFC3D8F5CD168A9D9985BA98DD632FB6691B178DE4C276FD5EADABB891680118D0F1234C21AE7788981A33AEEB5D357C28B87F82E4D7314C2A5C9C756541C9CA0C038CA03EB4A75324BBD8DEB5817EDBE6EC15FEEE0E94DBADB19DB0C53467935672C9E8DA879D83619277D37109F4002884B45A69693E5E5C0919BB3A11C89D0BDE5B944602222405EA03F1CB8B8C171C1BD01489E5690EFBFD69CE50A3C7D57FB83857B18B98FFC999D0CA1CA5BFE196485D03E6CD9DE2964091827CC7FBD6D4708D6E8C27BD38A40CF06F713544A1A862DC650F13148A039BE09E55765E27E70490EA8D5AB67009A5834ED6972FF8D76F57B4EEE311E2F395C12DF65FB0DB8F9DD405F0CFEDF3BF08C391E628A0230B6F0ABBB4D07EC644DBBFBD4F48F9A89756F1004873C3D9F20E3566B6B1A2E1ABB6C7152EFB099723469A3D4408D0C27106E09D483C705E50556A35691C99B108D5629A3BFF434A196868E460046B26F4D1FC9725A3470229BF840C86EE0FE1239AF1992C6F7E960CAD0E0D82839CB67318A084AE5BBD8CE513C4DE6EC95B74F8CABADCD825775C36247B07F2CBDCF45B6C3ABF0C4EFED04733309D6CFEBE37871B9A4180A84A822742CD47496C310BCECB574EBED53C0BFDE574D49F3E180EF575B1BFB8799434305FAB7CB970AF999407F262FDBC13CC1809B1F34A962FE8D1348D52780C4AA173E769E70CAC6D8C2E97BF92F7624B4631952FC07FAF93E43A1A8C869C3423BD9A9387CFB4B5B8B2D8475174CCA1AF38CC64E514F0281D65A9AEE4876EB7CDC850A6253
+20210526233209 2 6 100 7679 5 C32E7FEED6DD76E659C6961141AEC4C2E086F62A1B6FBB851A142301550CCFC2E424C3D4B1B518D97BB7DBA9B7E0E40408EA5CE767F9276D112391D7D777FC14537F787F3ADD0DA7A45B64E1330E8F7A0D23C5AFB283E766F2BD69FD286599C68CFF239900CB849E720800D52B4D7FDFBE94C6B920AFD4FE3BAB7C9F19193F96ADC0EDE471FCFCD27ABFF54EFD8F589FD4FD5DF45FC03F832C4B137F4AEAE448E9FEC83A8E1BE47FA202A243BE467219C94A5B28908635E9794C4A4D471E17297E5584CAC109082787C01B8C32C3B0D89006EABD02F17D8BAA792C71A3CA3563501206E70786FC09605B91365EBC2F31EAA94778BB63895FE13ECEBDD005255672ED2768ACAA24E317FC4D4204AEF9B69C0A7EE845B3C228A878D385BE603145DFA087D480A41AEDFA887F7B058BBBEE7D702D83611132FDDF37D0ED1D1731B905D73CDCEF06F9F2BE2A1D01099A915F545F8FFE9B42B66C5FF5DDF2CFCD38B50D45620A364650F12A6E9E94D398FBA738ED66C764901F475CC0DB8B328343180DC70E77BAFC3D8F5CD168A9D9985BA98DD632FB6691B178DE4C276FD5EADABB891680118D0F1234C21AE7788981A33AEEB5D357C28B87F82E4D7314C2A5C9C756541C9CA0C038CA03EB4A75324BBD8DEB5817EDBE6EC15FEEE0E94DBADB19DB0C53467935672C9E8DA879D83619277D37109F4002884B45A69693E5E5C0919BB3A11C89D0BDE5B944602222405EA03F1CB8B8C171C1BD01489E5690EFBFD69CE50A3C7D57FB83857B18B98FFC999D0CA1CA5BFE196485D03E6CD9DE2964091827CC7FBD6D4708D6E8C27BD38A40CF06F713544A1A862DC650F13148A039BE09E55765E27E70490EA8D5AB67009A5834ED6972FF8D76F57B4EEE311E2F395C12DF65FB0DB8F9DD405F0CFEDF3BF08C391E628A0230B6F0ABBB4D07EC644DBBFBD4F48F9A89756F1004873C3D9F20E3566B6B1A2E1ABB6C7152EFB099723469A3D4408D0C27106E09D483C705E50556A35691C99B108D5629A3BFF434A196868E460046B26F4D1FC9725A3470229BF840C86EE0FE1239AF1992C6F7E960CAD0E0D82839CB67318A084AE5BBD8CE513C4DE6EC95B74F8CABADCD825775C36247B07F2CBDCF45B6C3ABF0C4EFED04733309D6CFEBE37871B9A4180A84A822742CD47496C310BCECB574EBED53C0BFDE574D49F3E180EF575B1BFB8799434305FAB7CB970AF999407F262FDBC13CC1809B1F34A962FE8D1348D52780C4AA173E769E70CAC6D8C2E97BF92F7624B4631952FC07FAF93E43A1A8C869C3423BD9A9387CFB4B5B8B2D8475174CCA1AF38CC64E514F0281D65A9AEE4876EB7CDC8568303F
+20210527003359 2 6 100 7679 2 C32E7FEED6DD76E659C6961141AEC4C2E086F62A1B6FBB851A142301550CCFC2E424C3D4B1B518D97BB7DBA9B7E0E40408EA5CE767F9276D112391D7D777FC14537F787F3ADD0DA7A45B64E1330E8F7A0D23C5AFB283E766F2BD69FD286599C68CFF239900CB849E720800D52B4D7FDFBE94C6B920AFD4FE3BAB7C9F19193F96ADC0EDE471FCFCD27ABFF54EFD8F589FD4FD5DF45FC03F832C4B137F4AEAE448E9FEC83A8E1BE47FA202A243BE467219C94A5B28908635E9794C4A4D471E17297E5584CAC109082787C01B8C32C3B0D89006EABD02F17D8BAA792C71A3CA3563501206E70786FC09605B91365EBC2F31EAA94778BB63895FE13ECEBDD005255672ED2768ACAA24E317FC4D4204AEF9B69C0A7EE845B3C228A878D385BE603145DFA087D480A41AEDFA887F7B058BBBEE7D702D83611132FDDF37D0ED1D1731B905D73CDCEF06F9F2BE2A1D01099A915F545F8FFE9B42B66C5FF5DDF2CFCD38B50D45620A364650F12A6E9E94D398FBA738ED66C764901F475CC0DB8B328343180DC70E77BAFC3D8F5CD168A9D9985BA98DD632FB6691B178DE4C276FD5EADABB891680118D0F1234C21AE7788981A33AEEB5D357C28B87F82E4D7314C2A5C9C756541C9CA0C038CA03EB4A75324BBD8DEB5817EDBE6EC15FEEE0E94DBADB19DB0C53467935672C9E8DA879D83619277D37109F4002884B45A69693E5E5C0919BB3A11C89D0BDE5B944602222405EA03F1CB8B8C171C1BD01489E5690EFBFD69CE50A3C7D57FB83857B18B98FFC999D0CA1CA5BFE196485D03E6CD9DE2964091827CC7FBD6D4708D6E8C27BD38A40CF06F713544A1A862DC650F13148A039BE09E55765E27E70490EA8D5AB67009A5834ED6972FF8D76F57B4EEE311E2F395C12DF65FB0DB8F9DD405F0CFEDF3BF08C391E628A0230B6F0ABBB4D07EC644DBBFBD4F48F9A89756F1004873C3D9F20E3566B6B1A2E1ABB6C7152EFB099723469A3D4408D0C27106E09D483C705E50556A35691C99B108D5629A3BFF434A196868E460046B26F4D1FC9725A3470229BF840C86EE0FE1239AF1992C6F7E960CAD0E0D82839CB67318A084AE5BBD8CE513C4DE6EC95B74F8CABADCD825775C36247B07F2CBDCF45B6C3ABF0C4EFED04733309D6CFEBE37871B9A4180A84A822742CD47496C310BCECB574EBED53C0BFDE574D49F3E180EF575B1BFB8799434305FAB7CB970AF999407F262FDBC13CC1809B1F34A962FE8D1348D52780C4AA173E769E70CAC6D8C2E97BF92F7624B4631952FC07FAF93E43A1A8C869C3423BD9A9387CFB4B5B8B2D8475174CCA1AF38CC64E514F0281D65A9AEE4876EB7CDC8A7766A3
+20210527004505 2 6 100 7679 2 C32E7FEED6DD76E659C6961141AEC4C2E086F62A1B6FBB851A142301550CCFC2E424C3D4B1B518D97BB7DBA9B7E0E40408EA5CE767F9276D112391D7D777FC14537F787F3ADD0DA7A45B64E1330E8F7A0D23C5AFB283E766F2BD69FD286599C68CFF239900CB849E720800D52B4D7FDFBE94C6B920AFD4FE3BAB7C9F19193F96ADC0EDE471FCFCD27ABFF54EFD8F589FD4FD5DF45FC03F832C4B137F4AEAE448E9FEC83A8E1BE47FA202A243BE467219C94A5B28908635E9794C4A4D471E17297E5584CAC109082787C01B8C32C3B0D89006EABD02F17D8BAA792C71A3CA3563501206E70786FC09605B91365EBC2F31EAA94778BB63895FE13ECEBDD005255672ED2768ACAA24E317FC4D4204AEF9B69C0A7EE845B3C228A878D385BE603145DFA087D480A41AEDFA887F7B058BBBEE7D702D83611132FDDF37D0ED1D1731B905D73CDCEF06F9F2BE2A1D01099A915F545F8FFE9B42B66C5FF5DDF2CFCD38B50D45620A364650F12A6E9E94D398FBA738ED66C764901F475CC0DB8B328343180DC70E77BAFC3D8F5CD168A9D9985BA98DD632FB6691B178DE4C276FD5EADABB891680118D0F1234C21AE7788981A33AEEB5D357C28B87F82E4D7314C2A5C9C756541C9CA0C038CA03EB4A75324BBD8DEB5817EDBE6EC15FEEE0E94DBADB19DB0C53467935672C9E8DA879D83619277D37109F4002884B45A69693E5E5C0919BB3A11C89D0BDE5B944602222405EA03F1CB8B8C171C1BD01489E5690EFBFD69CE50A3C7D57FB83857B18B98FFC999D0CA1CA5BFE196485D03E6CD9DE2964091827CC7FBD6D4708D6E8C27BD38A40CF06F713544A1A862DC650F13148A039BE09E55765E27E70490EA8D5AB67009A5834ED6972FF8D76F57B4EEE311E2F395C12DF65FB0DB8F9DD405F0CFEDF3BF08C391E628A0230B6F0ABBB4D07EC644DBBFBD4F48F9A89756F1004873C3D9F20E3566B6B1A2E1ABB6C7152EFB099723469A3D4408D0C27106E09D483C705E50556A35691C99B108D5629A3BFF434A196868E460046B26F4D1FC9725A3470229BF840C86EE0FE1239AF1992C6F7E960CAD0E0D82839CB67318A084AE5BBD8CE513C4DE6EC95B74F8CABADCD825775C36247B07F2CBDCF45B6C3ABF0C4EFED04733309D6CFEBE37871B9A4180A84A822742CD47496C310BCECB574EBED53C0BFDE574D49F3E180EF575B1BFB8799434305FAB7CB970AF999407F262FDBC13CC1809B1F34A962FE8D1348D52780C4AA173E769E70CAC6D8C2E97BF92F7624B4631952FC07FAF93E43A1A8C869C3423BD9A9387CFB4B5B8B2D8475174CCA1AF38CC64E514F0281D65A9AEE4876EB7CDC8B60FE03
+20210527005150 2 6 100 7679 5 C32E7FEED6DD76E659C6961141AEC4C2E086F62A1B6FBB851A142301550CCFC2E424C3D4B1B518D97BB7DBA9B7E0E40408EA5CE767F9276D112391D7D777FC14537F787F3ADD0DA7A45B64E1330E8F7A0D23C5AFB283E766F2BD69FD286599C68CFF239900CB849E720800D52B4D7FDFBE94C6B920AFD4FE3BAB7C9F19193F96ADC0EDE471FCFCD27ABFF54EFD8F589FD4FD5DF45FC03F832C4B137F4AEAE448E9FEC83A8E1BE47FA202A243BE467219C94A5B28908635E9794C4A4D471E17297E5584CAC109082787C01B8C32C3B0D89006EABD02F17D8BAA792C71A3CA3563501206E70786FC09605B91365EBC2F31EAA94778BB63895FE13ECEBDD005255672ED2768ACAA24E317FC4D4204AEF9B69C0A7EE845B3C228A878D385BE603145DFA087D480A41AEDFA887F7B058BBBEE7D702D83611132FDDF37D0ED1D1731B905D73CDCEF06F9F2BE2A1D01099A915F545F8FFE9B42B66C5FF5DDF2CFCD38B50D45620A364650F12A6E9E94D398FBA738ED66C764901F475CC0DB8B328343180DC70E77BAFC3D8F5CD168A9D9985BA98DD632FB6691B178DE4C276FD5EADABB891680118D0F1234C21AE7788981A33AEEB5D357C28B87F82E4D7314C2A5C9C756541C9CA0C038CA03EB4A75324BBD8DEB5817EDBE6EC15FEEE0E94DBADB19DB0C53467935672C9E8DA879D83619277D37109F4002884B45A69693E5E5C0919BB3A11C89D0BDE5B944602222405EA03F1CB8B8C171C1BD01489E5690EFBFD69CE50A3C7D57FB83857B18B98FFC999D0CA1CA5BFE196485D03E6CD9DE2964091827CC7FBD6D4708D6E8C27BD38A40CF06F713544A1A862DC650F13148A039BE09E55765E27E70490EA8D5AB67009A5834ED6972FF8D76F57B4EEE311E2F395C12DF65FB0DB8F9DD405F0CFEDF3BF08C391E628A0230B6F0ABBB4D07EC644DBBFBD4F48F9A89756F1004873C3D9F20E3566B6B1A2E1ABB6C7152EFB099723469A3D4408D0C27106E09D483C705E50556A35691C99B108D5629A3BFF434A196868E460046B26F4D1FC9725A3470229BF840C86EE0FE1239AF1992C6F7E960CAD0E0D82839CB67318A084AE5BBD8CE513C4DE6EC95B74F8CABADCD825775C36247B07F2CBDCF45B6C3ABF0C4EFED04733309D6CFEBE37871B9A4180A84A822742CD47496C310BCECB574EBED53C0BFDE574D49F3E180EF575B1BFB8799434305FAB7CB970AF999407F262FDBC13CC1809B1F34A962FE8D1348D52780C4AA173E769E70CAC6D8C2E97BF92F7624B4631952FC07FAF93E43A1A8C869C3423BD9A9387CFB4B5B8B2D8475174CCA1AF38CC64E514F0281D65A9AEE4876EB7CDC8BE3BDCF
+20210527010445 2 6 100 7679 2 C32E7FEED6DD76E659C6961141AEC4C2E086F62A1B6FBB851A142301550CCFC2E424C3D4B1B518D97BB7DBA9B7E0E40408EA5CE767F9276D112391D7D777FC14537F787F3ADD0DA7A45B64E1330E8F7A0D23C5AFB283E766F2BD69FD286599C68CFF239900CB849E720800D52B4D7FDFBE94C6B920AFD4FE3BAB7C9F19193F96ADC0EDE471FCFCD27ABFF54EFD8F589FD4FD5DF45FC03F832C4B137F4AEAE448E9FEC83A8E1BE47FA202A243BE467219C94A5B28908635E9794C4A4D471E17297E5584CAC109082787C01B8C32C3B0D89006EABD02F17D8BAA792C71A3CA3563501206E70786FC09605B91365EBC2F31EAA94778BB63895FE13ECEBDD005255672ED2768ACAA24E317FC4D4204AEF9B69C0A7EE845B3C228A878D385BE603145DFA087D480A41AEDFA887F7B058BBBEE7D702D83611132FDDF37D0ED1D1731B905D73CDCEF06F9F2BE2A1D01099A915F545F8FFE9B42B66C5FF5DDF2CFCD38B50D45620A364650F12A6E9E94D398FBA738ED66C764901F475CC0DB8B328343180DC70E77BAFC3D8F5CD168A9D9985BA98DD632FB6691B178DE4C276FD5EADABB891680118D0F1234C21AE7788981A33AEEB5D357C28B87F82E4D7314C2A5C9C756541C9CA0C038CA03EB4A75324BBD8DEB5817EDBE6EC15FEEE0E94DBADB19DB0C53467935672C9E8DA879D83619277D37109F4002884B45A69693E5E5C0919BB3A11C89D0BDE5B944602222405EA03F1CB8B8C171C1BD01489E5690EFBFD69CE50A3C7D57FB83857B18B98FFC999D0CA1CA5BFE196485D03E6CD9DE2964091827CC7FBD6D4708D6E8C27BD38A40CF06F713544A1A862DC650F13148A039BE09E55765E27E70490EA8D5AB67009A5834ED6972FF8D76F57B4EEE311E2F395C12DF65FB0DB8F9DD405F0CFEDF3BF08C391E628A0230B6F0ABBB4D07EC644DBBFBD4F48F9A89756F1004873C3D9F20E3566B6B1A2E1ABB6C7152EFB099723469A3D4408D0C27106E09D483C705E50556A35691C99B108D5629A3BFF434A196868E460046B26F4D1FC9725A3470229BF840C86EE0FE1239AF1992C6F7E960CAD0E0D82839CB67318A084AE5BBD8CE513C4DE6EC95B74F8CABADCD825775C36247B07F2CBDCF45B6C3ABF0C4EFED04733309D6CFEBE37871B9A4180A84A822742CD47496C310BCECB574EBED53C0BFDE574D49F3E180EF575B1BFB8799434305FAB7CB970AF999407F262FDBC13CC1809B1F34A962FE8D1348D52780C4AA173E769E70CAC6D8C2E97BF92F7624B4631952FC07FAF93E43A1A8C869C3423BD9A9387CFB4B5B8B2D8475174CCA1AF38CC64E514F0281D65A9AEE4876EB7CDC8CE83F03
+20210527012302 2 6 100 7679 2 C32E7FEED6DD76E659C6961141AEC4C2E086F62A1B6FBB851A142301550CCFC2E424C3D4B1B518D97BB7DBA9B7E0E40408EA5CE767F9276D112391D7D777FC14537F787F3ADD0DA7A45B64E1330E8F7A0D23C5AFB283E766F2BD69FD286599C68CFF239900CB849E720800D52B4D7FDFBE94C6B920AFD4FE3BAB7C9F19193F96ADC0EDE471FCFCD27ABFF54EFD8F589FD4FD5DF45FC03F832C4B137F4AEAE448E9FEC83A8E1BE47FA202A243BE467219C94A5B28908635E9794C4A4D471E17297E5584CAC109082787C01B8C32C3B0D89006EABD02F17D8BAA792C71A3CA3563501206E70786FC09605B91365EBC2F31EAA94778BB63895FE13ECEBDD005255672ED2768ACAA24E317FC4D4204AEF9B69C0A7EE845B3C228A878D385BE603145DFA087D480A41AEDFA887F7B058BBBEE7D702D83611132FDDF37D0ED1D1731B905D73CDCEF06F9F2BE2A1D01099A915F545F8FFE9B42B66C5FF5DDF2CFCD38B50D45620A364650F12A6E9E94D398FBA738ED66C764901F475CC0DB8B328343180DC70E77BAFC3D8F5CD168A9D9985BA98DD632FB6691B178DE4C276FD5EADABB891680118D0F1234C21AE7788981A33AEEB5D357C28B87F82E4D7314C2A5C9C756541C9CA0C038CA03EB4A75324BBD8DEB5817EDBE6EC15FEEE0E94DBADB19DB0C53467935672C9E8DA879D83619277D37109F4002884B45A69693E5E5C0919BB3A11C89D0BDE5B944602222405EA03F1CB8B8C171C1BD01489E5690EFBFD69CE50A3C7D57FB83857B18B98FFC999D0CA1CA5BFE196485D03E6CD9DE2964091827CC7FBD6D4708D6E8C27BD38A40CF06F713544A1A862DC650F13148A039BE09E55765E27E70490EA8D5AB67009A5834ED6972FF8D76F57B4EEE311E2F395C12DF65FB0DB8F9DD405F0CFEDF3BF08C391E628A0230B6F0ABBB4D07EC644DBBFBD4F48F9A89756F1004873C3D9F20E3566B6B1A2E1ABB6C7152EFB099723469A3D4408D0C27106E09D483C705E50556A35691C99B108D5629A3BFF434A196868E460046B26F4D1FC9725A3470229BF840C86EE0FE1239AF1992C6F7E960CAD0E0D82839CB67318A084AE5BBD8CE513C4DE6EC95B74F8CABADCD825775C36247B07F2CBDCF45B6C3ABF0C4EFED04733309D6CFEBE37871B9A4180A84A822742CD47496C310BCECB574EBED53C0BFDE574D49F3E180EF575B1BFB8799434305FAB7CB970AF999407F262FDBC13CC1809B1F34A962FE8D1348D52780C4AA173E769E70CAC6D8C2E97BF92F7624B4631952FC07FAF93E43A1A8C869C3423BD9A9387CFB4B5B8B2D8475174CCA1AF38CC64E514F0281D65A9AEE4876EB7CDC8E564BAB
+20210527031004 2 6 100 7679 2 C32E7FEED6DD76E659C6961141AEC4C2E086F62A1B6FBB851A142301550CCFC2E424C3D4B1B518D97BB7DBA9B7E0E40408EA5CE767F9276D112391D7D777FC14537F787F3ADD0DA7A45B64E1330E8F7A0D23C5AFB283E766F2BD69FD286599C68CFF239900CB849E720800D52B4D7FDFBE94C6B920AFD4FE3BAB7C9F19193F96ADC0EDE471FCFCD27ABFF54EFD8F589FD4FD5DF45FC03F832C4B137F4AEAE448E9FEC83A8E1BE47FA202A243BE467219C94A5B28908635E9794C4A4D471E17297E5584CAC109082787C01B8C32C3B0D89006EABD02F17D8BAA792C71A3CA3563501206E70786FC09605B91365EBC2F31EAA94778BB63895FE13ECEBDD005255672ED2768ACAA24E317FC4D4204AEF9B69C0A7EE845B3C228A878D385BE603145DFA087D480A41AEDFA887F7B058BBBEE7D702D83611132FDDF37D0ED1D1731B905D73CDCEF06F9F2BE2A1D01099A915F545F8FFE9B42B66C5FF5DDF2CFCD38B50D45620A364650F12A6E9E94D398FBA738ED66C764901F475CC0DB8B328343180DC70E77BAFC3D8F5CD168A9D9985BA98DD632FB6691B178DE4C276FD5EADABB891680118D0F1234C21AE7788981A33AEEB5D357C28B87F82E4D7314C2A5C9C756541C9CA0C038CA03EB4A75324BBD8DEB5817EDBE6EC15FEEE0E94DBADB19DB0C53467935672C9E8DA879D83619277D37109F4002884B45A69693E5E5C0919BB3A11C89D0BDE5B944602222405EA03F1CB8B8C171C1BD01489E5690EFBFD69CE50A3C7D57FB83857B18B98FFC999D0CA1CA5BFE196485D03E6CD9DE2964091827CC7FBD6D4708D6E8C27BD38A40CF06F713544A1A862DC650F13148A039BE09E55765E27E70490EA8D5AB67009A5834ED6972FF8D76F57B4EEE311E2F395C12DF65FB0DB8F9DD405F0CFEDF3BF08C391E628A0230B6F0ABBB4D07EC644DBBFBD4F48F9A89756F1004873C3D9F20E3566B6B1A2E1ABB6C7152EFB099723469A3D4408D0C27106E09D483C705E50556A35691C99B108D5629A3BFF434A196868E460046B26F4D1FC9725A3470229BF840C86EE0FE1239AF1992C6F7E960CAD0E0D82839CB67318A084AE5BBD8CE513C4DE6EC95B74F8CABADCD825775C36247B07F2CBDCF45B6C3ABF0C4EFED04733309D6CFEBE37871B9A4180A84A822742CD47496C310BCECB574EBED53C0BFDE574D49F3E180EF575B1BFB8799434305FAB7CB970AF999407F262FDBC13CC1809B1F34A962FE8D1348D52780C4AA173E769E70CAC6D8C2E97BF92F7624B4631952FC07FAF93E43A1A8C869C3423BD9A9387CFB4B5B8B2D8475174CCA1AF38CC64E514F0281D65A9AEE4876EB7CDC96F6A7D3
+20210527042035 2 6 100 7679 2 C32E7FEED6DD76E659C6961141AEC4C2E086F62A1B6FBB851A142301550CCFC2E424C3D4B1B518D97BB7DBA9B7E0E40408EA5CE767F9276D112391D7D777FC14537F787F3ADD0DA7A45B64E1330E8F7A0D23C5AFB283E766F2BD69FD286599C68CFF239900CB849E720800D52B4D7FDFBE94C6B920AFD4FE3BAB7C9F19193F96ADC0EDE471FCFCD27ABFF54EFD8F589FD4FD5DF45FC03F832C4B137F4AEAE448E9FEC83A8E1BE47FA202A243BE467219C94A5B28908635E9794C4A4D471E17297E5584CAC109082787C01B8C32C3B0D89006EABD02F17D8BAA792C71A3CA3563501206E70786FC09605B91365EBC2F31EAA94778BB63895FE13ECEBDD005255672ED2768ACAA24E317FC4D4204AEF9B69C0A7EE845B3C228A878D385BE603145DFA087D480A41AEDFA887F7B058BBBEE7D702D83611132FDDF37D0ED1D1731B905D73CDCEF06F9F2BE2A1D01099A915F545F8FFE9B42B66C5FF5DDF2CFCD38B50D45620A364650F12A6E9E94D398FBA738ED66C764901F475CC0DB8B328343180DC70E77BAFC3D8F5CD168A9D9985BA98DD632FB6691B178DE4C276FD5EADABB891680118D0F1234C21AE7788981A33AEEB5D357C28B87F82E4D7314C2A5C9C756541C9CA0C038CA03EB4A75324BBD8DEB5817EDBE6EC15FEEE0E94DBADB19DB0C53467935672C9E8DA879D83619277D37109F4002884B45A69693E5E5C0919BB3A11C89D0BDE5B944602222405EA03F1CB8B8C171C1BD01489E5690EFBFD69CE50A3C7D57FB83857B18B98FFC999D0CA1CA5BFE196485D03E6CD9DE2964091827CC7FBD6D4708D6E8C27BD38A40CF06F713544A1A862DC650F13148A039BE09E55765E27E70490EA8D5AB67009A5834ED6972FF8D76F57B4EEE311E2F395C12DF65FB0DB8F9DD405F0CFEDF3BF08C391E628A0230B6F0ABBB4D07EC644DBBFBD4F48F9A89756F1004873C3D9F20E3566B6B1A2E1ABB6C7152EFB099723469A3D4408D0C27106E09D483C705E50556A35691C99B108D5629A3BFF434A196868E460046B26F4D1FC9725A3470229BF840C86EE0FE1239AF1992C6F7E960CAD0E0D82839CB67318A084AE5BBD8CE513C4DE6EC95B74F8CABADCD825775C36247B07F2CBDCF45B6C3ABF0C4EFED04733309D6CFEBE37871B9A4180A84A822742CD47496C310BCECB574EBED53C0BFDE574D49F3E180EF575B1BFB8799434305FAB7CB970AF999407F262FDBC13CC1809B1F34A962FE8D1348D52780C4AA173E769E70CAC6D8C2E97BF92F7624B4631952FC07FAF93E43A1A8C869C3423BD9A9387CFB4B5B8B2D8475174CCA1AF38CC64E514F0281D65A9AEE4876EB7CDC9C9071D3
+20210527051239 2 6 100 7679 5 C32E7FEED6DD76E659C6961141AEC4C2E086F62A1B6FBB851A142301550CCFC2E424C3D4B1B518D97BB7DBA9B7E0E40408EA5CE767F9276D112391D7D777FC14537F787F3ADD0DA7A45B64E1330E8F7A0D23C5AFB283E766F2BD69FD286599C68CFF239900CB849E720800D52B4D7FDFBE94C6B920AFD4FE3BAB7C9F19193F96ADC0EDE471FCFCD27ABFF54EFD8F589FD4FD5DF45FC03F832C4B137F4AEAE448E9FEC83A8E1BE47FA202A243BE467219C94A5B28908635E9794C4A4D471E17297E5584CAC109082787C01B8C32C3B0D89006EABD02F17D8BAA792C71A3CA3563501206E70786FC09605B91365EBC2F31EAA94778BB63895FE13ECEBDD005255672ED2768ACAA24E317FC4D4204AEF9B69C0A7EE845B3C228A878D385BE603145DFA087D480A41AEDFA887F7B058BBBEE7D702D83611132FDDF37D0ED1D1731B905D73CDCEF06F9F2BE2A1D01099A915F545F8FFE9B42B66C5FF5DDF2CFCD38B50D45620A364650F12A6E9E94D398FBA738ED66C764901F475CC0DB8B328343180DC70E77BAFC3D8F5CD168A9D9985BA98DD632FB6691B178DE4C276FD5EADABB891680118D0F1234C21AE7788981A33AEEB5D357C28B87F82E4D7314C2A5C9C756541C9CA0C038CA03EB4A75324BBD8DEB5817EDBE6EC15FEEE0E94DBADB19DB0C53467935672C9E8DA879D83619277D37109F4002884B45A69693E5E5C0919BB3A11C89D0BDE5B944602222405EA03F1CB8B8C171C1BD01489E5690EFBFD69CE50A3C7D57FB83857B18B98FFC999D0CA1CA5BFE196485D03E6CD9DE2964091827CC7FBD6D4708D6E8C27BD38A40CF06F713544A1A862DC650F13148A039BE09E55765E27E70490EA8D5AB67009A5834ED6972FF8D76F57B4EEE311E2F395C12DF65FB0DB8F9DD405F0CFEDF3BF08C391E628A0230B6F0ABBB4D07EC644DBBFBD4F48F9A89756F1004873C3D9F20E3566B6B1A2E1ABB6C7152EFB099723469A3D4408D0C27106E09D483C705E50556A35691C99B108D5629A3BFF434A196868E460046B26F4D1FC9725A3470229BF840C86EE0FE1239AF1992C6F7E960CAD0E0D82839CB67318A084AE5BBD8CE513C4DE6EC95B74F8CABADCD825775C36247B07F2CBDCF45B6C3ABF0C4EFED04733309D6CFEBE37871B9A4180A84A822742CD47496C310BCECB574EBED53C0BFDE574D49F3E180EF575B1BFB8799434305FAB7CB970AF999407F262FDBC13CC1809B1F34A962FE8D1348D52780C4AA173E769E70CAC6D8C2E97BF92F7624B4631952FC07FAF93E43A1A8C869C3423BD9A9387CFB4B5B8B2D8475174CCA1AF38CC64E514F0281D65A9AEE4876EB7CDCA0A5F80F
+20210527054907 2 6 100 7679 2 C32E7FEED6DD76E659C6961141AEC4C2E086F62A1B6FBB851A142301550CCFC2E424C3D4B1B518D97BB7DBA9B7E0E40408EA5CE767F9276D112391D7D777FC14537F787F3ADD0DA7A45B64E1330E8F7A0D23C5AFB283E766F2BD69FD286599C68CFF239900CB849E720800D52B4D7FDFBE94C6B920AFD4FE3BAB7C9F19193F96ADC0EDE471FCFCD27ABFF54EFD8F589FD4FD5DF45FC03F832C4B137F4AEAE448E9FEC83A8E1BE47FA202A243BE467219C94A5B28908635E9794C4A4D471E17297E5584CAC109082787C01B8C32C3B0D89006EABD02F17D8BAA792C71A3CA3563501206E70786FC09605B91365EBC2F31EAA94778BB63895FE13ECEBDD005255672ED2768ACAA24E317FC4D4204AEF9B69C0A7EE845B3C228A878D385BE603145DFA087D480A41AEDFA887F7B058BBBEE7D702D83611132FDDF37D0ED1D1731B905D73CDCEF06F9F2BE2A1D01099A915F545F8FFE9B42B66C5FF5DDF2CFCD38B50D45620A364650F12A6E9E94D398FBA738ED66C764901F475CC0DB8B328343180DC70E77BAFC3D8F5CD168A9D9985BA98DD632FB6691B178DE4C276FD5EADABB891680118D0F1234C21AE7788981A33AEEB5D357C28B87F82E4D7314C2A5C9C756541C9CA0C038CA03EB4A75324BBD8DEB5817EDBE6EC15FEEE0E94DBADB19DB0C53467935672C9E8DA879D83619277D37109F4002884B45A69693E5E5C0919BB3A11C89D0BDE5B944602222405EA03F1CB8B8C171C1BD01489E5690EFBFD69CE50A3C7D57FB83857B18B98FFC999D0CA1CA5BFE196485D03E6CD9DE2964091827CC7FBD6D4708D6E8C27BD38A40CF06F713544A1A862DC650F13148A039BE09E55765E27E70490EA8D5AB67009A5834ED6972FF8D76F57B4EEE311E2F395C12DF65FB0DB8F9DD405F0CFEDF3BF08C391E628A0230B6F0ABBB4D07EC644DBBFBD4F48F9A89756F1004873C3D9F20E3566B6B1A2E1ABB6C7152EFB099723469A3D4408D0C27106E09D483C705E50556A35691C99B108D5629A3BFF434A196868E460046B26F4D1FC9725A3470229BF840C86EE0FE1239AF1992C6F7E960CAD0E0D82839CB67318A084AE5BBD8CE513C4DE6EC95B74F8CABADCD825775C36247B07F2CBDCF45B6C3ABF0C4EFED04733309D6CFEBE37871B9A4180A84A822742CD47496C310BCECB574EBED53C0BFDE574D49F3E180EF575B1BFB8799434305FAB7CB970AF999407F262FDBC13CC1809B1F34A962FE8D1348D52780C4AA173E769E70CAC6D8C2E97BF92F7624B4631952FC07FAF93E43A1A8C869C3423BD9A9387CFB4B5B8B2D8475174CCA1AF38CC64E514F0281D65A9AEE4876EB7CDCA382DD3B
+20210527055430 2 6 100 7679 2 C32E7FEED6DD76E659C6961141AEC4C2E086F62A1B6FBB851A142301550CCFC2E424C3D4B1B518D97BB7DBA9B7E0E40408EA5CE767F9276D112391D7D777FC14537F787F3ADD0DA7A45B64E1330E8F7A0D23C5AFB283E766F2BD69FD286599C68CFF239900CB849E720800D52B4D7FDFBE94C6B920AFD4FE3BAB7C9F19193F96ADC0EDE471FCFCD27ABFF54EFD8F589FD4FD5DF45FC03F832C4B137F4AEAE448E9FEC83A8E1BE47FA202A243BE467219C94A5B28908635E9794C4A4D471E17297E5584CAC109082787C01B8C32C3B0D89006EABD02F17D8BAA792C71A3CA3563501206E70786FC09605B91365EBC2F31EAA94778BB63895FE13ECEBDD005255672ED2768ACAA24E317FC4D4204AEF9B69C0A7EE845B3C228A878D385BE603145DFA087D480A41AEDFA887F7B058BBBEE7D702D83611132FDDF37D0ED1D1731B905D73CDCEF06F9F2BE2A1D01099A915F545F8FFE9B42B66C5FF5DDF2CFCD38B50D45620A364650F12A6E9E94D398FBA738ED66C764901F475CC0DB8B328343180DC70E77BAFC3D8F5CD168A9D9985BA98DD632FB6691B178DE4C276FD5EADABB891680118D0F1234C21AE7788981A33AEEB5D357C28B87F82E4D7314C2A5C9C756541C9CA0C038CA03EB4A75324BBD8DEB5817EDBE6EC15FEEE0E94DBADB19DB0C53467935672C9E8DA879D83619277D37109F4002884B45A69693E5E5C0919BB3A11C89D0BDE5B944602222405EA03F1CB8B8C171C1BD01489E5690EFBFD69CE50A3C7D57FB83857B18B98FFC999D0CA1CA5BFE196485D03E6CD9DE2964091827CC7FBD6D4708D6E8C27BD38A40CF06F713544A1A862DC650F13148A039BE09E55765E27E70490EA8D5AB67009A5834ED6972FF8D76F57B4EEE311E2F395C12DF65FB0DB8F9DD405F0CFEDF3BF08C391E628A0230B6F0ABBB4D07EC644DBBFBD4F48F9A89756F1004873C3D9F20E3566B6B1A2E1ABB6C7152EFB099723469A3D4408D0C27106E09D483C705E50556A35691C99B108D5629A3BFF434A196868E460046B26F4D1FC9725A3470229BF840C86EE0FE1239AF1992C6F7E960CAD0E0D82839CB67318A084AE5BBD8CE513C4DE6EC95B74F8CABADCD825775C36247B07F2CBDCF45B6C3ABF0C4EFED04733309D6CFEBE37871B9A4180A84A822742CD47496C310BCECB574EBED53C0BFDE574D49F3E180EF575B1BFB8799434305FAB7CB970AF999407F262FDBC13CC1809B1F34A962FE8D1348D52780C4AA173E769E70CAC6D8C2E97BF92F7624B4631952FC07FAF93E43A1A8C869C3423BD9A9387CFB4B5B8B2D8475174CCA1AF38CC64E514F0281D65A9AEE4876EB7CDCA3E850B3
+20210527063343 2 6 100 7679 2 C32E7FEED6DD76E659C6961141AEC4C2E086F62A1B6FBB851A142301550CCFC2E424C3D4B1B518D97BB7DBA9B7E0E40408EA5CE767F9276D112391D7D777FC14537F787F3ADD0DA7A45B64E1330E8F7A0D23C5AFB283E766F2BD69FD286599C68CFF239900CB849E720800D52B4D7FDFBE94C6B920AFD4FE3BAB7C9F19193F96ADC0EDE471FCFCD27ABFF54EFD8F589FD4FD5DF45FC03F832C4B137F4AEAE448E9FEC83A8E1BE47FA202A243BE467219C94A5B28908635E9794C4A4D471E17297E5584CAC109082787C01B8C32C3B0D89006EABD02F17D8BAA792C71A3CA3563501206E70786FC09605B91365EBC2F31EAA94778BB63895FE13ECEBDD005255672ED2768ACAA24E317FC4D4204AEF9B69C0A7EE845B3C228A878D385BE603145DFA087D480A41AEDFA887F7B058BBBEE7D702D83611132FDDF37D0ED1D1731B905D73CDCEF06F9F2BE2A1D01099A915F545F8FFE9B42B66C5FF5DDF2CFCD38B50D45620A364650F12A6E9E94D398FBA738ED66C764901F475CC0DB8B328343180DC70E77BAFC3D8F5CD168A9D9985BA98DD632FB6691B178DE4C276FD5EADABB891680118D0F1234C21AE7788981A33AEEB5D357C28B87F82E4D7314C2A5C9C756541C9CA0C038CA03EB4A75324BBD8DEB5817EDBE6EC15FEEE0E94DBADB19DB0C53467935672C9E8DA879D83619277D37109F4002884B45A69693E5E5C0919BB3A11C89D0BDE5B944602222405EA03F1CB8B8C171C1BD01489E5690EFBFD69CE50A3C7D57FB83857B18B98FFC999D0CA1CA5BFE196485D03E6CD9DE2964091827CC7FBD6D4708D6E8C27BD38A40CF06F713544A1A862DC650F13148A039BE09E55765E27E70490EA8D5AB67009A5834ED6972FF8D76F57B4EEE311E2F395C12DF65FB0DB8F9DD405F0CFEDF3BF08C391E628A0230B6F0ABBB4D07EC644DBBFBD4F48F9A89756F1004873C3D9F20E3566B6B1A2E1ABB6C7152EFB099723469A3D4408D0C27106E09D483C705E50556A35691C99B108D5629A3BFF434A196868E460046B26F4D1FC9725A3470229BF840C86EE0FE1239AF1992C6F7E960CAD0E0D82839CB67318A084AE5BBD8CE513C4DE6EC95B74F8CABADCD825775C36247B07F2CBDCF45B6C3ABF0C4EFED04733309D6CFEBE37871B9A4180A84A822742CD47496C310BCECB574EBED53C0BFDE574D49F3E180EF575B1BFB8799434305FAB7CB970AF999407F262FDBC13CC1809B1F34A962FE8D1348D52780C4AA173E769E70CAC6D8C2E97BF92F7624B4631952FC07FAF93E43A1A8C869C3423BD9A9387CFB4B5B8B2D8475174CCA1AF38CC64E514F0281D65A9AEE4876EB7CDCA6FD9EFB
+20210527071327 2 6 100 7679 5 C32E7FEED6DD76E659C6961141AEC4C2E086F62A1B6FBB851A142301550CCFC2E424C3D4B1B518D97BB7DBA9B7E0E40408EA5CE767F9276D112391D7D777FC14537F787F3ADD0DA7A45B64E1330E8F7A0D23C5AFB283E766F2BD69FD286599C68CFF239900CB849E720800D52B4D7FDFBE94C6B920AFD4FE3BAB7C9F19193F96ADC0EDE471FCFCD27ABFF54EFD8F589FD4FD5DF45FC03F832C4B137F4AEAE448E9FEC83A8E1BE47FA202A243BE467219C94A5B28908635E9794C4A4D471E17297E5584CAC109082787C01B8C32C3B0D89006EABD02F17D8BAA792C71A3CA3563501206E70786FC09605B91365EBC2F31EAA94778BB63895FE13ECEBDD005255672ED2768ACAA24E317FC4D4204AEF9B69C0A7EE845B3C228A878D385BE603145DFA087D480A41AEDFA887F7B058BBBEE7D702D83611132FDDF37D0ED1D1731B905D73CDCEF06F9F2BE2A1D01099A915F545F8FFE9B42B66C5FF5DDF2CFCD38B50D45620A364650F12A6E9E94D398FBA738ED66C764901F475CC0DB8B328343180DC70E77BAFC3D8F5CD168A9D9985BA98DD632FB6691B178DE4C276FD5EADABB891680118D0F1234C21AE7788981A33AEEB5D357C28B87F82E4D7314C2A5C9C756541C9CA0C038CA03EB4A75324BBD8DEB5817EDBE6EC15FEEE0E94DBADB19DB0C53467935672C9E8DA879D83619277D37109F4002884B45A69693E5E5C0919BB3A11C89D0BDE5B944602222405EA03F1CB8B8C171C1BD01489E5690EFBFD69CE50A3C7D57FB83857B18B98FFC999D0CA1CA5BFE196485D03E6CD9DE2964091827CC7FBD6D4708D6E8C27BD38A40CF06F713544A1A862DC650F13148A039BE09E55765E27E70490EA8D5AB67009A5834ED6972FF8D76F57B4EEE311E2F395C12DF65FB0DB8F9DD405F0CFEDF3BF08C391E628A0230B6F0ABBB4D07EC644DBBFBD4F48F9A89756F1004873C3D9F20E3566B6B1A2E1ABB6C7152EFB099723469A3D4408D0C27106E09D483C705E50556A35691C99B108D5629A3BFF434A196868E460046B26F4D1FC9725A3470229BF840C86EE0FE1239AF1992C6F7E960CAD0E0D82839CB67318A084AE5BBD8CE513C4DE6EC95B74F8CABADCD825775C36247B07F2CBDCF45B6C3ABF0C4EFED04733309D6CFEBE37871B9A4180A84A822742CD47496C310BCECB574EBED53C0BFDE574D49F3E180EF575B1BFB8799434305FAB7CB970AF999407F262FDBC13CC1809B1F34A962FE8D1348D52780C4AA173E769E70CAC6D8C2E97BF92F7624B4631952FC07FAF93E43A1A8C869C3423BD9A9387CFB4B5B8B2D8475174CCA1AF38CC64E514F0281D65A9AEE4876EB7CDCAA0EBEC7
+20210527071630 2 6 100 7679 5 C32E7FEED6DD76E659C6961141AEC4C2E086F62A1B6FBB851A142301550CCFC2E424C3D4B1B518D97BB7DBA9B7E0E40408EA5CE767F9276D112391D7D777FC14537F787F3ADD0DA7A45B64E1330E8F7A0D23C5AFB283E766F2BD69FD286599C68CFF239900CB849E720800D52B4D7FDFBE94C6B920AFD4FE3BAB7C9F19193F96ADC0EDE471FCFCD27ABFF54EFD8F589FD4FD5DF45FC03F832C4B137F4AEAE448E9FEC83A8E1BE47FA202A243BE467219C94A5B28908635E9794C4A4D471E17297E5584CAC109082787C01B8C32C3B0D89006EABD02F17D8BAA792C71A3CA3563501206E70786FC09605B91365EBC2F31EAA94778BB63895FE13ECEBDD005255672ED2768ACAA24E317FC4D4204AEF9B69C0A7EE845B3C228A878D385BE603145DFA087D480A41AEDFA887F7B058BBBEE7D702D83611132FDDF37D0ED1D1731B905D73CDCEF06F9F2BE2A1D01099A915F545F8FFE9B42B66C5FF5DDF2CFCD38B50D45620A364650F12A6E9E94D398FBA738ED66C764901F475CC0DB8B328343180DC70E77BAFC3D8F5CD168A9D9985BA98DD632FB6691B178DE4C276FD5EADABB891680118D0F1234C21AE7788981A33AEEB5D357C28B87F82E4D7314C2A5C9C756541C9CA0C038CA03EB4A75324BBD8DEB5817EDBE6EC15FEEE0E94DBADB19DB0C53467935672C9E8DA879D83619277D37109F4002884B45A69693E5E5C0919BB3A11C89D0BDE5B944602222405EA03F1CB8B8C171C1BD01489E5690EFBFD69CE50A3C7D57FB83857B18B98FFC999D0CA1CA5BFE196485D03E6CD9DE2964091827CC7FBD6D4708D6E8C27BD38A40CF06F713544A1A862DC650F13148A039BE09E55765E27E70490EA8D5AB67009A5834ED6972FF8D76F57B4EEE311E2F395C12DF65FB0DB8F9DD405F0CFEDF3BF08C391E628A0230B6F0ABBB4D07EC644DBBFBD4F48F9A89756F1004873C3D9F20E3566B6B1A2E1ABB6C7152EFB099723469A3D4408D0C27106E09D483C705E50556A35691C99B108D5629A3BFF434A196868E460046B26F4D1FC9725A3470229BF840C86EE0FE1239AF1992C6F7E960CAD0E0D82839CB67318A084AE5BBD8CE513C4DE6EC95B74F8CABADCD825775C36247B07F2CBDCF45B6C3ABF0C4EFED04733309D6CFEBE37871B9A4180A84A822742CD47496C310BCECB574EBED53C0BFDE574D49F3E180EF575B1BFB8799434305FAB7CB970AF999407F262FDBC13CC1809B1F34A962FE8D1348D52780C4AA173E769E70CAC6D8C2E97BF92F7624B4631952FC07FAF93E43A1A8C869C3423BD9A9387CFB4B5B8B2D8475174CCA1AF38CC64E514F0281D65A9AEE4876EB7CDCAA41FB57
+20210527080058 2 6 100 7679 2 C32E7FEED6DD76E659C6961141AEC4C2E086F62A1B6FBB851A142301550CCFC2E424C3D4B1B518D97BB7DBA9B7E0E40408EA5CE767F9276D112391D7D777FC14537F787F3ADD0DA7A45B64E1330E8F7A0D23C5AFB283E766F2BD69FD286599C68CFF239900CB849E720800D52B4D7FDFBE94C6B920AFD4FE3BAB7C9F19193F96ADC0EDE471FCFCD27ABFF54EFD8F589FD4FD5DF45FC03F832C4B137F4AEAE448E9FEC83A8E1BE47FA202A243BE467219C94A5B28908635E9794C4A4D471E17297E5584CAC109082787C01B8C32C3B0D89006EABD02F17D8BAA792C71A3CA3563501206E70786FC09605B91365EBC2F31EAA94778BB63895FE13ECEBDD005255672ED2768ACAA24E317FC4D4204AEF9B69C0A7EE845B3C228A878D385BE603145DFA087D480A41AEDFA887F7B058BBBEE7D702D83611132FDDF37D0ED1D1731B905D73CDCEF06F9F2BE2A1D01099A915F545F8FFE9B42B66C5FF5DDF2CFCD38B50D45620A364650F12A6E9E94D398FBA738ED66C764901F475CC0DB8B328343180DC70E77BAFC3D8F5CD168A9D9985BA98DD632FB6691B178DE4C276FD5EADABB891680118D0F1234C21AE7788981A33AEEB5D357C28B87F82E4D7314C2A5C9C756541C9CA0C038CA03EB4A75324BBD8DEB5817EDBE6EC15FEEE0E94DBADB19DB0C53467935672C9E8DA879D83619277D37109F4002884B45A69693E5E5C0919BB3A11C89D0BDE5B944602222405EA03F1CB8B8C171C1BD01489E5690EFBFD69CE50A3C7D57FB83857B18B98FFC999D0CA1CA5BFE196485D03E6CD9DE2964091827CC7FBD6D4708D6E8C27BD38A40CF06F713544A1A862DC650F13148A039BE09E55765E27E70490EA8D5AB67009A5834ED6972FF8D76F57B4EEE311E2F395C12DF65FB0DB8F9DD405F0CFEDF3BF08C391E628A0230B6F0ABBB4D07EC644DBBFBD4F48F9A89756F1004873C3D9F20E3566B6B1A2E1ABB6C7152EFB099723469A3D4408D0C27106E09D483C705E50556A35691C99B108D5629A3BFF434A196868E460046B26F4D1FC9725A3470229BF840C86EE0FE1239AF1992C6F7E960CAD0E0D82839CB67318A084AE5BBD8CE513C4DE6EC95B74F8CABADCD825775C36247B07F2CBDCF45B6C3ABF0C4EFED04733309D6CFEBE37871B9A4180A84A822742CD47496C310BCECB574EBED53C0BFDE574D49F3E180EF575B1BFB8799434305FAB7CB970AF999407F262FDBC13CC1809B1F34A962FE8D1348D52780C4AA173E769E70CAC6D8C2E97BF92F7624B4631952FC07FAF93E43A1A8C869C3423BD9A9387CFB4B5B8B2D8475174CCA1AF38CC64E514F0281D65A9AEE4876EB7CDCADACEDC3
+20210527085945 2 6 100 7679 2 C32E7FEED6DD76E659C6961141AEC4C2E086F62A1B6FBB851A142301550CCFC2E424C3D4B1B518D97BB7DBA9B7E0E40408EA5CE767F9276D112391D7D777FC14537F787F3ADD0DA7A45B64E1330E8F7A0D23C5AFB283E766F2BD69FD286599C68CFF239900CB849E720800D52B4D7FDFBE94C6B920AFD4FE3BAB7C9F19193F96ADC0EDE471FCFCD27ABFF54EFD8F589FD4FD5DF45FC03F832C4B137F4AEAE448E9FEC83A8E1BE47FA202A243BE467219C94A5B28908635E9794C4A4D471E17297E5584CAC109082787C01B8C32C3B0D89006EABD02F17D8BAA792C71A3CA3563501206E70786FC09605B91365EBC2F31EAA94778BB63895FE13ECEBDD005255672ED2768ACAA24E317FC4D4204AEF9B69C0A7EE845B3C228A878D385BE603145DFA087D480A41AEDFA887F7B058BBBEE7D702D83611132FDDF37D0ED1D1731B905D73CDCEF06F9F2BE2A1D01099A915F545F8FFE9B42B66C5FF5DDF2CFCD38B50D45620A364650F12A6E9E94D398FBA738ED66C764901F475CC0DB8B328343180DC70E77BAFC3D8F5CD168A9D9985BA98DD632FB6691B178DE4C276FD5EADABB891680118D0F1234C21AE7788981A33AEEB5D357C28B87F82E4D7314C2A5C9C756541C9CA0C038CA03EB4A75324BBD8DEB5817EDBE6EC15FEEE0E94DBADB19DB0C53467935672C9E8DA879D83619277D37109F4002884B45A69693E5E5C0919BB3A11C89D0BDE5B944602222405EA03F1CB8B8C171C1BD01489E5690EFBFD69CE50A3C7D57FB83857B18B98FFC999D0CA1CA5BFE196485D03E6CD9DE2964091827CC7FBD6D4708D6E8C27BD38A40CF06F713544A1A862DC650F13148A039BE09E55765E27E70490EA8D5AB67009A5834ED6972FF8D76F57B4EEE311E2F395C12DF65FB0DB8F9DD405F0CFEDF3BF08C391E628A0230B6F0ABBB4D07EC644DBBFBD4F48F9A89756F1004873C3D9F20E3566B6B1A2E1ABB6C7152EFB099723469A3D4408D0C27106E09D483C705E50556A35691C99B108D5629A3BFF434A196868E460046B26F4D1FC9725A3470229BF840C86EE0FE1239AF1992C6F7E960CAD0E0D82839CB67318A084AE5BBD8CE513C4DE6EC95B74F8CABADCD825775C36247B07F2CBDCF45B6C3ABF0C4EFED04733309D6CFEBE37871B9A4180A84A822742CD47496C310BCECB574EBED53C0BFDE574D49F3E180EF575B1BFB8799434305FAB7CB970AF999407F262FDBC13CC1809B1F34A962FE8D1348D52780C4AA173E769E70CAC6D8C2E97BF92F7624B4631952FC07FAF93E43A1A8C869C3423BD9A9387CFB4B5B8B2D8475174CCA1AF38CC64E514F0281D65A9AEE4876EB7CDCB22EE113
+20210527101619 2 6 100 7679 2 C32E7FEED6DD76E659C6961141AEC4C2E086F62A1B6FBB851A142301550CCFC2E424C3D4B1B518D97BB7DBA9B7E0E40408EA5CE767F9276D112391D7D777FC14537F787F3ADD0DA7A45B64E1330E8F7A0D23C5AFB283E766F2BD69FD286599C68CFF239900CB849E720800D52B4D7FDFBE94C6B920AFD4FE3BAB7C9F19193F96ADC0EDE471FCFCD27ABFF54EFD8F589FD4FD5DF45FC03F832C4B137F4AEAE448E9FEC83A8E1BE47FA202A243BE467219C94A5B28908635E9794C4A4D471E17297E5584CAC109082787C01B8C32C3B0D89006EABD02F17D8BAA792C71A3CA3563501206E70786FC09605B91365EBC2F31EAA94778BB63895FE13ECEBDD005255672ED2768ACAA24E317FC4D4204AEF9B69C0A7EE845B3C228A878D385BE603145DFA087D480A41AEDFA887F7B058BBBEE7D702D83611132FDDF37D0ED1D1731B905D73CDCEF06F9F2BE2A1D01099A915F545F8FFE9B42B66C5FF5DDF2CFCD38B50D45620A364650F12A6E9E94D398FBA738ED66C764901F475CC0DB8B328343180DC70E77BAFC3D8F5CD168A9D9985BA98DD632FB6691B178DE4C276FD5EADABB891680118D0F1234C21AE7788981A33AEEB5D357C28B87F82E4D7314C2A5C9C756541C9CA0C038CA03EB4A75324BBD8DEB5817EDBE6EC15FEEE0E94DBADB19DB0C53467935672C9E8DA879D83619277D37109F4002884B45A69693E5E5C0919BB3A11C89D0BDE5B944602222405EA03F1CB8B8C171C1BD01489E5690EFBFD69CE50A3C7D57FB83857B18B98FFC999D0CA1CA5BFE196485D03E6CD9DE2964091827CC7FBD6D4708D6E8C27BD38A40CF06F713544A1A862DC650F13148A039BE09E55765E27E70490EA8D5AB67009A5834ED6972FF8D76F57B4EEE311E2F395C12DF65FB0DB8F9DD405F0CFEDF3BF08C391E628A0230B6F0ABBB4D07EC644DBBFBD4F48F9A89756F1004873C3D9F20E3566B6B1A2E1ABB6C7152EFB099723469A3D4408D0C27106E09D483C705E50556A35691C99B108D5629A3BFF434A196868E460046B26F4D1FC9725A3470229BF840C86EE0FE1239AF1992C6F7E960CAD0E0D82839CB67318A084AE5BBD8CE513C4DE6EC95B74F8CABADCD825775C36247B07F2CBDCF45B6C3ABF0C4EFED04733309D6CFEBE37871B9A4180A84A822742CD47496C310BCECB574EBED53C0BFDE574D49F3E180EF575B1BFB8799434305FAB7CB970AF999407F262FDBC13CC1809B1F34A962FE8D1348D52780C4AA173E769E70CAC6D8C2E97BF92F7624B4631952FC07FAF93E43A1A8C869C3423BD9A9387CFB4B5B8B2D8475174CCA1AF38CC64E514F0281D65A9AEE4876EB7CDCB8016A93
+20210527102548 2 6 100 7679 5 C32E7FEED6DD76E659C6961141AEC4C2E086F62A1B6FBB851A142301550CCFC2E424C3D4B1B518D97BB7DBA9B7E0E40408EA5CE767F9276D112391D7D777FC14537F787F3ADD0DA7A45B64E1330E8F7A0D23C5AFB283E766F2BD69FD286599C68CFF239900CB849E720800D52B4D7FDFBE94C6B920AFD4FE3BAB7C9F19193F96ADC0EDE471FCFCD27ABFF54EFD8F589FD4FD5DF45FC03F832C4B137F4AEAE448E9FEC83A8E1BE47FA202A243BE467219C94A5B28908635E9794C4A4D471E17297E5584CAC109082787C01B8C32C3B0D89006EABD02F17D8BAA792C71A3CA3563501206E70786FC09605B91365EBC2F31EAA94778BB63895FE13ECEBDD005255672ED2768ACAA24E317FC4D4204AEF9B69C0A7EE845B3C228A878D385BE603145DFA087D480A41AEDFA887F7B058BBBEE7D702D83611132FDDF37D0ED1D1731B905D73CDCEF06F9F2BE2A1D01099A915F545F8FFE9B42B66C5FF5DDF2CFCD38B50D45620A364650F12A6E9E94D398FBA738ED66C764901F475CC0DB8B328343180DC70E77BAFC3D8F5CD168A9D9985BA98DD632FB6691B178DE4C276FD5EADABB891680118D0F1234C21AE7788981A33AEEB5D357C28B87F82E4D7314C2A5C9C756541C9CA0C038CA03EB4A75324BBD8DEB5817EDBE6EC15FEEE0E94DBADB19DB0C53467935672C9E8DA879D83619277D37109F4002884B45A69693E5E5C0919BB3A11C89D0BDE5B944602222405EA03F1CB8B8C171C1BD01489E5690EFBFD69CE50A3C7D57FB83857B18B98FFC999D0CA1CA5BFE196485D03E6CD9DE2964091827CC7FBD6D4708D6E8C27BD38A40CF06F713544A1A862DC650F13148A039BE09E55765E27E70490EA8D5AB67009A5834ED6972FF8D76F57B4EEE311E2F395C12DF65FB0DB8F9DD405F0CFEDF3BF08C391E628A0230B6F0ABBB4D07EC644DBBFBD4F48F9A89756F1004873C3D9F20E3566B6B1A2E1ABB6C7152EFB099723469A3D4408D0C27106E09D483C705E50556A35691C99B108D5629A3BFF434A196868E460046B26F4D1FC9725A3470229BF840C86EE0FE1239AF1992C6F7E960CAD0E0D82839CB67318A084AE5BBD8CE513C4DE6EC95B74F8CABADCD825775C36247B07F2CBDCF45B6C3ABF0C4EFED04733309D6CFEBE37871B9A4180A84A822742CD47496C310BCECB574EBED53C0BFDE574D49F3E180EF575B1BFB8799434305FAB7CB970AF999407F262FDBC13CC1809B1F34A962FE8D1348D52780C4AA173E769E70CAC6D8C2E97BF92F7624B4631952FC07FAF93E43A1A8C869C3423BD9A9387CFB4B5B8B2D8475174CCA1AF38CC64E514F0281D65A9AEE4876EB7CDCB8B44C67
+20210527105317 2 6 100 7679 5 C32E7FEED6DD76E659C6961141AEC4C2E086F62A1B6FBB851A142301550CCFC2E424C3D4B1B518D97BB7DBA9B7E0E40408EA5CE767F9276D112391D7D777FC14537F787F3ADD0DA7A45B64E1330E8F7A0D23C5AFB283E766F2BD69FD286599C68CFF239900CB849E720800D52B4D7FDFBE94C6B920AFD4FE3BAB7C9F19193F96ADC0EDE471FCFCD27ABFF54EFD8F589FD4FD5DF45FC03F832C4B137F4AEAE448E9FEC83A8E1BE47FA202A243BE467219C94A5B28908635E9794C4A4D471E17297E5584CAC109082787C01B8C32C3B0D89006EABD02F17D8BAA792C71A3CA3563501206E70786FC09605B91365EBC2F31EAA94778BB63895FE13ECEBDD005255672ED2768ACAA24E317FC4D4204AEF9B69C0A7EE845B3C228A878D385BE603145DFA087D480A41AEDFA887F7B058BBBEE7D702D83611132FDDF37D0ED1D1731B905D73CDCEF06F9F2BE2A1D01099A915F545F8FFE9B42B66C5FF5DDF2CFCD38B50D45620A364650F12A6E9E94D398FBA738ED66C764901F475CC0DB8B328343180DC70E77BAFC3D8F5CD168A9D9985BA98DD632FB6691B178DE4C276FD5EADABB891680118D0F1234C21AE7788981A33AEEB5D357C28B87F82E4D7314C2A5C9C756541C9CA0C038CA03EB4A75324BBD8DEB5817EDBE6EC15FEEE0E94DBADB19DB0C53467935672C9E8DA879D83619277D37109F4002884B45A69693E5E5C0919BB3A11C89D0BDE5B944602222405EA03F1CB8B8C171C1BD01489E5690EFBFD69CE50A3C7D57FB83857B18B98FFC999D0CA1CA5BFE196485D03E6CD9DE2964091827CC7FBD6D4708D6E8C27BD38A40CF06F713544A1A862DC650F13148A039BE09E55765E27E70490EA8D5AB67009A5834ED6972FF8D76F57B4EEE311E2F395C12DF65FB0DB8F9DD405F0CFEDF3BF08C391E628A0230B6F0ABBB4D07EC644DBBFBD4F48F9A89756F1004873C3D9F20E3566B6B1A2E1ABB6C7152EFB099723469A3D4408D0C27106E09D483C705E50556A35691C99B108D5629A3BFF434A196868E460046B26F4D1FC9725A3470229BF840C86EE0FE1239AF1992C6F7E960CAD0E0D82839CB67318A084AE5BBD8CE513C4DE6EC95B74F8CABADCD825775C36247B07F2CBDCF45B6C3ABF0C4EFED04733309D6CFEBE37871B9A4180A84A822742CD47496C310BCECB574EBED53C0BFDE574D49F3E180EF575B1BFB8799434305FAB7CB970AF999407F262FDBC13CC1809B1F34A962FE8D1348D52780C4AA173E769E70CAC6D8C2E97BF92F7624B4631952FC07FAF93E43A1A8C869C3423BD9A9387CFB4B5B8B2D8475174CCA1AF38CC64E514F0281D65A9AEE4876EB7CDCBAC26CAF
+20210527111021 2 6 100 7679 2 C32E7FEED6DD76E659C6961141AEC4C2E086F62A1B6FBB851A142301550CCFC2E424C3D4B1B518D97BB7DBA9B7E0E40408EA5CE767F9276D112391D7D777FC14537F787F3ADD0DA7A45B64E1330E8F7A0D23C5AFB283E766F2BD69FD286599C68CFF239900CB849E720800D52B4D7FDFBE94C6B920AFD4FE3BAB7C9F19193F96ADC0EDE471FCFCD27ABFF54EFD8F589FD4FD5DF45FC03F832C4B137F4AEAE448E9FEC83A8E1BE47FA202A243BE467219C94A5B28908635E9794C4A4D471E17297E5584CAC109082787C01B8C32C3B0D89006EABD02F17D8BAA792C71A3CA3563501206E70786FC09605B91365EBC2F31EAA94778BB63895FE13ECEBDD005255672ED2768ACAA24E317FC4D4204AEF9B69C0A7EE845B3C228A878D385BE603145DFA087D480A41AEDFA887F7B058BBBEE7D702D83611132FDDF37D0ED1D1731B905D73CDCEF06F9F2BE2A1D01099A915F545F8FFE9B42B66C5FF5DDF2CFCD38B50D45620A364650F12A6E9E94D398FBA738ED66C764901F475CC0DB8B328343180DC70E77BAFC3D8F5CD168A9D9985BA98DD632FB6691B178DE4C276FD5EADABB891680118D0F1234C21AE7788981A33AEEB5D357C28B87F82E4D7314C2A5C9C756541C9CA0C038CA03EB4A75324BBD8DEB5817EDBE6EC15FEEE0E94DBADB19DB0C53467935672C9E8DA879D83619277D37109F4002884B45A69693E5E5C0919BB3A11C89D0BDE5B944602222405EA03F1CB8B8C171C1BD01489E5690EFBFD69CE50A3C7D57FB83857B18B98FFC999D0CA1CA5BFE196485D03E6CD9DE2964091827CC7FBD6D4708D6E8C27BD38A40CF06F713544A1A862DC650F13148A039BE09E55765E27E70490EA8D5AB67009A5834ED6972FF8D76F57B4EEE311E2F395C12DF65FB0DB8F9DD405F0CFEDF3BF08C391E628A0230B6F0ABBB4D07EC644DBBFBD4F48F9A89756F1004873C3D9F20E3566B6B1A2E1ABB6C7152EFB099723469A3D4408D0C27106E09D483C705E50556A35691C99B108D5629A3BFF434A196868E460046B26F4D1FC9725A3470229BF840C86EE0FE1239AF1992C6F7E960CAD0E0D82839CB67318A084AE5BBD8CE513C4DE6EC95B74F8CABADCD825775C36247B07F2CBDCF45B6C3ABF0C4EFED04733309D6CFEBE37871B9A4180A84A822742CD47496C310BCECB574EBED53C0BFDE574D49F3E180EF575B1BFB8799434305FAB7CB970AF999407F262FDBC13CC1809B1F34A962FE8D1348D52780C4AA173E769E70CAC6D8C2E97BF92F7624B4631952FC07FAF93E43A1A8C869C3423BD9A9387CFB4B5B8B2D8475174CCA1AF38CC64E514F0281D65A9AEE4876EB7CDCBC0189BB
+20210527120037 2 6 100 7679 2 C32E7FEED6DD76E659C6961141AEC4C2E086F62A1B6FBB851A142301550CCFC2E424C3D4B1B518D97BB7DBA9B7E0E40408EA5CE767F9276D112391D7D777FC14537F787F3ADD0DA7A45B64E1330E8F7A0D23C5AFB283E766F2BD69FD286599C68CFF239900CB849E720800D52B4D7FDFBE94C6B920AFD4FE3BAB7C9F19193F96ADC0EDE471FCFCD27ABFF54EFD8F589FD4FD5DF45FC03F832C4B137F4AEAE448E9FEC83A8E1BE47FA202A243BE467219C94A5B28908635E9794C4A4D471E17297E5584CAC109082787C01B8C32C3B0D89006EABD02F17D8BAA792C71A3CA3563501206E70786FC09605B91365EBC2F31EAA94778BB63895FE13ECEBDD005255672ED2768ACAA24E317FC4D4204AEF9B69C0A7EE845B3C228A878D385BE603145DFA087D480A41AEDFA887F7B058BBBEE7D702D83611132FDDF37D0ED1D1731B905D73CDCEF06F9F2BE2A1D01099A915F545F8FFE9B42B66C5FF5DDF2CFCD38B50D45620A364650F12A6E9E94D398FBA738ED66C764901F475CC0DB8B328343180DC70E77BAFC3D8F5CD168A9D9985BA98DD632FB6691B178DE4C276FD5EADABB891680118D0F1234C21AE7788981A33AEEB5D357C28B87F82E4D7314C2A5C9C756541C9CA0C038CA03EB4A75324BBD8DEB5817EDBE6EC15FEEE0E94DBADB19DB0C53467935672C9E8DA879D83619277D37109F4002884B45A69693E5E5C0919BB3A11C89D0BDE5B944602222405EA03F1CB8B8C171C1BD01489E5690EFBFD69CE50A3C7D57FB83857B18B98FFC999D0CA1CA5BFE196485D03E6CD9DE2964091827CC7FBD6D4708D6E8C27BD38A40CF06F713544A1A862DC650F13148A039BE09E55765E27E70490EA8D5AB67009A5834ED6972FF8D76F57B4EEE311E2F395C12DF65FB0DB8F9DD405F0CFEDF3BF08C391E628A0230B6F0ABBB4D07EC644DBBFBD4F48F9A89756F1004873C3D9F20E3566B6B1A2E1ABB6C7152EFB099723469A3D4408D0C27106E09D483C705E50556A35691C99B108D5629A3BFF434A196868E460046B26F4D1FC9725A3470229BF840C86EE0FE1239AF1992C6F7E960CAD0E0D82839CB67318A084AE5BBD8CE513C4DE6EC95B74F8CABADCD825775C36247B07F2CBDCF45B6C3ABF0C4EFED04733309D6CFEBE37871B9A4180A84A822742CD47496C310BCECB574EBED53C0BFDE574D49F3E180EF575B1BFB8799434305FAB7CB970AF999407F262FDBC13CC1809B1F34A962FE8D1348D52780C4AA173E769E70CAC6D8C2E97BF92F7624B4631952FC07FAF93E43A1A8C869C3423BD9A9387CFB4B5B8B2D8475174CCA1AF38CC64E514F0281D65A9AEE4876EB7CDCBFCB4D7B
+20210527120149 2 6 100 7679 5 C32E7FEED6DD76E659C6961141AEC4C2E086F62A1B6FBB851A142301550CCFC2E424C3D4B1B518D97BB7DBA9B7E0E40408EA5CE767F9276D112391D7D777FC14537F787F3ADD0DA7A45B64E1330E8F7A0D23C5AFB283E766F2BD69FD286599C68CFF239900CB849E720800D52B4D7FDFBE94C6B920AFD4FE3BAB7C9F19193F96ADC0EDE471FCFCD27ABFF54EFD8F589FD4FD5DF45FC03F832C4B137F4AEAE448E9FEC83A8E1BE47FA202A243BE467219C94A5B28908635E9794C4A4D471E17297E5584CAC109082787C01B8C32C3B0D89006EABD02F17D8BAA792C71A3CA3563501206E70786FC09605B91365EBC2F31EAA94778BB63895FE13ECEBDD005255672ED2768ACAA24E317FC4D4204AEF9B69C0A7EE845B3C228A878D385BE603145DFA087D480A41AEDFA887F7B058BBBEE7D702D83611132FDDF37D0ED1D1731B905D73CDCEF06F9F2BE2A1D01099A915F545F8FFE9B42B66C5FF5DDF2CFCD38B50D45620A364650F12A6E9E94D398FBA738ED66C764901F475CC0DB8B328343180DC70E77BAFC3D8F5CD168A9D9985BA98DD632FB6691B178DE4C276FD5EADABB891680118D0F1234C21AE7788981A33AEEB5D357C28B87F82E4D7314C2A5C9C756541C9CA0C038CA03EB4A75324BBD8DEB5817EDBE6EC15FEEE0E94DBADB19DB0C53467935672C9E8DA879D83619277D37109F4002884B45A69693E5E5C0919BB3A11C89D0BDE5B944602222405EA03F1CB8B8C171C1BD01489E5690EFBFD69CE50A3C7D57FB83857B18B98FFC999D0CA1CA5BFE196485D03E6CD9DE2964091827CC7FBD6D4708D6E8C27BD38A40CF06F713544A1A862DC650F13148A039BE09E55765E27E70490EA8D5AB67009A5834ED6972FF8D76F57B4EEE311E2F395C12DF65FB0DB8F9DD405F0CFEDF3BF08C391E628A0230B6F0ABBB4D07EC644DBBFBD4F48F9A89756F1004873C3D9F20E3566B6B1A2E1ABB6C7152EFB099723469A3D4408D0C27106E09D483C705E50556A35691C99B108D5629A3BFF434A196868E460046B26F4D1FC9725A3470229BF840C86EE0FE1239AF1992C6F7E960CAD0E0D82839CB67318A084AE5BBD8CE513C4DE6EC95B74F8CABADCD825775C36247B07F2CBDCF45B6C3ABF0C4EFED04733309D6CFEBE37871B9A4180A84A822742CD47496C310BCECB574EBED53C0BFDE574D49F3E180EF575B1BFB8799434305FAB7CB970AF999407F262FDBC13CC1809B1F34A962FE8D1348D52780C4AA173E769E70CAC6D8C2E97BF92F7624B4631952FC07FAF93E43A1A8C869C3423BD9A9387CFB4B5B8B2D8475174CCA1AF38CC64E514F0281D65A9AEE4876EB7CDCBFDA08E7
+20210527125327 2 6 100 7679 2 C32E7FEED6DD76E659C6961141AEC4C2E086F62A1B6FBB851A142301550CCFC2E424C3D4B1B518D97BB7DBA9B7E0E40408EA5CE767F9276D112391D7D777FC14537F787F3ADD0DA7A45B64E1330E8F7A0D23C5AFB283E766F2BD69FD286599C68CFF239900CB849E720800D52B4D7FDFBE94C6B920AFD4FE3BAB7C9F19193F96ADC0EDE471FCFCD27ABFF54EFD8F589FD4FD5DF45FC03F832C4B137F4AEAE448E9FEC83A8E1BE47FA202A243BE467219C94A5B28908635E9794C4A4D471E17297E5584CAC109082787C01B8C32C3B0D89006EABD02F17D8BAA792C71A3CA3563501206E70786FC09605B91365EBC2F31EAA94778BB63895FE13ECEBDD005255672ED2768ACAA24E317FC4D4204AEF9B69C0A7EE845B3C228A878D385BE603145DFA087D480A41AEDFA887F7B058BBBEE7D702D83611132FDDF37D0ED1D1731B905D73CDCEF06F9F2BE2A1D01099A915F545F8FFE9B42B66C5FF5DDF2CFCD38B50D45620A364650F12A6E9E94D398FBA738ED66C764901F475CC0DB8B328343180DC70E77BAFC3D8F5CD168A9D9985BA98DD632FB6691B178DE4C276FD5EADABB891680118D0F1234C21AE7788981A33AEEB5D357C28B87F82E4D7314C2A5C9C756541C9CA0C038CA03EB4A75324BBD8DEB5817EDBE6EC15FEEE0E94DBADB19DB0C53467935672C9E8DA879D83619277D37109F4002884B45A69693E5E5C0919BB3A11C89D0BDE5B944602222405EA03F1CB8B8C171C1BD01489E5690EFBFD69CE50A3C7D57FB83857B18B98FFC999D0CA1CA5BFE196485D03E6CD9DE2964091827CC7FBD6D4708D6E8C27BD38A40CF06F713544A1A862DC650F13148A039BE09E55765E27E70490EA8D5AB67009A5834ED6972FF8D76F57B4EEE311E2F395C12DF65FB0DB8F9DD405F0CFEDF3BF08C391E628A0230B6F0ABBB4D07EC644DBBFBD4F48F9A89756F1004873C3D9F20E3566B6B1A2E1ABB6C7152EFB099723469A3D4408D0C27106E09D483C705E50556A35691C99B108D5629A3BFF434A196868E460046B26F4D1FC9725A3470229BF840C86EE0FE1239AF1992C6F7E960CAD0E0D82839CB67318A084AE5BBD8CE513C4DE6EC95B74F8CABADCD825775C36247B07F2CBDCF45B6C3ABF0C4EFED04733309D6CFEBE37871B9A4180A84A822742CD47496C310BCECB574EBED53C0BFDE574D49F3E180EF575B1BFB8799434305FAB7CB970AF999407F262FDBC13CC1809B1F34A962FE8D1348D52780C4AA173E769E70CAC6D8C2E97BF92F7624B4631952FC07FAF93E43A1A8C869C3423BD9A9387CFB4B5B8B2D8475174CCA1AF38CC64E514F0281D65A9AEE4876EB7CDCC3B60853
+20210527125755 2 6 100 7679 2 C32E7FEED6DD76E659C6961141AEC4C2E086F62A1B6FBB851A142301550CCFC2E424C3D4B1B518D97BB7DBA9B7E0E40408EA5CE767F9276D112391D7D777FC14537F787F3ADD0DA7A45B64E1330E8F7A0D23C5AFB283E766F2BD69FD286599C68CFF239900CB849E720800D52B4D7FDFBE94C6B920AFD4FE3BAB7C9F19193F96ADC0EDE471FCFCD27ABFF54EFD8F589FD4FD5DF45FC03F832C4B137F4AEAE448E9FEC83A8E1BE47FA202A243BE467219C94A5B28908635E9794C4A4D471E17297E5584CAC109082787C01B8C32C3B0D89006EABD02F17D8BAA792C71A3CA3563501206E70786FC09605B91365EBC2F31EAA94778BB63895FE13ECEBDD005255672ED2768ACAA24E317FC4D4204AEF9B69C0A7EE845B3C228A878D385BE603145DFA087D480A41AEDFA887F7B058BBBEE7D702D83611132FDDF37D0ED1D1731B905D73CDCEF06F9F2BE2A1D01099A915F545F8FFE9B42B66C5FF5DDF2CFCD38B50D45620A364650F12A6E9E94D398FBA738ED66C764901F475CC0DB8B328343180DC70E77BAFC3D8F5CD168A9D9985BA98DD632FB6691B178DE4C276FD5EADABB891680118D0F1234C21AE7788981A33AEEB5D357C28B87F82E4D7314C2A5C9C756541C9CA0C038CA03EB4A75324BBD8DEB5817EDBE6EC15FEEE0E94DBADB19DB0C53467935672C9E8DA879D83619277D37109F4002884B45A69693E5E5C0919BB3A11C89D0BDE5B944602222405EA03F1CB8B8C171C1BD01489E5690EFBFD69CE50A3C7D57FB83857B18B98FFC999D0CA1CA5BFE196485D03E6CD9DE2964091827CC7FBD6D4708D6E8C27BD38A40CF06F713544A1A862DC650F13148A039BE09E55765E27E70490EA8D5AB67009A5834ED6972FF8D76F57B4EEE311E2F395C12DF65FB0DB8F9DD405F0CFEDF3BF08C391E628A0230B6F0ABBB4D07EC644DBBFBD4F48F9A89756F1004873C3D9F20E3566B6B1A2E1ABB6C7152EFB099723469A3D4408D0C27106E09D483C705E50556A35691C99B108D5629A3BFF434A196868E460046B26F4D1FC9725A3470229BF840C86EE0FE1239AF1992C6F7E960CAD0E0D82839CB67318A084AE5BBD8CE513C4DE6EC95B74F8CABADCD825775C36247B07F2CBDCF45B6C3ABF0C4EFED04733309D6CFEBE37871B9A4180A84A822742CD47496C310BCECB574EBED53C0BFDE574D49F3E180EF575B1BFB8799434305FAB7CB970AF999407F262FDBC13CC1809B1F34A962FE8D1348D52780C4AA173E769E70CAC6D8C2E97BF92F7624B4631952FC07FAF93E43A1A8C869C3423BD9A9387CFB4B5B8B2D8475174CCA1AF38CC64E514F0281D65A9AEE4876EB7CDCC4035243
+20210527133418 2 6 100 7679 2 C32E7FEED6DD76E659C6961141AEC4C2E086F62A1B6FBB851A142301550CCFC2E424C3D4B1B518D97BB7DBA9B7E0E40408EA5CE767F9276D112391D7D777FC14537F787F3ADD0DA7A45B64E1330E8F7A0D23C5AFB283E766F2BD69FD286599C68CFF239900CB849E720800D52B4D7FDFBE94C6B920AFD4FE3BAB7C9F19193F96ADC0EDE471FCFCD27ABFF54EFD8F589FD4FD5DF45FC03F832C4B137F4AEAE448E9FEC83A8E1BE47FA202A243BE467219C94A5B28908635E9794C4A4D471E17297E5584CAC109082787C01B8C32C3B0D89006EABD02F17D8BAA792C71A3CA3563501206E70786FC09605B91365EBC2F31EAA94778BB63895FE13ECEBDD005255672ED2768ACAA24E317FC4D4204AEF9B69C0A7EE845B3C228A878D385BE603145DFA087D480A41AEDFA887F7B058BBBEE7D702D83611132FDDF37D0ED1D1731B905D73CDCEF06F9F2BE2A1D01099A915F545F8FFE9B42B66C5FF5DDF2CFCD38B50D45620A364650F12A6E9E94D398FBA738ED66C764901F475CC0DB8B328343180DC70E77BAFC3D8F5CD168A9D9985BA98DD632FB6691B178DE4C276FD5EADABB891680118D0F1234C21AE7788981A33AEEB5D357C28B87F82E4D7314C2A5C9C756541C9CA0C038CA03EB4A75324BBD8DEB5817EDBE6EC15FEEE0E94DBADB19DB0C53467935672C9E8DA879D83619277D37109F4002884B45A69693E5E5C0919BB3A11C89D0BDE5B944602222405EA03F1CB8B8C171C1BD01489E5690EFBFD69CE50A3C7D57FB83857B18B98FFC999D0CA1CA5BFE196485D03E6CD9DE2964091827CC7FBD6D4708D6E8C27BD38A40CF06F713544A1A862DC650F13148A039BE09E55765E27E70490EA8D5AB67009A5834ED6972FF8D76F57B4EEE311E2F395C12DF65FB0DB8F9DD405F0CFEDF3BF08C391E628A0230B6F0ABBB4D07EC644DBBFBD4F48F9A89756F1004873C3D9F20E3566B6B1A2E1ABB6C7152EFB099723469A3D4408D0C27106E09D483C705E50556A35691C99B108D5629A3BFF434A196868E460046B26F4D1FC9725A3470229BF840C86EE0FE1239AF1992C6F7E960CAD0E0D82839CB67318A084AE5BBD8CE513C4DE6EC95B74F8CABADCD825775C36247B07F2CBDCF45B6C3ABF0C4EFED04733309D6CFEBE37871B9A4180A84A822742CD47496C310BCECB574EBED53C0BFDE574D49F3E180EF575B1BFB8799434305FAB7CB970AF999407F262FDBC13CC1809B1F34A962FE8D1348D52780C4AA173E769E70CAC6D8C2E97BF92F7624B4631952FC07FAF93E43A1A8C869C3423BD9A9387CFB4B5B8B2D8475174CCA1AF38CC64E514F0281D65A9AEE4876EB7CDCC6B03E83
+20210527141546 2 6 100 7679 2 C32E7FEED6DD76E659C6961141AEC4C2E086F62A1B6FBB851A142301550CCFC2E424C3D4B1B518D97BB7DBA9B7E0E40408EA5CE767F9276D112391D7D777FC14537F787F3ADD0DA7A45B64E1330E8F7A0D23C5AFB283E766F2BD69FD286599C68CFF239900CB849E720800D52B4D7FDFBE94C6B920AFD4FE3BAB7C9F19193F96ADC0EDE471FCFCD27ABFF54EFD8F589FD4FD5DF45FC03F832C4B137F4AEAE448E9FEC83A8E1BE47FA202A243BE467219C94A5B28908635E9794C4A4D471E17297E5584CAC109082787C01B8C32C3B0D89006EABD02F17D8BAA792C71A3CA3563501206E70786FC09605B91365EBC2F31EAA94778BB63895FE13ECEBDD005255672ED2768ACAA24E317FC4D4204AEF9B69C0A7EE845B3C228A878D385BE603145DFA087D480A41AEDFA887F7B058BBBEE7D702D83611132FDDF37D0ED1D1731B905D73CDCEF06F9F2BE2A1D01099A915F545F8FFE9B42B66C5FF5DDF2CFCD38B50D45620A364650F12A6E9E94D398FBA738ED66C764901F475CC0DB8B328343180DC70E77BAFC3D8F5CD168A9D9985BA98DD632FB6691B178DE4C276FD5EADABB891680118D0F1234C21AE7788981A33AEEB5D357C28B87F82E4D7314C2A5C9C756541C9CA0C038CA03EB4A75324BBD8DEB5817EDBE6EC15FEEE0E94DBADB19DB0C53467935672C9E8DA879D83619277D37109F4002884B45A69693E5E5C0919BB3A11C89D0BDE5B944602222405EA03F1CB8B8C171C1BD01489E5690EFBFD69CE50A3C7D57FB83857B18B98FFC999D0CA1CA5BFE196485D03E6CD9DE2964091827CC7FBD6D4708D6E8C27BD38A40CF06F713544A1A862DC650F13148A039BE09E55765E27E70490EA8D5AB67009A5834ED6972FF8D76F57B4EEE311E2F395C12DF65FB0DB8F9DD405F0CFEDF3BF08C391E628A0230B6F0ABBB4D07EC644DBBFBD4F48F9A89756F1004873C3D9F20E3566B6B1A2E1ABB6C7152EFB099723469A3D4408D0C27106E09D483C705E50556A35691C99B108D5629A3BFF434A196868E460046B26F4D1FC9725A3470229BF840C86EE0FE1239AF1992C6F7E960CAD0E0D82839CB67318A084AE5BBD8CE513C4DE6EC95B74F8CABADCD825775C36247B07F2CBDCF45B6C3ABF0C4EFED04733309D6CFEBE37871B9A4180A84A822742CD47496C310BCECB574EBED53C0BFDE574D49F3E180EF575B1BFB8799434305FAB7CB970AF999407F262FDBC13CC1809B1F34A962FE8D1348D52780C4AA173E769E70CAC6D8C2E97BF92F7624B4631952FC07FAF93E43A1A8C869C3423BD9A9387CFB4B5B8B2D8475174CCA1AF38CC64E514F0281D65A9AEE4876EB7CDCC9BF3B53
+20210527142810 2 6 100 7679 2 C32E7FEED6DD76E659C6961141AEC4C2E086F62A1B6FBB851A142301550CCFC2E424C3D4B1B518D97BB7DBA9B7E0E40408EA5CE767F9276D112391D7D777FC14537F787F3ADD0DA7A45B64E1330E8F7A0D23C5AFB283E766F2BD69FD286599C68CFF239900CB849E720800D52B4D7FDFBE94C6B920AFD4FE3BAB7C9F19193F96ADC0EDE471FCFCD27ABFF54EFD8F589FD4FD5DF45FC03F832C4B137F4AEAE448E9FEC83A8E1BE47FA202A243BE467219C94A5B28908635E9794C4A4D471E17297E5584CAC109082787C01B8C32C3B0D89006EABD02F17D8BAA792C71A3CA3563501206E70786FC09605B91365EBC2F31EAA94778BB63895FE13ECEBDD005255672ED2768ACAA24E317FC4D4204AEF9B69C0A7EE845B3C228A878D385BE603145DFA087D480A41AEDFA887F7B058BBBEE7D702D83611132FDDF37D0ED1D1731B905D73CDCEF06F9F2BE2A1D01099A915F545F8FFE9B42B66C5FF5DDF2CFCD38B50D45620A364650F12A6E9E94D398FBA738ED66C764901F475CC0DB8B328343180DC70E77BAFC3D8F5CD168A9D9985BA98DD632FB6691B178DE4C276FD5EADABB891680118D0F1234C21AE7788981A33AEEB5D357C28B87F82E4D7314C2A5C9C756541C9CA0C038CA03EB4A75324BBD8DEB5817EDBE6EC15FEEE0E94DBADB19DB0C53467935672C9E8DA879D83619277D37109F4002884B45A69693E5E5C0919BB3A11C89D0BDE5B944602222405EA03F1CB8B8C171C1BD01489E5690EFBFD69CE50A3C7D57FB83857B18B98FFC999D0CA1CA5BFE196485D03E6CD9DE2964091827CC7FBD6D4708D6E8C27BD38A40CF06F713544A1A862DC650F13148A039BE09E55765E27E70490EA8D5AB67009A5834ED6972FF8D76F57B4EEE311E2F395C12DF65FB0DB8F9DD405F0CFEDF3BF08C391E628A0230B6F0ABBB4D07EC644DBBFBD4F48F9A89756F1004873C3D9F20E3566B6B1A2E1ABB6C7152EFB099723469A3D4408D0C27106E09D483C705E50556A35691C99B108D5629A3BFF434A196868E460046B26F4D1FC9725A3470229BF840C86EE0FE1239AF1992C6F7E960CAD0E0D82839CB67318A084AE5BBD8CE513C4DE6EC95B74F8CABADCD825775C36247B07F2CBDCF45B6C3ABF0C4EFED04733309D6CFEBE37871B9A4180A84A822742CD47496C310BCECB574EBED53C0BFDE574D49F3E180EF575B1BFB8799434305FAB7CB970AF999407F262FDBC13CC1809B1F34A962FE8D1348D52780C4AA173E769E70CAC6D8C2E97BF92F7624B4631952FC07FAF93E43A1A8C869C3423BD9A9387CFB4B5B8B2D8475174CCA1AF38CC64E514F0281D65A9AEE4876EB7CDCCAA21133
+20210527143703 2 6 100 7679 2 C32E7FEED6DD76E659C6961141AEC4C2E086F62A1B6FBB851A142301550CCFC2E424C3D4B1B518D97BB7DBA9B7E0E40408EA5CE767F9276D112391D7D777FC14537F787F3ADD0DA7A45B64E1330E8F7A0D23C5AFB283E766F2BD69FD286599C68CFF239900CB849E720800D52B4D7FDFBE94C6B920AFD4FE3BAB7C9F19193F96ADC0EDE471FCFCD27ABFF54EFD8F589FD4FD5DF45FC03F832C4B137F4AEAE448E9FEC83A8E1BE47FA202A243BE467219C94A5B28908635E9794C4A4D471E17297E5584CAC109082787C01B8C32C3B0D89006EABD02F17D8BAA792C71A3CA3563501206E70786FC09605B91365EBC2F31EAA94778BB63895FE13ECEBDD005255672ED2768ACAA24E317FC4D4204AEF9B69C0A7EE845B3C228A878D385BE603145DFA087D480A41AEDFA887F7B058BBBEE7D702D83611132FDDF37D0ED1D1731B905D73CDCEF06F9F2BE2A1D01099A915F545F8FFE9B42B66C5FF5DDF2CFCD38B50D45620A364650F12A6E9E94D398FBA738ED66C764901F475CC0DB8B328343180DC70E77BAFC3D8F5CD168A9D9985BA98DD632FB6691B178DE4C276FD5EADABB891680118D0F1234C21AE7788981A33AEEB5D357C28B87F82E4D7314C2A5C9C756541C9CA0C038CA03EB4A75324BBD8DEB5817EDBE6EC15FEEE0E94DBADB19DB0C53467935672C9E8DA879D83619277D37109F4002884B45A69693E5E5C0919BB3A11C89D0BDE5B944602222405EA03F1CB8B8C171C1BD01489E5690EFBFD69CE50A3C7D57FB83857B18B98FFC999D0CA1CA5BFE196485D03E6CD9DE2964091827CC7FBD6D4708D6E8C27BD38A40CF06F713544A1A862DC650F13148A039BE09E55765E27E70490EA8D5AB67009A5834ED6972FF8D76F57B4EEE311E2F395C12DF65FB0DB8F9DD405F0CFEDF3BF08C391E628A0230B6F0ABBB4D07EC644DBBFBD4F48F9A89756F1004873C3D9F20E3566B6B1A2E1ABB6C7152EFB099723469A3D4408D0C27106E09D483C705E50556A35691C99B108D5629A3BFF434A196868E460046B26F4D1FC9725A3470229BF840C86EE0FE1239AF1992C6F7E960CAD0E0D82839CB67318A084AE5BBD8CE513C4DE6EC95B74F8CABADCD825775C36247B07F2CBDCF45B6C3ABF0C4EFED04733309D6CFEBE37871B9A4180A84A822742CD47496C310BCECB574EBED53C0BFDE574D49F3E180EF575B1BFB8799434305FAB7CB970AF999407F262FDBC13CC1809B1F34A962FE8D1348D52780C4AA173E769E70CAC6D8C2E97BF92F7624B4631952FC07FAF93E43A1A8C869C3423BD9A9387CFB4B5B8B2D8475174CCA1AF38CC64E514F0281D65A9AEE4876EB7CDCCB42B1A3
+20210527150004 2 6 100 7679 5 C32E7FEED6DD76E659C6961141AEC4C2E086F62A1B6FBB851A142301550CCFC2E424C3D4B1B518D97BB7DBA9B7E0E40408EA5CE767F9276D112391D7D777FC14537F787F3ADD0DA7A45B64E1330E8F7A0D23C5AFB283E766F2BD69FD286599C68CFF239900CB849E720800D52B4D7FDFBE94C6B920AFD4FE3BAB7C9F19193F96ADC0EDE471FCFCD27ABFF54EFD8F589FD4FD5DF45FC03F832C4B137F4AEAE448E9FEC83A8E1BE47FA202A243BE467219C94A5B28908635E9794C4A4D471E17297E5584CAC109082787C01B8C32C3B0D89006EABD02F17D8BAA792C71A3CA3563501206E70786FC09605B91365EBC2F31EAA94778BB63895FE13ECEBDD005255672ED2768ACAA24E317FC4D4204AEF9B69C0A7EE845B3C228A878D385BE603145DFA087D480A41AEDFA887F7B058BBBEE7D702D83611132FDDF37D0ED1D1731B905D73CDCEF06F9F2BE2A1D01099A915F545F8FFE9B42B66C5FF5DDF2CFCD38B50D45620A364650F12A6E9E94D398FBA738ED66C764901F475CC0DB8B328343180DC70E77BAFC3D8F5CD168A9D9985BA98DD632FB6691B178DE4C276FD5EADABB891680118D0F1234C21AE7788981A33AEEB5D357C28B87F82E4D7314C2A5C9C756541C9CA0C038CA03EB4A75324BBD8DEB5817EDBE6EC15FEEE0E94DBADB19DB0C53467935672C9E8DA879D83619277D37109F4002884B45A69693E5E5C0919BB3A11C89D0BDE5B944602222405EA03F1CB8B8C171C1BD01489E5690EFBFD69CE50A3C7D57FB83857B18B98FFC999D0CA1CA5BFE196485D03E6CD9DE2964091827CC7FBD6D4708D6E8C27BD38A40CF06F713544A1A862DC650F13148A039BE09E55765E27E70490EA8D5AB67009A5834ED6972FF8D76F57B4EEE311E2F395C12DF65FB0DB8F9DD405F0CFEDF3BF08C391E628A0230B6F0ABBB4D07EC644DBBFBD4F48F9A89756F1004873C3D9F20E3566B6B1A2E1ABB6C7152EFB099723469A3D4408D0C27106E09D483C705E50556A35691C99B108D5629A3BFF434A196868E460046B26F4D1FC9725A3470229BF840C86EE0FE1239AF1992C6F7E960CAD0E0D82839CB67318A084AE5BBD8CE513C4DE6EC95B74F8CABADCD825775C36247B07F2CBDCF45B6C3ABF0C4EFED04733309D6CFEBE37871B9A4180A84A822742CD47496C310BCECB574EBED53C0BFDE574D49F3E180EF575B1BFB8799434305FAB7CB970AF999407F262FDBC13CC1809B1F34A962FE8D1348D52780C4AA173E769E70CAC6D8C2E97BF92F7624B4631952FC07FAF93E43A1A8C869C3423BD9A9387CFB4B5B8B2D8475174CCA1AF38CC64E514F0281D65A9AEE4876EB7CDCCCEFC0DF
+20210527152242 2 6 100 7679 2 C32E7FEED6DD76E659C6961141AEC4C2E086F62A1B6FBB851A142301550CCFC2E424C3D4B1B518D97BB7DBA9B7E0E40408EA5CE767F9276D112391D7D777FC14537F787F3ADD0DA7A45B64E1330E8F7A0D23C5AFB283E766F2BD69FD286599C68CFF239900CB849E720800D52B4D7FDFBE94C6B920AFD4FE3BAB7C9F19193F96ADC0EDE471FCFCD27ABFF54EFD8F589FD4FD5DF45FC03F832C4B137F4AEAE448E9FEC83A8E1BE47FA202A243BE467219C94A5B28908635E9794C4A4D471E17297E5584CAC109082787C01B8C32C3B0D89006EABD02F17D8BAA792C71A3CA3563501206E70786FC09605B91365EBC2F31EAA94778BB63895FE13ECEBDD005255672ED2768ACAA24E317FC4D4204AEF9B69C0A7EE845B3C228A878D385BE603145DFA087D480A41AEDFA887F7B058BBBEE7D702D83611132FDDF37D0ED1D1731B905D73CDCEF06F9F2BE2A1D01099A915F545F8FFE9B42B66C5FF5DDF2CFCD38B50D45620A364650F12A6E9E94D398FBA738ED66C764901F475CC0DB8B328343180DC70E77BAFC3D8F5CD168A9D9985BA98DD632FB6691B178DE4C276FD5EADABB891680118D0F1234C21AE7788981A33AEEB5D357C28B87F82E4D7314C2A5C9C756541C9CA0C038CA03EB4A75324BBD8DEB5817EDBE6EC15FEEE0E94DBADB19DB0C53467935672C9E8DA879D83619277D37109F4002884B45A69693E5E5C0919BB3A11C89D0BDE5B944602222405EA03F1CB8B8C171C1BD01489E5690EFBFD69CE50A3C7D57FB83857B18B98FFC999D0CA1CA5BFE196485D03E6CD9DE2964091827CC7FBD6D4708D6E8C27BD38A40CF06F713544A1A862DC650F13148A039BE09E55765E27E70490EA8D5AB67009A5834ED6972FF8D76F57B4EEE311E2F395C12DF65FB0DB8F9DD405F0CFEDF3BF08C391E628A0230B6F0ABBB4D07EC644DBBFBD4F48F9A89756F1004873C3D9F20E3566B6B1A2E1ABB6C7152EFB099723469A3D4408D0C27106E09D483C705E50556A35691C99B108D5629A3BFF434A196868E460046B26F4D1FC9725A3470229BF840C86EE0FE1239AF1992C6F7E960CAD0E0D82839CB67318A084AE5BBD8CE513C4DE6EC95B74F8CABADCD825775C36247B07F2CBDCF45B6C3ABF0C4EFED04733309D6CFEBE37871B9A4180A84A822742CD47496C310BCECB574EBED53C0BFDE574D49F3E180EF575B1BFB8799434305FAB7CB970AF999407F262FDBC13CC1809B1F34A962FE8D1348D52780C4AA173E769E70CAC6D8C2E97BF92F7624B4631952FC07FAF93E43A1A8C869C3423BD9A9387CFB4B5B8B2D8475174CCA1AF38CC64E514F0281D65A9AEE4876EB7CDCCE94F76B
+20210527153438 2 6 100 7679 5 C32E7FEED6DD76E659C6961141AEC4C2E086F62A1B6FBB851A142301550CCFC2E424C3D4B1B518D97BB7DBA9B7E0E40408EA5CE767F9276D112391D7D777FC14537F787F3ADD0DA7A45B64E1330E8F7A0D23C5AFB283E766F2BD69FD286599C68CFF239900CB849E720800D52B4D7FDFBE94C6B920AFD4FE3BAB7C9F19193F96ADC0EDE471FCFCD27ABFF54EFD8F589FD4FD5DF45FC03F832C4B137F4AEAE448E9FEC83A8E1BE47FA202A243BE467219C94A5B28908635E9794C4A4D471E17297E5584CAC109082787C01B8C32C3B0D89006EABD02F17D8BAA792C71A3CA3563501206E70786FC09605B91365EBC2F31EAA94778BB63895FE13ECEBDD005255672ED2768ACAA24E317FC4D4204AEF9B69C0A7EE845B3C228A878D385BE603145DFA087D480A41AEDFA887F7B058BBBEE7D702D83611132FDDF37D0ED1D1731B905D73CDCEF06F9F2BE2A1D01099A915F545F8FFE9B42B66C5FF5DDF2CFCD38B50D45620A364650F12A6E9E94D398FBA738ED66C764901F475CC0DB8B328343180DC70E77BAFC3D8F5CD168A9D9985BA98DD632FB6691B178DE4C276FD5EADABB891680118D0F1234C21AE7788981A33AEEB5D357C28B87F82E4D7314C2A5C9C756541C9CA0C038CA03EB4A75324BBD8DEB5817EDBE6EC15FEEE0E94DBADB19DB0C53467935672C9E8DA879D83619277D37109F4002884B45A69693E5E5C0919BB3A11C89D0BDE5B944602222405EA03F1CB8B8C171C1BD01489E5690EFBFD69CE50A3C7D57FB83857B18B98FFC999D0CA1CA5BFE196485D03E6CD9DE2964091827CC7FBD6D4708D6E8C27BD38A40CF06F713544A1A862DC650F13148A039BE09E55765E27E70490EA8D5AB67009A5834ED6972FF8D76F57B4EEE311E2F395C12DF65FB0DB8F9DD405F0CFEDF3BF08C391E628A0230B6F0ABBB4D07EC644DBBFBD4F48F9A89756F1004873C3D9F20E3566B6B1A2E1ABB6C7152EFB099723469A3D4408D0C27106E09D483C705E50556A35691C99B108D5629A3BFF434A196868E460046B26F4D1FC9725A3470229BF840C86EE0FE1239AF1992C6F7E960CAD0E0D82839CB67318A084AE5BBD8CE513C4DE6EC95B74F8CABADCD825775C36247B07F2CBDCF45B6C3ABF0C4EFED04733309D6CFEBE37871B9A4180A84A822742CD47496C310BCECB574EBED53C0BFDE574D49F3E180EF575B1BFB8799434305FAB7CB970AF999407F262FDBC13CC1809B1F34A962FE8D1348D52780C4AA173E769E70CAC6D8C2E97BF92F7624B4631952FC07FAF93E43A1A8C869C3423BD9A9387CFB4B5B8B2D8475174CCA1AF38CC64E514F0281D65A9AEE4876EB7CDCCF7614B7
+20210527153537 2 6 100 7679 2 C32E7FEED6DD76E659C6961141AEC4C2E086F62A1B6FBB851A142301550CCFC2E424C3D4B1B518D97BB7DBA9B7E0E40408EA5CE767F9276D112391D7D777FC14537F787F3ADD0DA7A45B64E1330E8F7A0D23C5AFB283E766F2BD69FD286599C68CFF239900CB849E720800D52B4D7FDFBE94C6B920AFD4FE3BAB7C9F19193F96ADC0EDE471FCFCD27ABFF54EFD8F589FD4FD5DF45FC03F832C4B137F4AEAE448E9FEC83A8E1BE47FA202A243BE467219C94A5B28908635E9794C4A4D471E17297E5584CAC109082787C01B8C32C3B0D89006EABD02F17D8BAA792C71A3CA3563501206E70786FC09605B91365EBC2F31EAA94778BB63895FE13ECEBDD005255672ED2768ACAA24E317FC4D4204AEF9B69C0A7EE845B3C228A878D385BE603145DFA087D480A41AEDFA887F7B058BBBEE7D702D83611132FDDF37D0ED1D1731B905D73CDCEF06F9F2BE2A1D01099A915F545F8FFE9B42B66C5FF5DDF2CFCD38B50D45620A364650F12A6E9E94D398FBA738ED66C764901F475CC0DB8B328343180DC70E77BAFC3D8F5CD168A9D9985BA98DD632FB6691B178DE4C276FD5EADABB891680118D0F1234C21AE7788981A33AEEB5D357C28B87F82E4D7314C2A5C9C756541C9CA0C038CA03EB4A75324BBD8DEB5817EDBE6EC15FEEE0E94DBADB19DB0C53467935672C9E8DA879D83619277D37109F4002884B45A69693E5E5C0919BB3A11C89D0BDE5B944602222405EA03F1CB8B8C171C1BD01489E5690EFBFD69CE50A3C7D57FB83857B18B98FFC999D0CA1CA5BFE196485D03E6CD9DE2964091827CC7FBD6D4708D6E8C27BD38A40CF06F713544A1A862DC650F13148A039BE09E55765E27E70490EA8D5AB67009A5834ED6972FF8D76F57B4EEE311E2F395C12DF65FB0DB8F9DD405F0CFEDF3BF08C391E628A0230B6F0ABBB4D07EC644DBBFBD4F48F9A89756F1004873C3D9F20E3566B6B1A2E1ABB6C7152EFB099723469A3D4408D0C27106E09D483C705E50556A35691C99B108D5629A3BFF434A196868E460046B26F4D1FC9725A3470229BF840C86EE0FE1239AF1992C6F7E960CAD0E0D82839CB67318A084AE5BBD8CE513C4DE6EC95B74F8CABADCD825775C36247B07F2CBDCF45B6C3ABF0C4EFED04733309D6CFEBE37871B9A4180A84A822742CD47496C310BCECB574EBED53C0BFDE574D49F3E180EF575B1BFB8799434305FAB7CB970AF999407F262FDBC13CC1809B1F34A962FE8D1348D52780C4AA173E769E70CAC6D8C2E97BF92F7624B4631952FC07FAF93E43A1A8C869C3423BD9A9387CFB4B5B8B2D8475174CCA1AF38CC64E514F0281D65A9AEE4876EB7CDCCF7F4B23
+20210527155914 2 6 100 7679 5 C32E7FEED6DD76E659C6961141AEC4C2E086F62A1B6FBB851A142301550CCFC2E424C3D4B1B518D97BB7DBA9B7E0E40408EA5CE767F9276D112391D7D777FC14537F787F3ADD0DA7A45B64E1330E8F7A0D23C5AFB283E766F2BD69FD286599C68CFF239900CB849E720800D52B4D7FDFBE94C6B920AFD4FE3BAB7C9F19193F96ADC0EDE471FCFCD27ABFF54EFD8F589FD4FD5DF45FC03F832C4B137F4AEAE448E9FEC83A8E1BE47FA202A243BE467219C94A5B28908635E9794C4A4D471E17297E5584CAC109082787C01B8C32C3B0D89006EABD02F17D8BAA792C71A3CA3563501206E70786FC09605B91365EBC2F31EAA94778BB63895FE13ECEBDD005255672ED2768ACAA24E317FC4D4204AEF9B69C0A7EE845B3C228A878D385BE603145DFA087D480A41AEDFA887F7B058BBBEE7D702D83611132FDDF37D0ED1D1731B905D73CDCEF06F9F2BE2A1D01099A915F545F8FFE9B42B66C5FF5DDF2CFCD38B50D45620A364650F12A6E9E94D398FBA738ED66C764901F475CC0DB8B328343180DC70E77BAFC3D8F5CD168A9D9985BA98DD632FB6691B178DE4C276FD5EADABB891680118D0F1234C21AE7788981A33AEEB5D357C28B87F82E4D7314C2A5C9C756541C9CA0C038CA03EB4A75324BBD8DEB5817EDBE6EC15FEEE0E94DBADB19DB0C53467935672C9E8DA879D83619277D37109F4002884B45A69693E5E5C0919BB3A11C89D0BDE5B944602222405EA03F1CB8B8C171C1BD01489E5690EFBFD69CE50A3C7D57FB83857B18B98FFC999D0CA1CA5BFE196485D03E6CD9DE2964091827CC7FBD6D4708D6E8C27BD38A40CF06F713544A1A862DC650F13148A039BE09E55765E27E70490EA8D5AB67009A5834ED6972FF8D76F57B4EEE311E2F395C12DF65FB0DB8F9DD405F0CFEDF3BF08C391E628A0230B6F0ABBB4D07EC644DBBFBD4F48F9A89756F1004873C3D9F20E3566B6B1A2E1ABB6C7152EFB099723469A3D4408D0C27106E09D483C705E50556A35691C99B108D5629A3BFF434A196868E460046B26F4D1FC9725A3470229BF840C86EE0FE1239AF1992C6F7E960CAD0E0D82839CB67318A084AE5BBD8CE513C4DE6EC95B74F8CABADCD825775C36247B07F2CBDCF45B6C3ABF0C4EFED04733309D6CFEBE37871B9A4180A84A822742CD47496C310BCECB574EBED53C0BFDE574D49F3E180EF575B1BFB8799434305FAB7CB970AF999407F262FDBC13CC1809B1F34A962FE8D1348D52780C4AA173E769E70CAC6D8C2E97BF92F7624B4631952FC07FAF93E43A1A8C869C3423BD9A9387CFB4B5B8B2D8475174CCA1AF38CC64E514F0281D65A9AEE4876EB7CDCD13EEF3F
+20210527170116 2 6 100 7679 2 C32E7FEED6DD76E659C6961141AEC4C2E086F62A1B6FBB851A142301550CCFC2E424C3D4B1B518D97BB7DBA9B7E0E40408EA5CE767F9276D112391D7D777FC14537F787F3ADD0DA7A45B64E1330E8F7A0D23C5AFB283E766F2BD69FD286599C68CFF239900CB849E720800D52B4D7FDFBE94C6B920AFD4FE3BAB7C9F19193F96ADC0EDE471FCFCD27ABFF54EFD8F589FD4FD5DF45FC03F832C4B137F4AEAE448E9FEC83A8E1BE47FA202A243BE467219C94A5B28908635E9794C4A4D471E17297E5584CAC109082787C01B8C32C3B0D89006EABD02F17D8BAA792C71A3CA3563501206E70786FC09605B91365EBC2F31EAA94778BB63895FE13ECEBDD005255672ED2768ACAA24E317FC4D4204AEF9B69C0A7EE845B3C228A878D385BE603145DFA087D480A41AEDFA887F7B058BBBEE7D702D83611132FDDF37D0ED1D1731B905D73CDCEF06F9F2BE2A1D01099A915F545F8FFE9B42B66C5FF5DDF2CFCD38B50D45620A364650F12A6E9E94D398FBA738ED66C764901F475CC0DB8B328343180DC70E77BAFC3D8F5CD168A9D9985BA98DD632FB6691B178DE4C276FD5EADABB891680118D0F1234C21AE7788981A33AEEB5D357C28B87F82E4D7314C2A5C9C756541C9CA0C038CA03EB4A75324BBD8DEB5817EDBE6EC15FEEE0E94DBADB19DB0C53467935672C9E8DA879D83619277D37109F4002884B45A69693E5E5C0919BB3A11C89D0BDE5B944602222405EA03F1CB8B8C171C1BD01489E5690EFBFD69CE50A3C7D57FB83857B18B98FFC999D0CA1CA5BFE196485D03E6CD9DE2964091827CC7FBD6D4708D6E8C27BD38A40CF06F713544A1A862DC650F13148A039BE09E55765E27E70490EA8D5AB67009A5834ED6972FF8D76F57B4EEE311E2F395C12DF65FB0DB8F9DD405F0CFEDF3BF08C391E628A0230B6F0ABBB4D07EC644DBBFBD4F48F9A89756F1004873C3D9F20E3566B6B1A2E1ABB6C7152EFB099723469A3D4408D0C27106E09D483C705E50556A35691C99B108D5629A3BFF434A196868E460046B26F4D1FC9725A3470229BF840C86EE0FE1239AF1992C6F7E960CAD0E0D82839CB67318A084AE5BBD8CE513C4DE6EC95B74F8CABADCD825775C36247B07F2CBDCF45B6C3ABF0C4EFED04733309D6CFEBE37871B9A4180A84A822742CD47496C310BCECB574EBED53C0BFDE574D49F3E180EF575B1BFB8799434305FAB7CB970AF999407F262FDBC13CC1809B1F34A962FE8D1348D52780C4AA173E769E70CAC6D8C2E97BF92F7624B4631952FC07FAF93E43A1A8C869C3423BD9A9387CFB4B5B8B2D8475174CCA1AF38CC64E514F0281D65A9AEE4876EB7CDCD5E5A47B
+20210527171119 2 6 100 7679 5 C32E7FEED6DD76E659C6961141AEC4C2E086F62A1B6FBB851A142301550CCFC2E424C3D4B1B518D97BB7DBA9B7E0E40408EA5CE767F9276D112391D7D777FC14537F787F3ADD0DA7A45B64E1330E8F7A0D23C5AFB283E766F2BD69FD286599C68CFF239900CB849E720800D52B4D7FDFBE94C6B920AFD4FE3BAB7C9F19193F96ADC0EDE471FCFCD27ABFF54EFD8F589FD4FD5DF45FC03F832C4B137F4AEAE448E9FEC83A8E1BE47FA202A243BE467219C94A5B28908635E9794C4A4D471E17297E5584CAC109082787C01B8C32C3B0D89006EABD02F17D8BAA792C71A3CA3563501206E70786FC09605B91365EBC2F31EAA94778BB63895FE13ECEBDD005255672ED2768ACAA24E317FC4D4204AEF9B69C0A7EE845B3C228A878D385BE603145DFA087D480A41AEDFA887F7B058BBBEE7D702D83611132FDDF37D0ED1D1731B905D73CDCEF06F9F2BE2A1D01099A915F545F8FFE9B42B66C5FF5DDF2CFCD38B50D45620A364650F12A6E9E94D398FBA738ED66C764901F475CC0DB8B328343180DC70E77BAFC3D8F5CD168A9D9985BA98DD632FB6691B178DE4C276FD5EADABB891680118D0F1234C21AE7788981A33AEEB5D357C28B87F82E4D7314C2A5C9C756541C9CA0C038CA03EB4A75324BBD8DEB5817EDBE6EC15FEEE0E94DBADB19DB0C53467935672C9E8DA879D83619277D37109F4002884B45A69693E5E5C0919BB3A11C89D0BDE5B944602222405EA03F1CB8B8C171C1BD01489E5690EFBFD69CE50A3C7D57FB83857B18B98FFC999D0CA1CA5BFE196485D03E6CD9DE2964091827CC7FBD6D4708D6E8C27BD38A40CF06F713544A1A862DC650F13148A039BE09E55765E27E70490EA8D5AB67009A5834ED6972FF8D76F57B4EEE311E2F395C12DF65FB0DB8F9DD405F0CFEDF3BF08C391E628A0230B6F0ABBB4D07EC644DBBFBD4F48F9A89756F1004873C3D9F20E3566B6B1A2E1ABB6C7152EFB099723469A3D4408D0C27106E09D483C705E50556A35691C99B108D5629A3BFF434A196868E460046B26F4D1FC9725A3470229BF840C86EE0FE1239AF1992C6F7E960CAD0E0D82839CB67318A084AE5BBD8CE513C4DE6EC95B74F8CABADCD825775C36247B07F2CBDCF45B6C3ABF0C4EFED04733309D6CFEBE37871B9A4180A84A822742CD47496C310BCECB574EBED53C0BFDE574D49F3E180EF575B1BFB8799434305FAB7CB970AF999407F262FDBC13CC1809B1F34A962FE8D1348D52780C4AA173E769E70CAC6D8C2E97BF92F7624B4631952FC07FAF93E43A1A8C869C3423BD9A9387CFB4B5B8B2D8475174CCA1AF38CC64E514F0281D65A9AEE4876EB7CDCD6975A67
+20210527173152 2 6 100 7679 5 C32E7FEED6DD76E659C6961141AEC4C2E086F62A1B6FBB851A142301550CCFC2E424C3D4B1B518D97BB7DBA9B7E0E40408EA5CE767F9276D112391D7D777FC14537F787F3ADD0DA7A45B64E1330E8F7A0D23C5AFB283E766F2BD69FD286599C68CFF239900CB849E720800D52B4D7FDFBE94C6B920AFD4FE3BAB7C9F19193F96ADC0EDE471FCFCD27ABFF54EFD8F589FD4FD5DF45FC03F832C4B137F4AEAE448E9FEC83A8E1BE47FA202A243BE467219C94A5B28908635E9794C4A4D471E17297E5584CAC109082787C01B8C32C3B0D89006EABD02F17D8BAA792C71A3CA3563501206E70786FC09605B91365EBC2F31EAA94778BB63895FE13ECEBDD005255672ED2768ACAA24E317FC4D4204AEF9B69C0A7EE845B3C228A878D385BE603145DFA087D480A41AEDFA887F7B058BBBEE7D702D83611132FDDF37D0ED1D1731B905D73CDCEF06F9F2BE2A1D01099A915F545F8FFE9B42B66C5FF5DDF2CFCD38B50D45620A364650F12A6E9E94D398FBA738ED66C764901F475CC0DB8B328343180DC70E77BAFC3D8F5CD168A9D9985BA98DD632FB6691B178DE4C276FD5EADABB891680118D0F1234C21AE7788981A33AEEB5D357C28B87F82E4D7314C2A5C9C756541C9CA0C038CA03EB4A75324BBD8DEB5817EDBE6EC15FEEE0E94DBADB19DB0C53467935672C9E8DA879D83619277D37109F4002884B45A69693E5E5C0919BB3A11C89D0BDE5B944602222405EA03F1CB8B8C171C1BD01489E5690EFBFD69CE50A3C7D57FB83857B18B98FFC999D0CA1CA5BFE196485D03E6CD9DE2964091827CC7FBD6D4708D6E8C27BD38A40CF06F713544A1A862DC650F13148A039BE09E55765E27E70490EA8D5AB67009A5834ED6972FF8D76F57B4EEE311E2F395C12DF65FB0DB8F9DD405F0CFEDF3BF08C391E628A0230B6F0ABBB4D07EC644DBBFBD4F48F9A89756F1004873C3D9F20E3566B6B1A2E1ABB6C7152EFB099723469A3D4408D0C27106E09D483C705E50556A35691C99B108D5629A3BFF434A196868E460046B26F4D1FC9725A3470229BF840C86EE0FE1239AF1992C6F7E960CAD0E0D82839CB67318A084AE5BBD8CE513C4DE6EC95B74F8CABADCD825775C36247B07F2CBDCF45B6C3ABF0C4EFED04733309D6CFEBE37871B9A4180A84A822742CD47496C310BCECB574EBED53C0BFDE574D49F3E180EF575B1BFB8799434305FAB7CB970AF999407F262FDBC13CC1809B1F34A962FE8D1348D52780C4AA173E769E70CAC6D8C2E97BF92F7624B4631952FC07FAF93E43A1A8C869C3423BD9A9387CFB4B5B8B2D8475174CCA1AF38CC64E514F0281D65A9AEE4876EB7CDCD815F687
+20210527180427 2 6 100 7679 5 C32E7FEED6DD76E659C6961141AEC4C2E086F62A1B6FBB851A142301550CCFC2E424C3D4B1B518D97BB7DBA9B7E0E40408EA5CE767F9276D112391D7D777FC14537F787F3ADD0DA7A45B64E1330E8F7A0D23C5AFB283E766F2BD69FD286599C68CFF239900CB849E720800D52B4D7FDFBE94C6B920AFD4FE3BAB7C9F19193F96ADC0EDE471FCFCD27ABFF54EFD8F589FD4FD5DF45FC03F832C4B137F4AEAE448E9FEC83A8E1BE47FA202A243BE467219C94A5B28908635E9794C4A4D471E17297E5584CAC109082787C01B8C32C3B0D89006EABD02F17D8BAA792C71A3CA3563501206E70786FC09605B91365EBC2F31EAA94778BB63895FE13ECEBDD005255672ED2768ACAA24E317FC4D4204AEF9B69C0A7EE845B3C228A878D385BE603145DFA087D480A41AEDFA887F7B058BBBEE7D702D83611132FDDF37D0ED1D1731B905D73CDCEF06F9F2BE2A1D01099A915F545F8FFE9B42B66C5FF5DDF2CFCD38B50D45620A364650F12A6E9E94D398FBA738ED66C764901F475CC0DB8B328343180DC70E77BAFC3D8F5CD168A9D9985BA98DD632FB6691B178DE4C276FD5EADABB891680118D0F1234C21AE7788981A33AEEB5D357C28B87F82E4D7314C2A5C9C756541C9CA0C038CA03EB4A75324BBD8DEB5817EDBE6EC15FEEE0E94DBADB19DB0C53467935672C9E8DA879D83619277D37109F4002884B45A69693E5E5C0919BB3A11C89D0BDE5B944602222405EA03F1CB8B8C171C1BD01489E5690EFBFD69CE50A3C7D57FB83857B18B98FFC999D0CA1CA5BFE196485D03E6CD9DE2964091827CC7FBD6D4708D6E8C27BD38A40CF06F713544A1A862DC650F13148A039BE09E55765E27E70490EA8D5AB67009A5834ED6972FF8D76F57B4EEE311E2F395C12DF65FB0DB8F9DD405F0CFEDF3BF08C391E628A0230B6F0ABBB4D07EC644DBBFBD4F48F9A89756F1004873C3D9F20E3566B6B1A2E1ABB6C7152EFB099723469A3D4408D0C27106E09D483C705E50556A35691C99B108D5629A3BFF434A196868E460046B26F4D1FC9725A3470229BF840C86EE0FE1239AF1992C6F7E960CAD0E0D82839CB67318A084AE5BBD8CE513C4DE6EC95B74F8CABADCD825775C36247B07F2CBDCF45B6C3ABF0C4EFED04733309D6CFEBE37871B9A4180A84A822742CD47496C310BCECB574EBED53C0BFDE574D49F3E180EF575B1BFB8799434305FAB7CB970AF999407F262FDBC13CC1809B1F34A962FE8D1348D52780C4AA173E769E70CAC6D8C2E97BF92F7624B4631952FC07FAF93E43A1A8C869C3423BD9A9387CFB4B5B8B2D8475174CCA1AF38CC64E514F0281D65A9AEE4876EB7CDCDA776E0F
+20210527185319 2 6 100 8191 5 F08476CF6891E7C1CE5A873D1D744FC41D579F53B1F877B0F280D44DF57BEBB3EFDEBC7B8DA48C885005E0F3D8167BE79FAA61DA67EAB112C599882D369A7446FFB888D483317B6A7E0A6AC0CCB6ADD70D511AD81FDCDD71D40C5A40B3627872CE2EDD092B2ED810F6F5F3AE3C02D97856002D646C750910C9B6917615BA8D8D0345514B5F7B37EF910BE98C8E42FF9F9C2FE04F3252C2894D67A033AB22CA3B1BFA9FEB208509654755F3B83121AB827BC481F2E435F68EA144ECCC19670F5C234369F97461A9AFEAE48917B2D767E925D3B94C6380F4A1891EE20A1413C358EC93C8D0D34E90C424BCA367AB4B7C63FDFA0931FB8735ECC5FE22694F8E2784389AC68974BBF1FB5196A5CFA63D30464968927752F1F8F216A07A467EFBCFD4078203DA384AC63A6A304AC56114D2BBDF9212F58BDE3AC556E168ACBF0AB63370D44E90D63E5CEDACA9D94F248B74A783E3852BE5BFF73E27F6FAE6BD0BE5A7A014262CBFB7ADB6A29477D9F2F5FB45E9AD5F16C07B06CA166455C83377C52BF61D06D8CCA11B692F7F05E96264C52295C73D6CD991190A54A2B097BFDBBA8B89A5DFCD1FF9DAFD24542B78FF5F00AF78890EA8297223CCAD28DEE98D829750A17298ABE7F3ED70E7370B1CDE1B4F23C24D69F0F4EA9F821B89BAA2D4577A247118EEF70F780FEF57DB587E1F3EAE54748615BE921CA766FC7EC2961E36EFB41CFC607B989ED0C4254057FD9D39715A35C872ED17407856C80C35F65BD181B181942CB5D62710FE60D0347FEEC2AC3ACE45EA72FCB4256EC07C0383B6CF930CF56CDB9803CEE74A66F83ABEF9C75A0D222BF02C3535B6E3C0DC3124A0E603B9E6A89A3BF636305D2174A2B379C4E36685993C8E8B4E44905D2D352B9EE9101910DCB6931C904D16CB0A079B6669DA3FF8F925A3119EF27F4164DA23405F8F135E454D09BEA876E27449E5884884A24833F3BE93165240285E43A3E4B296CAB04891F574787335DDF17085F77B37AFCD8221AB748FCB28CA2C664931C397E2CD70F8EC8D21C467A16A1F33EB1A5E9C0CA80EC81697A40FE6B01753AC39216301D9763D401DE1460DEC6BC546FDB648C79F9A7B80D6A8CD2AC8E09970D52B1FD4D780A51DBDDC4FDCB53A3D6DB50C6959C78AE8E1912BBD9B259159BEFE965834EB8F17F00A10DE857A49A6E94BA5E930998F283CB035C83174B17596B4C3ECFAC1912AB9799A92E2A01D6A0004753E3D2E5F8748A697D4007DF99C32C3E6C1C3DDDDEF90B9539D716DCF3F95CFC4CA0A9D9AD13E570C55A708986D1304740AAE543C4506D96DB45AC0547854735EFAB7814C8FF5029B256DA0C58E6BC618008117E92228B618103642E8AE533D5859178AB2B39E3B0D044195F531E8304DCA4B883E1B2DFDA12663E9D5FE976935CCC1594C6284A68C4CECAAF842F513E1A12F
+20210527185735 2 6 100 8191 2 F08476CF6891E7C1CE5A873D1D744FC41D579F53B1F877B0F280D44DF57BEBB3EFDEBC7B8DA48C885005E0F3D8167BE79FAA61DA67EAB112C599882D369A7446FFB888D483317B6A7E0A6AC0CCB6ADD70D511AD81FDCDD71D40C5A40B3627872CE2EDD092B2ED810F6F5F3AE3C02D97856002D646C750910C9B6917615BA8D8D0345514B5F7B37EF910BE98C8E42FF9F9C2FE04F3252C2894D67A033AB22CA3B1BFA9FEB208509654755F3B83121AB827BC481F2E435F68EA144ECCC19670F5C234369F97461A9AFEAE48917B2D767E925D3B94C6380F4A1891EE20A1413C358EC93C8D0D34E90C424BCA367AB4B7C63FDFA0931FB8735ECC5FE22694F8E2784389AC68974BBF1FB5196A5CFA63D30464968927752F1F8F216A07A467EFBCFD4078203DA384AC63A6A304AC56114D2BBDF9212F58BDE3AC556E168ACBF0AB63370D44E90D63E5CEDACA9D94F248B74A783E3852BE5BFF73E27F6FAE6BD0BE5A7A014262CBFB7ADB6A29477D9F2F5FB45E9AD5F16C07B06CA166455C83377C52BF61D06D8CCA11B692F7F05E96264C52295C73D6CD991190A54A2B097BFDBBA8B89A5DFCD1FF9DAFD24542B78FF5F00AF78890EA8297223CCAD28DEE98D829750A17298ABE7F3ED70E7370B1CDE1B4F23C24D69F0F4EA9F821B89BAA2D4577A247118EEF70F780FEF57DB587E1F3EAE54748615BE921CA766FC7EC2961E36EFB41CFC607B989ED0C4254057FD9D39715A35C872ED17407856C80C35F65BD181B181942CB5D62710FE60D0347FEEC2AC3ACE45EA72FCB4256EC07C0383B6CF930CF56CDB9803CEE74A66F83ABEF9C75A0D222BF02C3535B6E3C0DC3124A0E603B9E6A89A3BF636305D2174A2B379C4E36685993C8E8B4E44905D2D352B9EE9101910DCB6931C904D16CB0A079B6669DA3FF8F925A3119EF27F4164DA23405F8F135E454D09BEA876E27449E5884884A24833F3BE93165240285E43A3E4B296CAB04891F574787335DDF17085F77B37AFCD8221AB748FCB28CA2C664931C397E2CD70F8EC8D21C467A16A1F33EB1A5E9C0CA80EC81697A40FE6B01753AC39216301D9763D401DE1460DEC6BC546FDB648C79F9A7B80D6A8CD2AC8E09970D52B1FD4D780A51DBDDC4FDCB53A3D6DB50C6959C78AE8E1912BBD9B259159BEFE965834EB8F17F00A10DE857A49A6E94BA5E930998F283CB035C83174B17596B4C3ECFAC1912AB9799A92E2A01D6A0004753E3D2E5F8748A697D4007DF99C32C3E6C1C3DDDDEF90B9539D716DCF3F95CFC4CA0A9D9AD13E570C55A708986D1304740AAE543C4506D96DB45AC0547854735EFAB7814C8FF5029B256DA0C58E6BC618008117E92228B618103642E8AE533D5859178AB2B39E3B0D044195F531E8304DCA4B883E1B2DFDA12663E9D5FE976935CCC1594C6284A68C4CECAAF842F51429194B
+20210527213255 2 6 100 8191 5 F08476CF6891E7C1CE5A873D1D744FC41D579F53B1F877B0F280D44DF57BEBB3EFDEBC7B8DA48C885005E0F3D8167BE79FAA61DA67EAB112C599882D369A7446FFB888D483317B6A7E0A6AC0CCB6ADD70D511AD81FDCDD71D40C5A40B3627872CE2EDD092B2ED810F6F5F3AE3C02D97856002D646C750910C9B6917615BA8D8D0345514B5F7B37EF910BE98C8E42FF9F9C2FE04F3252C2894D67A033AB22CA3B1BFA9FEB208509654755F3B83121AB827BC481F2E435F68EA144ECCC19670F5C234369F97461A9AFEAE48917B2D767E925D3B94C6380F4A1891EE20A1413C358EC93C8D0D34E90C424BCA367AB4B7C63FDFA0931FB8735ECC5FE22694F8E2784389AC68974BBF1FB5196A5CFA63D30464968927752F1F8F216A07A467EFBCFD4078203DA384AC63A6A304AC56114D2BBDF9212F58BDE3AC556E168ACBF0AB63370D44E90D63E5CEDACA9D94F248B74A783E3852BE5BFF73E27F6FAE6BD0BE5A7A014262CBFB7ADB6A29477D9F2F5FB45E9AD5F16C07B06CA166455C83377C52BF61D06D8CCA11B692F7F05E96264C52295C73D6CD991190A54A2B097BFDBBA8B89A5DFCD1FF9DAFD24542B78FF5F00AF78890EA8297223CCAD28DEE98D829750A17298ABE7F3ED70E7370B1CDE1B4F23C24D69F0F4EA9F821B89BAA2D4577A247118EEF70F780FEF57DB587E1F3EAE54748615BE921CA766FC7EC2961E36EFB41CFC607B989ED0C4254057FD9D39715A35C872ED17407856C80C35F65BD181B181942CB5D62710FE60D0347FEEC2AC3ACE45EA72FCB4256EC07C0383B6CF930CF56CDB9803CEE74A66F83ABEF9C75A0D222BF02C3535B6E3C0DC3124A0E603B9E6A89A3BF636305D2174A2B379C4E36685993C8E8B4E44905D2D352B9EE9101910DCB6931C904D16CB0A079B6669DA3FF8F925A3119EF27F4164DA23405F8F135E454D09BEA876E27449E5884884A24833F3BE93165240285E43A3E4B296CAB04891F574787335DDF17085F77B37AFCD8221AB748FCB28CA2C664931C397E2CD70F8EC8D21C467A16A1F33EB1A5E9C0CA80EC81697A40FE6B01753AC39216301D9763D401DE1460DEC6BC546FDB648C79F9A7B80D6A8CD2AC8E09970D52B1FD4D780A51DBDDC4FDCB53A3D6DB50C6959C78AE8E1912BBD9B259159BEFE965834EB8F17F00A10DE857A49A6E94BA5E930998F283CB035C83174B17596B4C3ECFAC1912AB9799A92E2A01D6A0004753E3D2E5F8748A697D4007DF99C32C3E6C1C3DDDDEF90B9539D716DCF3F95CFC4CA0A9D9AD13E570C55A708986D1304740AAE543C4506D96DB45AC0547854735EFAB7814C8FF5029B256DA0C58E6BC618008117E92228B618103642E8AE533D5859178AB2B39E3B0D044195F531E8304DCA4B883E1B2DFDA12663E9D5FE976935CCC1594C6284A68C4CECAAF842F51F664F27
+20210527214610 2 6 100 8191 2 F08476CF6891E7C1CE5A873D1D744FC41D579F53B1F877B0F280D44DF57BEBB3EFDEBC7B8DA48C885005E0F3D8167BE79FAA61DA67EAB112C599882D369A7446FFB888D483317B6A7E0A6AC0CCB6ADD70D511AD81FDCDD71D40C5A40B3627872CE2EDD092B2ED810F6F5F3AE3C02D97856002D646C750910C9B6917615BA8D8D0345514B5F7B37EF910BE98C8E42FF9F9C2FE04F3252C2894D67A033AB22CA3B1BFA9FEB208509654755F3B83121AB827BC481F2E435F68EA144ECCC19670F5C234369F97461A9AFEAE48917B2D767E925D3B94C6380F4A1891EE20A1413C358EC93C8D0D34E90C424BCA367AB4B7C63FDFA0931FB8735ECC5FE22694F8E2784389AC68974BBF1FB5196A5CFA63D30464968927752F1F8F216A07A467EFBCFD4078203DA384AC63A6A304AC56114D2BBDF9212F58BDE3AC556E168ACBF0AB63370D44E90D63E5CEDACA9D94F248B74A783E3852BE5BFF73E27F6FAE6BD0BE5A7A014262CBFB7ADB6A29477D9F2F5FB45E9AD5F16C07B06CA166455C83377C52BF61D06D8CCA11B692F7F05E96264C52295C73D6CD991190A54A2B097BFDBBA8B89A5DFCD1FF9DAFD24542B78FF5F00AF78890EA8297223CCAD28DEE98D829750A17298ABE7F3ED70E7370B1CDE1B4F23C24D69F0F4EA9F821B89BAA2D4577A247118EEF70F780FEF57DB587E1F3EAE54748615BE921CA766FC7EC2961E36EFB41CFC607B989ED0C4254057FD9D39715A35C872ED17407856C80C35F65BD181B181942CB5D62710FE60D0347FEEC2AC3ACE45EA72FCB4256EC07C0383B6CF930CF56CDB9803CEE74A66F83ABEF9C75A0D222BF02C3535B6E3C0DC3124A0E603B9E6A89A3BF636305D2174A2B379C4E36685993C8E8B4E44905D2D352B9EE9101910DCB6931C904D16CB0A079B6669DA3FF8F925A3119EF27F4164DA23405F8F135E454D09BEA876E27449E5884884A24833F3BE93165240285E43A3E4B296CAB04891F574787335DDF17085F77B37AFCD8221AB748FCB28CA2C664931C397E2CD70F8EC8D21C467A16A1F33EB1A5E9C0CA80EC81697A40FE6B01753AC39216301D9763D401DE1460DEC6BC546FDB648C79F9A7B80D6A8CD2AC8E09970D52B1FD4D780A51DBDDC4FDCB53A3D6DB50C6959C78AE8E1912BBD9B259159BEFE965834EB8F17F00A10DE857A49A6E94BA5E930998F283CB035C83174B17596B4C3ECFAC1912AB9799A92E2A01D6A0004753E3D2E5F8748A697D4007DF99C32C3E6C1C3DDDDEF90B9539D716DCF3F95CFC4CA0A9D9AD13E570C55A708986D1304740AAE543C4506D96DB45AC0547854735EFAB7814C8FF5029B256DA0C58E6BC618008117E92228B618103642E8AE533D5859178AB2B39E3B0D044195F531E8304DCA4B883E1B2DFDA12663E9D5FE976935CCC1594C6284A68C4CECAAF842F52058B933
+20210528000741 2 6 100 8191 5 F08476CF6891E7C1CE5A873D1D744FC41D579F53B1F877B0F280D44DF57BEBB3EFDEBC7B8DA48C885005E0F3D8167BE79FAA61DA67EAB112C599882D369A7446FFB888D483317B6A7E0A6AC0CCB6ADD70D511AD81FDCDD71D40C5A40B3627872CE2EDD092B2ED810F6F5F3AE3C02D97856002D646C750910C9B6917615BA8D8D0345514B5F7B37EF910BE98C8E42FF9F9C2FE04F3252C2894D67A033AB22CA3B1BFA9FEB208509654755F3B83121AB827BC481F2E435F68EA144ECCC19670F5C234369F97461A9AFEAE48917B2D767E925D3B94C6380F4A1891EE20A1413C358EC93C8D0D34E90C424BCA367AB4B7C63FDFA0931FB8735ECC5FE22694F8E2784389AC68974BBF1FB5196A5CFA63D30464968927752F1F8F216A07A467EFBCFD4078203DA384AC63A6A304AC56114D2BBDF9212F58BDE3AC556E168ACBF0AB63370D44E90D63E5CEDACA9D94F248B74A783E3852BE5BFF73E27F6FAE6BD0BE5A7A014262CBFB7ADB6A29477D9F2F5FB45E9AD5F16C07B06CA166455C83377C52BF61D06D8CCA11B692F7F05E96264C52295C73D6CD991190A54A2B097BFDBBA8B89A5DFCD1FF9DAFD24542B78FF5F00AF78890EA8297223CCAD28DEE98D829750A17298ABE7F3ED70E7370B1CDE1B4F23C24D69F0F4EA9F821B89BAA2D4577A247118EEF70F780FEF57DB587E1F3EAE54748615BE921CA766FC7EC2961E36EFB41CFC607B989ED0C4254057FD9D39715A35C872ED17407856C80C35F65BD181B181942CB5D62710FE60D0347FEEC2AC3ACE45EA72FCB4256EC07C0383B6CF930CF56CDB9803CEE74A66F83ABEF9C75A0D222BF02C3535B6E3C0DC3124A0E603B9E6A89A3BF636305D2174A2B379C4E36685993C8E8B4E44905D2D352B9EE9101910DCB6931C904D16CB0A079B6669DA3FF8F925A3119EF27F4164DA23405F8F135E454D09BEA876E27449E5884884A24833F3BE93165240285E43A3E4B296CAB04891F574787335DDF17085F77B37AFCD8221AB748FCB28CA2C664931C397E2CD70F8EC8D21C467A16A1F33EB1A5E9C0CA80EC81697A40FE6B01753AC39216301D9763D401DE1460DEC6BC546FDB648C79F9A7B80D6A8CD2AC8E09970D52B1FD4D780A51DBDDC4FDCB53A3D6DB50C6959C78AE8E1912BBD9B259159BEFE965834EB8F17F00A10DE857A49A6E94BA5E930998F283CB035C83174B17596B4C3ECFAC1912AB9799A92E2A01D6A0004753E3D2E5F8748A697D4007DF99C32C3E6C1C3DDDDEF90B9539D716DCF3F95CFC4CA0A9D9AD13E570C55A708986D1304740AAE543C4506D96DB45AC0547854735EFAB7814C8FF5029B256DA0C58E6BC618008117E92228B618103642E8AE533D5859178AB2B39E3B0D044195F531E8304DCA4B883E1B2DFDA12663E9D5FE976935CCC1594C6284A68C4CECAAF842F52A61610F
+20210528003717 2 6 100 8191 2 F08476CF6891E7C1CE5A873D1D744FC41D579F53B1F877B0F280D44DF57BEBB3EFDEBC7B8DA48C885005E0F3D8167BE79FAA61DA67EAB112C599882D369A7446FFB888D483317B6A7E0A6AC0CCB6ADD70D511AD81FDCDD71D40C5A40B3627872CE2EDD092B2ED810F6F5F3AE3C02D97856002D646C750910C9B6917615BA8D8D0345514B5F7B37EF910BE98C8E42FF9F9C2FE04F3252C2894D67A033AB22CA3B1BFA9FEB208509654755F3B83121AB827BC481F2E435F68EA144ECCC19670F5C234369F97461A9AFEAE48917B2D767E925D3B94C6380F4A1891EE20A1413C358EC93C8D0D34E90C424BCA367AB4B7C63FDFA0931FB8735ECC5FE22694F8E2784389AC68974BBF1FB5196A5CFA63D30464968927752F1F8F216A07A467EFBCFD4078203DA384AC63A6A304AC56114D2BBDF9212F58BDE3AC556E168ACBF0AB63370D44E90D63E5CEDACA9D94F248B74A783E3852BE5BFF73E27F6FAE6BD0BE5A7A014262CBFB7ADB6A29477D9F2F5FB45E9AD5F16C07B06CA166455C83377C52BF61D06D8CCA11B692F7F05E96264C52295C73D6CD991190A54A2B097BFDBBA8B89A5DFCD1FF9DAFD24542B78FF5F00AF78890EA8297223CCAD28DEE98D829750A17298ABE7F3ED70E7370B1CDE1B4F23C24D69F0F4EA9F821B89BAA2D4577A247118EEF70F780FEF57DB587E1F3EAE54748615BE921CA766FC7EC2961E36EFB41CFC607B989ED0C4254057FD9D39715A35C872ED17407856C80C35F65BD181B181942CB5D62710FE60D0347FEEC2AC3ACE45EA72FCB4256EC07C0383B6CF930CF56CDB9803CEE74A66F83ABEF9C75A0D222BF02C3535B6E3C0DC3124A0E603B9E6A89A3BF636305D2174A2B379C4E36685993C8E8B4E44905D2D352B9EE9101910DCB6931C904D16CB0A079B6669DA3FF8F925A3119EF27F4164DA23405F8F135E454D09BEA876E27449E5884884A24833F3BE93165240285E43A3E4B296CAB04891F574787335DDF17085F77B37AFCD8221AB748FCB28CA2C664931C397E2CD70F8EC8D21C467A16A1F33EB1A5E9C0CA80EC81697A40FE6B01753AC39216301D9763D401DE1460DEC6BC546FDB648C79F9A7B80D6A8CD2AC8E09970D52B1FD4D780A51DBDDC4FDCB53A3D6DB50C6959C78AE8E1912BBD9B259159BEFE965834EB8F17F00A10DE857A49A6E94BA5E930998F283CB035C83174B17596B4C3ECFAC1912AB9799A92E2A01D6A0004753E3D2E5F8748A697D4007DF99C32C3E6C1C3DDDDEF90B9539D716DCF3F95CFC4CA0A9D9AD13E570C55A708986D1304740AAE543C4506D96DB45AC0547854735EFAB7814C8FF5029B256DA0C58E6BC618008117E92228B618103642E8AE533D5859178AB2B39E3B0D044195F531E8304DCA4B883E1B2DFDA12663E9D5FE976935CCC1594C6284A68C4CECAAF842F52C738E73
+20210528014022 2 6 100 8191 2 F08476CF6891E7C1CE5A873D1D744FC41D579F53B1F877B0F280D44DF57BEBB3EFDEBC7B8DA48C885005E0F3D8167BE79FAA61DA67EAB112C599882D369A7446FFB888D483317B6A7E0A6AC0CCB6ADD70D511AD81FDCDD71D40C5A40B3627872CE2EDD092B2ED810F6F5F3AE3C02D97856002D646C750910C9B6917615BA8D8D0345514B5F7B37EF910BE98C8E42FF9F9C2FE04F3252C2894D67A033AB22CA3B1BFA9FEB208509654755F3B83121AB827BC481F2E435F68EA144ECCC19670F5C234369F97461A9AFEAE48917B2D767E925D3B94C6380F4A1891EE20A1413C358EC93C8D0D34E90C424BCA367AB4B7C63FDFA0931FB8735ECC5FE22694F8E2784389AC68974BBF1FB5196A5CFA63D30464968927752F1F8F216A07A467EFBCFD4078203DA384AC63A6A304AC56114D2BBDF9212F58BDE3AC556E168ACBF0AB63370D44E90D63E5CEDACA9D94F248B74A783E3852BE5BFF73E27F6FAE6BD0BE5A7A014262CBFB7ADB6A29477D9F2F5FB45E9AD5F16C07B06CA166455C83377C52BF61D06D8CCA11B692F7F05E96264C52295C73D6CD991190A54A2B097BFDBBA8B89A5DFCD1FF9DAFD24542B78FF5F00AF78890EA8297223CCAD28DEE98D829750A17298ABE7F3ED70E7370B1CDE1B4F23C24D69F0F4EA9F821B89BAA2D4577A247118EEF70F780FEF57DB587E1F3EAE54748615BE921CA766FC7EC2961E36EFB41CFC607B989ED0C4254057FD9D39715A35C872ED17407856C80C35F65BD181B181942CB5D62710FE60D0347FEEC2AC3ACE45EA72FCB4256EC07C0383B6CF930CF56CDB9803CEE74A66F83ABEF9C75A0D222BF02C3535B6E3C0DC3124A0E603B9E6A89A3BF636305D2174A2B379C4E36685993C8E8B4E44905D2D352B9EE9101910DCB6931C904D16CB0A079B6669DA3FF8F925A3119EF27F4164DA23405F8F135E454D09BEA876E27449E5884884A24833F3BE93165240285E43A3E4B296CAB04891F574787335DDF17085F77B37AFCD8221AB748FCB28CA2C664931C397E2CD70F8EC8D21C467A16A1F33EB1A5E9C0CA80EC81697A40FE6B01753AC39216301D9763D401DE1460DEC6BC546FDB648C79F9A7B80D6A8CD2AC8E09970D52B1FD4D780A51DBDDC4FDCB53A3D6DB50C6959C78AE8E1912BBD9B259159BEFE965834EB8F17F00A10DE857A49A6E94BA5E930998F283CB035C83174B17596B4C3ECFAC1912AB9799A92E2A01D6A0004753E3D2E5F8748A697D4007DF99C32C3E6C1C3DDDDEF90B9539D716DCF3F95CFC4CA0A9D9AD13E570C55A708986D1304740AAE543C4506D96DB45AC0547854735EFAB7814C8FF5029B256DA0C58E6BC618008117E92228B618103642E8AE533D5859178AB2B39E3B0D044195F531E8304DCA4B883E1B2DFDA12663E9D5FE976935CCC1594C6284A68C4CECAAF842F530CE1FFB
+20210528020015 2 6 100 8191 2 F08476CF6891E7C1CE5A873D1D744FC41D579F53B1F877B0F280D44DF57BEBB3EFDEBC7B8DA48C885005E0F3D8167BE79FAA61DA67EAB112C599882D369A7446FFB888D483317B6A7E0A6AC0CCB6ADD70D511AD81FDCDD71D40C5A40B3627872CE2EDD092B2ED810F6F5F3AE3C02D97856002D646C750910C9B6917615BA8D8D0345514B5F7B37EF910BE98C8E42FF9F9C2FE04F3252C2894D67A033AB22CA3B1BFA9FEB208509654755F3B83121AB827BC481F2E435F68EA144ECCC19670F5C234369F97461A9AFEAE48917B2D767E925D3B94C6380F4A1891EE20A1413C358EC93C8D0D34E90C424BCA367AB4B7C63FDFA0931FB8735ECC5FE22694F8E2784389AC68974BBF1FB5196A5CFA63D30464968927752F1F8F216A07A467EFBCFD4078203DA384AC63A6A304AC56114D2BBDF9212F58BDE3AC556E168ACBF0AB63370D44E90D63E5CEDACA9D94F248B74A783E3852BE5BFF73E27F6FAE6BD0BE5A7A014262CBFB7ADB6A29477D9F2F5FB45E9AD5F16C07B06CA166455C83377C52BF61D06D8CCA11B692F7F05E96264C52295C73D6CD991190A54A2B097BFDBBA8B89A5DFCD1FF9DAFD24542B78FF5F00AF78890EA8297223CCAD28DEE98D829750A17298ABE7F3ED70E7370B1CDE1B4F23C24D69F0F4EA9F821B89BAA2D4577A247118EEF70F780FEF57DB587E1F3EAE54748615BE921CA766FC7EC2961E36EFB41CFC607B989ED0C4254057FD9D39715A35C872ED17407856C80C35F65BD181B181942CB5D62710FE60D0347FEEC2AC3ACE45EA72FCB4256EC07C0383B6CF930CF56CDB9803CEE74A66F83ABEF9C75A0D222BF02C3535B6E3C0DC3124A0E603B9E6A89A3BF636305D2174A2B379C4E36685993C8E8B4E44905D2D352B9EE9101910DCB6931C904D16CB0A079B6669DA3FF8F925A3119EF27F4164DA23405F8F135E454D09BEA876E27449E5884884A24833F3BE93165240285E43A3E4B296CAB04891F574787335DDF17085F77B37AFCD8221AB748FCB28CA2C664931C397E2CD70F8EC8D21C467A16A1F33EB1A5E9C0CA80EC81697A40FE6B01753AC39216301D9763D401DE1460DEC6BC546FDB648C79F9A7B80D6A8CD2AC8E09970D52B1FD4D780A51DBDDC4FDCB53A3D6DB50C6959C78AE8E1912BBD9B259159BEFE965834EB8F17F00A10DE857A49A6E94BA5E930998F283CB035C83174B17596B4C3ECFAC1912AB9799A92E2A01D6A0004753E3D2E5F8748A697D4007DF99C32C3E6C1C3DDDDEF90B9539D716DCF3F95CFC4CA0A9D9AD13E570C55A708986D1304740AAE543C4506D96DB45AC0547854735EFAB7814C8FF5029B256DA0C58E6BC618008117E92228B618103642E8AE533D5859178AB2B39E3B0D044195F531E8304DCA4B883E1B2DFDA12663E9D5FE976935CCC1594C6284A68C4CECAAF842F5322397AB
+20210528050850 2 6 100 8191 5 F08476CF6891E7C1CE5A873D1D744FC41D579F53B1F877B0F280D44DF57BEBB3EFDEBC7B8DA48C885005E0F3D8167BE79FAA61DA67EAB112C599882D369A7446FFB888D483317B6A7E0A6AC0CCB6ADD70D511AD81FDCDD71D40C5A40B3627872CE2EDD092B2ED810F6F5F3AE3C02D97856002D646C750910C9B6917615BA8D8D0345514B5F7B37EF910BE98C8E42FF9F9C2FE04F3252C2894D67A033AB22CA3B1BFA9FEB208509654755F3B83121AB827BC481F2E435F68EA144ECCC19670F5C234369F97461A9AFEAE48917B2D767E925D3B94C6380F4A1891EE20A1413C358EC93C8D0D34E90C424BCA367AB4B7C63FDFA0931FB8735ECC5FE22694F8E2784389AC68974BBF1FB5196A5CFA63D30464968927752F1F8F216A07A467EFBCFD4078203DA384AC63A6A304AC56114D2BBDF9212F58BDE3AC556E168ACBF0AB63370D44E90D63E5CEDACA9D94F248B74A783E3852BE5BFF73E27F6FAE6BD0BE5A7A014262CBFB7ADB6A29477D9F2F5FB45E9AD5F16C07B06CA166455C83377C52BF61D06D8CCA11B692F7F05E96264C52295C73D6CD991190A54A2B097BFDBBA8B89A5DFCD1FF9DAFD24542B78FF5F00AF78890EA8297223CCAD28DEE98D829750A17298ABE7F3ED70E7370B1CDE1B4F23C24D69F0F4EA9F821B89BAA2D4577A247118EEF70F780FEF57DB587E1F3EAE54748615BE921CA766FC7EC2961E36EFB41CFC607B989ED0C4254057FD9D39715A35C872ED17407856C80C35F65BD181B181942CB5D62710FE60D0347FEEC2AC3ACE45EA72FCB4256EC07C0383B6CF930CF56CDB9803CEE74A66F83ABEF9C75A0D222BF02C3535B6E3C0DC3124A0E603B9E6A89A3BF636305D2174A2B379C4E36685993C8E8B4E44905D2D352B9EE9101910DCB6931C904D16CB0A079B6669DA3FF8F925A3119EF27F4164DA23405F8F135E454D09BEA876E27449E5884884A24833F3BE93165240285E43A3E4B296CAB04891F574787335DDF17085F77B37AFCD8221AB748FCB28CA2C664931C397E2CD70F8EC8D21C467A16A1F33EB1A5E9C0CA80EC81697A40FE6B01753AC39216301D9763D401DE1460DEC6BC546FDB648C79F9A7B80D6A8CD2AC8E09970D52B1FD4D780A51DBDDC4FDCB53A3D6DB50C6959C78AE8E1912BBD9B259159BEFE965834EB8F17F00A10DE857A49A6E94BA5E930998F283CB035C83174B17596B4C3ECFAC1912AB9799A92E2A01D6A0004753E3D2E5F8748A697D4007DF99C32C3E6C1C3DDDDEF90B9539D716DCF3F95CFC4CA0A9D9AD13E570C55A708986D1304740AAE543C4506D96DB45AC0547854735EFAB7814C8FF5029B256DA0C58E6BC618008117E92228B618103642E8AE533D5859178AB2B39E3B0D044195F531E8304DCA4B883E1B2DFDA12663E9D5FE976935CCC1594C6284A68C4CECAAF842F53F20EBA7
+20210528054438 2 6 100 8191 2 F08476CF6891E7C1CE5A873D1D744FC41D579F53B1F877B0F280D44DF57BEBB3EFDEBC7B8DA48C885005E0F3D8167BE79FAA61DA67EAB112C599882D369A7446FFB888D483317B6A7E0A6AC0CCB6ADD70D511AD81FDCDD71D40C5A40B3627872CE2EDD092B2ED810F6F5F3AE3C02D97856002D646C750910C9B6917615BA8D8D0345514B5F7B37EF910BE98C8E42FF9F9C2FE04F3252C2894D67A033AB22CA3B1BFA9FEB208509654755F3B83121AB827BC481F2E435F68EA144ECCC19670F5C234369F97461A9AFEAE48917B2D767E925D3B94C6380F4A1891EE20A1413C358EC93C8D0D34E90C424BCA367AB4B7C63FDFA0931FB8735ECC5FE22694F8E2784389AC68974BBF1FB5196A5CFA63D30464968927752F1F8F216A07A467EFBCFD4078203DA384AC63A6A304AC56114D2BBDF9212F58BDE3AC556E168ACBF0AB63370D44E90D63E5CEDACA9D94F248B74A783E3852BE5BFF73E27F6FAE6BD0BE5A7A014262CBFB7ADB6A29477D9F2F5FB45E9AD5F16C07B06CA166455C83377C52BF61D06D8CCA11B692F7F05E96264C52295C73D6CD991190A54A2B097BFDBBA8B89A5DFCD1FF9DAFD24542B78FF5F00AF78890EA8297223CCAD28DEE98D829750A17298ABE7F3ED70E7370B1CDE1B4F23C24D69F0F4EA9F821B89BAA2D4577A247118EEF70F780FEF57DB587E1F3EAE54748615BE921CA766FC7EC2961E36EFB41CFC607B989ED0C4254057FD9D39715A35C872ED17407856C80C35F65BD181B181942CB5D62710FE60D0347FEEC2AC3ACE45EA72FCB4256EC07C0383B6CF930CF56CDB9803CEE74A66F83ABEF9C75A0D222BF02C3535B6E3C0DC3124A0E603B9E6A89A3BF636305D2174A2B379C4E36685993C8E8B4E44905D2D352B9EE9101910DCB6931C904D16CB0A079B6669DA3FF8F925A3119EF27F4164DA23405F8F135E454D09BEA876E27449E5884884A24833F3BE93165240285E43A3E4B296CAB04891F574787335DDF17085F77B37AFCD8221AB748FCB28CA2C664931C397E2CD70F8EC8D21C467A16A1F33EB1A5E9C0CA80EC81697A40FE6B01753AC39216301D9763D401DE1460DEC6BC546FDB648C79F9A7B80D6A8CD2AC8E09970D52B1FD4D780A51DBDDC4FDCB53A3D6DB50C6959C78AE8E1912BBD9B259159BEFE965834EB8F17F00A10DE857A49A6E94BA5E930998F283CB035C83174B17596B4C3ECFAC1912AB9799A92E2A01D6A0004753E3D2E5F8748A697D4007DF99C32C3E6C1C3DDDDEF90B9539D716DCF3F95CFC4CA0A9D9AD13E570C55A708986D1304740AAE543C4506D96DB45AC0547854735EFAB7814C8FF5029B256DA0C58E6BC618008117E92228B618103642E8AE533D5859178AB2B39E3B0D044195F531E8304DCA4B883E1B2DFDA12663E9D5FE976935CCC1594C6284A68C4CECAAF842F5418B5C4B
+20210528084340 2 6 100 8191 2 F08476CF6891E7C1CE5A873D1D744FC41D579F53B1F877B0F280D44DF57BEBB3EFDEBC7B8DA48C885005E0F3D8167BE79FAA61DA67EAB112C599882D369A7446FFB888D483317B6A7E0A6AC0CCB6ADD70D511AD81FDCDD71D40C5A40B3627872CE2EDD092B2ED810F6F5F3AE3C02D97856002D646C750910C9B6917615BA8D8D0345514B5F7B37EF910BE98C8E42FF9F9C2FE04F3252C2894D67A033AB22CA3B1BFA9FEB208509654755F3B83121AB827BC481F2E435F68EA144ECCC19670F5C234369F97461A9AFEAE48917B2D767E925D3B94C6380F4A1891EE20A1413C358EC93C8D0D34E90C424BCA367AB4B7C63FDFA0931FB8735ECC5FE22694F8E2784389AC68974BBF1FB5196A5CFA63D30464968927752F1F8F216A07A467EFBCFD4078203DA384AC63A6A304AC56114D2BBDF9212F58BDE3AC556E168ACBF0AB63370D44E90D63E5CEDACA9D94F248B74A783E3852BE5BFF73E27F6FAE6BD0BE5A7A014262CBFB7ADB6A29477D9F2F5FB45E9AD5F16C07B06CA166455C83377C52BF61D06D8CCA11B692F7F05E96264C52295C73D6CD991190A54A2B097BFDBBA8B89A5DFCD1FF9DAFD24542B78FF5F00AF78890EA8297223CCAD28DEE98D829750A17298ABE7F3ED70E7370B1CDE1B4F23C24D69F0F4EA9F821B89BAA2D4577A247118EEF70F780FEF57DB587E1F3EAE54748615BE921CA766FC7EC2961E36EFB41CFC607B989ED0C4254057FD9D39715A35C872ED17407856C80C35F65BD181B181942CB5D62710FE60D0347FEEC2AC3ACE45EA72FCB4256EC07C0383B6CF930CF56CDB9803CEE74A66F83ABEF9C75A0D222BF02C3535B6E3C0DC3124A0E603B9E6A89A3BF636305D2174A2B379C4E36685993C8E8B4E44905D2D352B9EE9101910DCB6931C904D16CB0A079B6669DA3FF8F925A3119EF27F4164DA23405F8F135E454D09BEA876E27449E5884884A24833F3BE93165240285E43A3E4B296CAB04891F574787335DDF17085F77B37AFCD8221AB748FCB28CA2C664931C397E2CD70F8EC8D21C467A16A1F33EB1A5E9C0CA80EC81697A40FE6B01753AC39216301D9763D401DE1460DEC6BC546FDB648C79F9A7B80D6A8CD2AC8E09970D52B1FD4D780A51DBDDC4FDCB53A3D6DB50C6959C78AE8E1912BBD9B259159BEFE965834EB8F17F00A10DE857A49A6E94BA5E930998F283CB035C83174B17596B4C3ECFAC1912AB9799A92E2A01D6A0004753E3D2E5F8748A697D4007DF99C32C3E6C1C3DDDDEF90B9539D716DCF3F95CFC4CA0A9D9AD13E570C55A708986D1304740AAE543C4506D96DB45AC0547854735EFAB7814C8FF5029B256DA0C58E6BC618008117E92228B618103642E8AE533D5859178AB2B39E3B0D044195F531E8304DCA4B883E1B2DFDA12663E9D5FE976935CCC1594C6284A68C4CECAAF842F54D8C79F3
+20210528091530 2 6 100 8191 2 F08476CF6891E7C1CE5A873D1D744FC41D579F53B1F877B0F280D44DF57BEBB3EFDEBC7B8DA48C885005E0F3D8167BE79FAA61DA67EAB112C599882D369A7446FFB888D483317B6A7E0A6AC0CCB6ADD70D511AD81FDCDD71D40C5A40B3627872CE2EDD092B2ED810F6F5F3AE3C02D97856002D646C750910C9B6917615BA8D8D0345514B5F7B37EF910BE98C8E42FF9F9C2FE04F3252C2894D67A033AB22CA3B1BFA9FEB208509654755F3B83121AB827BC481F2E435F68EA144ECCC19670F5C234369F97461A9AFEAE48917B2D767E925D3B94C6380F4A1891EE20A1413C358EC93C8D0D34E90C424BCA367AB4B7C63FDFA0931FB8735ECC5FE22694F8E2784389AC68974BBF1FB5196A5CFA63D30464968927752F1F8F216A07A467EFBCFD4078203DA384AC63A6A304AC56114D2BBDF9212F58BDE3AC556E168ACBF0AB63370D44E90D63E5CEDACA9D94F248B74A783E3852BE5BFF73E27F6FAE6BD0BE5A7A014262CBFB7ADB6A29477D9F2F5FB45E9AD5F16C07B06CA166455C83377C52BF61D06D8CCA11B692F7F05E96264C52295C73D6CD991190A54A2B097BFDBBA8B89A5DFCD1FF9DAFD24542B78FF5F00AF78890EA8297223CCAD28DEE98D829750A17298ABE7F3ED70E7370B1CDE1B4F23C24D69F0F4EA9F821B89BAA2D4577A247118EEF70F780FEF57DB587E1F3EAE54748615BE921CA766FC7EC2961E36EFB41CFC607B989ED0C4254057FD9D39715A35C872ED17407856C80C35F65BD181B181942CB5D62710FE60D0347FEEC2AC3ACE45EA72FCB4256EC07C0383B6CF930CF56CDB9803CEE74A66F83ABEF9C75A0D222BF02C3535B6E3C0DC3124A0E603B9E6A89A3BF636305D2174A2B379C4E36685993C8E8B4E44905D2D352B9EE9101910DCB6931C904D16CB0A079B6669DA3FF8F925A3119EF27F4164DA23405F8F135E454D09BEA876E27449E5884884A24833F3BE93165240285E43A3E4B296CAB04891F574787335DDF17085F77B37AFCD8221AB748FCB28CA2C664931C397E2CD70F8EC8D21C467A16A1F33EB1A5E9C0CA80EC81697A40FE6B01753AC39216301D9763D401DE1460DEC6BC546FDB648C79F9A7B80D6A8CD2AC8E09970D52B1FD4D780A51DBDDC4FDCB53A3D6DB50C6959C78AE8E1912BBD9B259159BEFE965834EB8F17F00A10DE857A49A6E94BA5E930998F283CB035C83174B17596B4C3ECFAC1912AB9799A92E2A01D6A0004753E3D2E5F8748A697D4007DF99C32C3E6C1C3DDDDEF90B9539D716DCF3F95CFC4CA0A9D9AD13E570C55A708986D1304740AAE543C4506D96DB45AC0547854735EFAB7814C8FF5029B256DA0C58E6BC618008117E92228B618103642E8AE533D5859178AB2B39E3B0D044195F531E8304DCA4B883E1B2DFDA12663E9D5FE976935CCC1594C6284A68C4CECAAF842F54FA20AAB
+20210528094806 2 6 100 8191 5 F08476CF6891E7C1CE5A873D1D744FC41D579F53B1F877B0F280D44DF57BEBB3EFDEBC7B8DA48C885005E0F3D8167BE79FAA61DA67EAB112C599882D369A7446FFB888D483317B6A7E0A6AC0CCB6ADD70D511AD81FDCDD71D40C5A40B3627872CE2EDD092B2ED810F6F5F3AE3C02D97856002D646C750910C9B6917615BA8D8D0345514B5F7B37EF910BE98C8E42FF9F9C2FE04F3252C2894D67A033AB22CA3B1BFA9FEB208509654755F3B83121AB827BC481F2E435F68EA144ECCC19670F5C234369F97461A9AFEAE48917B2D767E925D3B94C6380F4A1891EE20A1413C358EC93C8D0D34E90C424BCA367AB4B7C63FDFA0931FB8735ECC5FE22694F8E2784389AC68974BBF1FB5196A5CFA63D30464968927752F1F8F216A07A467EFBCFD4078203DA384AC63A6A304AC56114D2BBDF9212F58BDE3AC556E168ACBF0AB63370D44E90D63E5CEDACA9D94F248B74A783E3852BE5BFF73E27F6FAE6BD0BE5A7A014262CBFB7ADB6A29477D9F2F5FB45E9AD5F16C07B06CA166455C83377C52BF61D06D8CCA11B692F7F05E96264C52295C73D6CD991190A54A2B097BFDBBA8B89A5DFCD1FF9DAFD24542B78FF5F00AF78890EA8297223CCAD28DEE98D829750A17298ABE7F3ED70E7370B1CDE1B4F23C24D69F0F4EA9F821B89BAA2D4577A247118EEF70F780FEF57DB587E1F3EAE54748615BE921CA766FC7EC2961E36EFB41CFC607B989ED0C4254057FD9D39715A35C872ED17407856C80C35F65BD181B181942CB5D62710FE60D0347FEEC2AC3ACE45EA72FCB4256EC07C0383B6CF930CF56CDB9803CEE74A66F83ABEF9C75A0D222BF02C3535B6E3C0DC3124A0E603B9E6A89A3BF636305D2174A2B379C4E36685993C8E8B4E44905D2D352B9EE9101910DCB6931C904D16CB0A079B6669DA3FF8F925A3119EF27F4164DA23405F8F135E454D09BEA876E27449E5884884A24833F3BE93165240285E43A3E4B296CAB04891F574787335DDF17085F77B37AFCD8221AB748FCB28CA2C664931C397E2CD70F8EC8D21C467A16A1F33EB1A5E9C0CA80EC81697A40FE6B01753AC39216301D9763D401DE1460DEC6BC546FDB648C79F9A7B80D6A8CD2AC8E09970D52B1FD4D780A51DBDDC4FDCB53A3D6DB50C6959C78AE8E1912BBD9B259159BEFE965834EB8F17F00A10DE857A49A6E94BA5E930998F283CB035C83174B17596B4C3ECFAC1912AB9799A92E2A01D6A0004753E3D2E5F8748A697D4007DF99C32C3E6C1C3DDDDEF90B9539D716DCF3F95CFC4CA0A9D9AD13E570C55A708986D1304740AAE543C4506D96DB45AC0547854735EFAB7814C8FF5029B256DA0C58E6BC618008117E92228B618103642E8AE533D5859178AB2B39E3B0D044195F531E8304DCA4B883E1B2DFDA12663E9D5FE976935CCC1594C6284A68C4CECAAF842F551BB35BF
+20210528123059 2 6 100 8191 2 F08476CF6891E7C1CE5A873D1D744FC41D579F53B1F877B0F280D44DF57BEBB3EFDEBC7B8DA48C885005E0F3D8167BE79FAA61DA67EAB112C599882D369A7446FFB888D483317B6A7E0A6AC0CCB6ADD70D511AD81FDCDD71D40C5A40B3627872CE2EDD092B2ED810F6F5F3AE3C02D97856002D646C750910C9B6917615BA8D8D0345514B5F7B37EF910BE98C8E42FF9F9C2FE04F3252C2894D67A033AB22CA3B1BFA9FEB208509654755F3B83121AB827BC481F2E435F68EA144ECCC19670F5C234369F97461A9AFEAE48917B2D767E925D3B94C6380F4A1891EE20A1413C358EC93C8D0D34E90C424BCA367AB4B7C63FDFA0931FB8735ECC5FE22694F8E2784389AC68974BBF1FB5196A5CFA63D30464968927752F1F8F216A07A467EFBCFD4078203DA384AC63A6A304AC56114D2BBDF9212F58BDE3AC556E168ACBF0AB63370D44E90D63E5CEDACA9D94F248B74A783E3852BE5BFF73E27F6FAE6BD0BE5A7A014262CBFB7ADB6A29477D9F2F5FB45E9AD5F16C07B06CA166455C83377C52BF61D06D8CCA11B692F7F05E96264C52295C73D6CD991190A54A2B097BFDBBA8B89A5DFCD1FF9DAFD24542B78FF5F00AF78890EA8297223CCAD28DEE98D829750A17298ABE7F3ED70E7370B1CDE1B4F23C24D69F0F4EA9F821B89BAA2D4577A247118EEF70F780FEF57DB587E1F3EAE54748615BE921CA766FC7EC2961E36EFB41CFC607B989ED0C4254057FD9D39715A35C872ED17407856C80C35F65BD181B181942CB5D62710FE60D0347FEEC2AC3ACE45EA72FCB4256EC07C0383B6CF930CF56CDB9803CEE74A66F83ABEF9C75A0D222BF02C3535B6E3C0DC3124A0E603B9E6A89A3BF636305D2174A2B379C4E36685993C8E8B4E44905D2D352B9EE9101910DCB6931C904D16CB0A079B6669DA3FF8F925A3119EF27F4164DA23405F8F135E454D09BEA876E27449E5884884A24833F3BE93165240285E43A3E4B296CAB04891F574787335DDF17085F77B37AFCD8221AB748FCB28CA2C664931C397E2CD70F8EC8D21C467A16A1F33EB1A5E9C0CA80EC81697A40FE6B01753AC39216301D9763D401DE1460DEC6BC546FDB648C79F9A7B80D6A8CD2AC8E09970D52B1FD4D780A51DBDDC4FDCB53A3D6DB50C6959C78AE8E1912BBD9B259159BEFE965834EB8F17F00A10DE857A49A6E94BA5E930998F283CB035C83174B17596B4C3ECFAC1912AB9799A92E2A01D6A0004753E3D2E5F8748A697D4007DF99C32C3E6C1C3DDDDEF90B9539D716DCF3F95CFC4CA0A9D9AD13E570C55A708986D1304740AAE543C4506D96DB45AC0547854735EFAB7814C8FF5029B256DA0C58E6BC618008117E92228B618103642E8AE533D5859178AB2B39E3B0D044195F531E8304DCA4B883E1B2DFDA12663E9D5FE976935CCC1594C6284A68C4CECAAF842F55C74EE33
+20210528123356 2 6 100 8191 2 F08476CF6891E7C1CE5A873D1D744FC41D579F53B1F877B0F280D44DF57BEBB3EFDEBC7B8DA48C885005E0F3D8167BE79FAA61DA67EAB112C599882D369A7446FFB888D483317B6A7E0A6AC0CCB6ADD70D511AD81FDCDD71D40C5A40B3627872CE2EDD092B2ED810F6F5F3AE3C02D97856002D646C750910C9B6917615BA8D8D0345514B5F7B37EF910BE98C8E42FF9F9C2FE04F3252C2894D67A033AB22CA3B1BFA9FEB208509654755F3B83121AB827BC481F2E435F68EA144ECCC19670F5C234369F97461A9AFEAE48917B2D767E925D3B94C6380F4A1891EE20A1413C358EC93C8D0D34E90C424BCA367AB4B7C63FDFA0931FB8735ECC5FE22694F8E2784389AC68974BBF1FB5196A5CFA63D30464968927752F1F8F216A07A467EFBCFD4078203DA384AC63A6A304AC56114D2BBDF9212F58BDE3AC556E168ACBF0AB63370D44E90D63E5CEDACA9D94F248B74A783E3852BE5BFF73E27F6FAE6BD0BE5A7A014262CBFB7ADB6A29477D9F2F5FB45E9AD5F16C07B06CA166455C83377C52BF61D06D8CCA11B692F7F05E96264C52295C73D6CD991190A54A2B097BFDBBA8B89A5DFCD1FF9DAFD24542B78FF5F00AF78890EA8297223CCAD28DEE98D829750A17298ABE7F3ED70E7370B1CDE1B4F23C24D69F0F4EA9F821B89BAA2D4577A247118EEF70F780FEF57DB587E1F3EAE54748615BE921CA766FC7EC2961E36EFB41CFC607B989ED0C4254057FD9D39715A35C872ED17407856C80C35F65BD181B181942CB5D62710FE60D0347FEEC2AC3ACE45EA72FCB4256EC07C0383B6CF930CF56CDB9803CEE74A66F83ABEF9C75A0D222BF02C3535B6E3C0DC3124A0E603B9E6A89A3BF636305D2174A2B379C4E36685993C8E8B4E44905D2D352B9EE9101910DCB6931C904D16CB0A079B6669DA3FF8F925A3119EF27F4164DA23405F8F135E454D09BEA876E27449E5884884A24833F3BE93165240285E43A3E4B296CAB04891F574787335DDF17085F77B37AFCD8221AB748FCB28CA2C664931C397E2CD70F8EC8D21C467A16A1F33EB1A5E9C0CA80EC81697A40FE6B01753AC39216301D9763D401DE1460DEC6BC546FDB648C79F9A7B80D6A8CD2AC8E09970D52B1FD4D780A51DBDDC4FDCB53A3D6DB50C6959C78AE8E1912BBD9B259159BEFE965834EB8F17F00A10DE857A49A6E94BA5E930998F283CB035C83174B17596B4C3ECFAC1912AB9799A92E2A01D6A0004753E3D2E5F8748A697D4007DF99C32C3E6C1C3DDDDEF90B9539D716DCF3F95CFC4CA0A9D9AD13E570C55A708986D1304740AAE543C4506D96DB45AC0547854735EFAB7814C8FF5029B256DA0C58E6BC618008117E92228B618103642E8AE533D5859178AB2B39E3B0D044195F531E8304DCA4B883E1B2DFDA12663E9D5FE976935CCC1594C6284A68C4CECAAF842F55C9BEE33
+20210528131007 2 6 100 8191 2 F08476CF6891E7C1CE5A873D1D744FC41D579F53B1F877B0F280D44DF57BEBB3EFDEBC7B8DA48C885005E0F3D8167BE79FAA61DA67EAB112C599882D369A7446FFB888D483317B6A7E0A6AC0CCB6ADD70D511AD81FDCDD71D40C5A40B3627872CE2EDD092B2ED810F6F5F3AE3C02D97856002D646C750910C9B6917615BA8D8D0345514B5F7B37EF910BE98C8E42FF9F9C2FE04F3252C2894D67A033AB22CA3B1BFA9FEB208509654755F3B83121AB827BC481F2E435F68EA144ECCC19670F5C234369F97461A9AFEAE48917B2D767E925D3B94C6380F4A1891EE20A1413C358EC93C8D0D34E90C424BCA367AB4B7C63FDFA0931FB8735ECC5FE22694F8E2784389AC68974BBF1FB5196A5CFA63D30464968927752F1F8F216A07A467EFBCFD4078203DA384AC63A6A304AC56114D2BBDF9212F58BDE3AC556E168ACBF0AB63370D44E90D63E5CEDACA9D94F248B74A783E3852BE5BFF73E27F6FAE6BD0BE5A7A014262CBFB7ADB6A29477D9F2F5FB45E9AD5F16C07B06CA166455C83377C52BF61D06D8CCA11B692F7F05E96264C52295C73D6CD991190A54A2B097BFDBBA8B89A5DFCD1FF9DAFD24542B78FF5F00AF78890EA8297223CCAD28DEE98D829750A17298ABE7F3ED70E7370B1CDE1B4F23C24D69F0F4EA9F821B89BAA2D4577A247118EEF70F780FEF57DB587E1F3EAE54748615BE921CA766FC7EC2961E36EFB41CFC607B989ED0C4254057FD9D39715A35C872ED17407856C80C35F65BD181B181942CB5D62710FE60D0347FEEC2AC3ACE45EA72FCB4256EC07C0383B6CF930CF56CDB9803CEE74A66F83ABEF9C75A0D222BF02C3535B6E3C0DC3124A0E603B9E6A89A3BF636305D2174A2B379C4E36685993C8E8B4E44905D2D352B9EE9101910DCB6931C904D16CB0A079B6669DA3FF8F925A3119EF27F4164DA23405F8F135E454D09BEA876E27449E5884884A24833F3BE93165240285E43A3E4B296CAB04891F574787335DDF17085F77B37AFCD8221AB748FCB28CA2C664931C397E2CD70F8EC8D21C467A16A1F33EB1A5E9C0CA80EC81697A40FE6B01753AC39216301D9763D401DE1460DEC6BC546FDB648C79F9A7B80D6A8CD2AC8E09970D52B1FD4D780A51DBDDC4FDCB53A3D6DB50C6959C78AE8E1912BBD9B259159BEFE965834EB8F17F00A10DE857A49A6E94BA5E930998F283CB035C83174B17596B4C3ECFAC1912AB9799A92E2A01D6A0004753E3D2E5F8748A697D4007DF99C32C3E6C1C3DDDDEF90B9539D716DCF3F95CFC4CA0A9D9AD13E570C55A708986D1304740AAE543C4506D96DB45AC0547854735EFAB7814C8FF5029B256DA0C58E6BC618008117E92228B618103642E8AE533D5859178AB2B39E3B0D044195F531E8304DCA4B883E1B2DFDA12663E9D5FE976935CCC1594C6284A68C4CECAAF842F55EF35FB3
+20210528131122 2 6 100 8191 2 F08476CF6891E7C1CE5A873D1D744FC41D579F53B1F877B0F280D44DF57BEBB3EFDEBC7B8DA48C885005E0F3D8167BE79FAA61DA67EAB112C599882D369A7446FFB888D483317B6A7E0A6AC0CCB6ADD70D511AD81FDCDD71D40C5A40B3627872CE2EDD092B2ED810F6F5F3AE3C02D97856002D646C750910C9B6917615BA8D8D0345514B5F7B37EF910BE98C8E42FF9F9C2FE04F3252C2894D67A033AB22CA3B1BFA9FEB208509654755F3B83121AB827BC481F2E435F68EA144ECCC19670F5C234369F97461A9AFEAE48917B2D767E925D3B94C6380F4A1891EE20A1413C358EC93C8D0D34E90C424BCA367AB4B7C63FDFA0931FB8735ECC5FE22694F8E2784389AC68974BBF1FB5196A5CFA63D30464968927752F1F8F216A07A467EFBCFD4078203DA384AC63A6A304AC56114D2BBDF9212F58BDE3AC556E168ACBF0AB63370D44E90D63E5CEDACA9D94F248B74A783E3852BE5BFF73E27F6FAE6BD0BE5A7A014262CBFB7ADB6A29477D9F2F5FB45E9AD5F16C07B06CA166455C83377C52BF61D06D8CCA11B692F7F05E96264C52295C73D6CD991190A54A2B097BFDBBA8B89A5DFCD1FF9DAFD24542B78FF5F00AF78890EA8297223CCAD28DEE98D829750A17298ABE7F3ED70E7370B1CDE1B4F23C24D69F0F4EA9F821B89BAA2D4577A247118EEF70F780FEF57DB587E1F3EAE54748615BE921CA766FC7EC2961E36EFB41CFC607B989ED0C4254057FD9D39715A35C872ED17407856C80C35F65BD181B181942CB5D62710FE60D0347FEEC2AC3ACE45EA72FCB4256EC07C0383B6CF930CF56CDB9803CEE74A66F83ABEF9C75A0D222BF02C3535B6E3C0DC3124A0E603B9E6A89A3BF636305D2174A2B379C4E36685993C8E8B4E44905D2D352B9EE9101910DCB6931C904D16CB0A079B6669DA3FF8F925A3119EF27F4164DA23405F8F135E454D09BEA876E27449E5884884A24833F3BE93165240285E43A3E4B296CAB04891F574787335DDF17085F77B37AFCD8221AB748FCB28CA2C664931C397E2CD70F8EC8D21C467A16A1F33EB1A5E9C0CA80EC81697A40FE6B01753AC39216301D9763D401DE1460DEC6BC546FDB648C79F9A7B80D6A8CD2AC8E09970D52B1FD4D780A51DBDDC4FDCB53A3D6DB50C6959C78AE8E1912BBD9B259159BEFE965834EB8F17F00A10DE857A49A6E94BA5E930998F283CB035C83174B17596B4C3ECFAC1912AB9799A92E2A01D6A0004753E3D2E5F8748A697D4007DF99C32C3E6C1C3DDDDEF90B9539D716DCF3F95CFC4CA0A9D9AD13E570C55A708986D1304740AAE543C4506D96DB45AC0547854735EFAB7814C8FF5029B256DA0C58E6BC618008117E92228B618103642E8AE533D5859178AB2B39E3B0D044195F531E8304DCA4B883E1B2DFDA12663E9D5FE976935CCC1594C6284A68C4CECAAF842F55EFEBC1B
+20210528133019 2 6 100 8191 2 F08476CF6891E7C1CE5A873D1D744FC41D579F53B1F877B0F280D44DF57BEBB3EFDEBC7B8DA48C885005E0F3D8167BE79FAA61DA67EAB112C599882D369A7446FFB888D483317B6A7E0A6AC0CCB6ADD70D511AD81FDCDD71D40C5A40B3627872CE2EDD092B2ED810F6F5F3AE3C02D97856002D646C750910C9B6917615BA8D8D0345514B5F7B37EF910BE98C8E42FF9F9C2FE04F3252C2894D67A033AB22CA3B1BFA9FEB208509654755F3B83121AB827BC481F2E435F68EA144ECCC19670F5C234369F97461A9AFEAE48917B2D767E925D3B94C6380F4A1891EE20A1413C358EC93C8D0D34E90C424BCA367AB4B7C63FDFA0931FB8735ECC5FE22694F8E2784389AC68974BBF1FB5196A5CFA63D30464968927752F1F8F216A07A467EFBCFD4078203DA384AC63A6A304AC56114D2BBDF9212F58BDE3AC556E168ACBF0AB63370D44E90D63E5CEDACA9D94F248B74A783E3852BE5BFF73E27F6FAE6BD0BE5A7A014262CBFB7ADB6A29477D9F2F5FB45E9AD5F16C07B06CA166455C83377C52BF61D06D8CCA11B692F7F05E96264C52295C73D6CD991190A54A2B097BFDBBA8B89A5DFCD1FF9DAFD24542B78FF5F00AF78890EA8297223CCAD28DEE98D829750A17298ABE7F3ED70E7370B1CDE1B4F23C24D69F0F4EA9F821B89BAA2D4577A247118EEF70F780FEF57DB587E1F3EAE54748615BE921CA766FC7EC2961E36EFB41CFC607B989ED0C4254057FD9D39715A35C872ED17407856C80C35F65BD181B181942CB5D62710FE60D0347FEEC2AC3ACE45EA72FCB4256EC07C0383B6CF930CF56CDB9803CEE74A66F83ABEF9C75A0D222BF02C3535B6E3C0DC3124A0E603B9E6A89A3BF636305D2174A2B379C4E36685993C8E8B4E44905D2D352B9EE9101910DCB6931C904D16CB0A079B6669DA3FF8F925A3119EF27F4164DA23405F8F135E454D09BEA876E27449E5884884A24833F3BE93165240285E43A3E4B296CAB04891F574787335DDF17085F77B37AFCD8221AB748FCB28CA2C664931C397E2CD70F8EC8D21C467A16A1F33EB1A5E9C0CA80EC81697A40FE6B01753AC39216301D9763D401DE1460DEC6BC546FDB648C79F9A7B80D6A8CD2AC8E09970D52B1FD4D780A51DBDDC4FDCB53A3D6DB50C6959C78AE8E1912BBD9B259159BEFE965834EB8F17F00A10DE857A49A6E94BA5E930998F283CB035C83174B17596B4C3ECFAC1912AB9799A92E2A01D6A0004753E3D2E5F8748A697D4007DF99C32C3E6C1C3DDDDEF90B9539D716DCF3F95CFC4CA0A9D9AD13E570C55A708986D1304740AAE543C4506D96DB45AC0547854735EFAB7814C8FF5029B256DA0C58E6BC618008117E92228B618103642E8AE533D5859178AB2B39E3B0D044195F531E8304DCA4B883E1B2DFDA12663E9D5FE976935CCC1594C6284A68C4CECAAF842F560345AEB
+20210528174944 2 6 100 8191 5 F08476CF6891E7C1CE5A873D1D744FC41D579F53B1F877B0F280D44DF57BEBB3EFDEBC7B8DA48C885005E0F3D8167BE79FAA61DA67EAB112C599882D369A7446FFB888D483317B6A7E0A6AC0CCB6ADD70D511AD81FDCDD71D40C5A40B3627872CE2EDD092B2ED810F6F5F3AE3C02D97856002D646C750910C9B6917615BA8D8D0345514B5F7B37EF910BE98C8E42FF9F9C2FE04F3252C2894D67A033AB22CA3B1BFA9FEB208509654755F3B83121AB827BC481F2E435F68EA144ECCC19670F5C234369F97461A9AFEAE48917B2D767E925D3B94C6380F4A1891EE20A1413C358EC93C8D0D34E90C424BCA367AB4B7C63FDFA0931FB8735ECC5FE22694F8E2784389AC68974BBF1FB5196A5CFA63D30464968927752F1F8F216A07A467EFBCFD4078203DA384AC63A6A304AC56114D2BBDF9212F58BDE3AC556E168ACBF0AB63370D44E90D63E5CEDACA9D94F248B74A783E3852BE5BFF73E27F6FAE6BD0BE5A7A014262CBFB7ADB6A29477D9F2F5FB45E9AD5F16C07B06CA166455C83377C52BF61D06D8CCA11B692F7F05E96264C52295C73D6CD991190A54A2B097BFDBBA8B89A5DFCD1FF9DAFD24542B78FF5F00AF78890EA8297223CCAD28DEE98D829750A17298ABE7F3ED70E7370B1CDE1B4F23C24D69F0F4EA9F821B89BAA2D4577A247118EEF70F780FEF57DB587E1F3EAE54748615BE921CA766FC7EC2961E36EFB41CFC607B989ED0C4254057FD9D39715A35C872ED17407856C80C35F65BD181B181942CB5D62710FE60D0347FEEC2AC3ACE45EA72FCB4256EC07C0383B6CF930CF56CDB9803CEE74A66F83ABEF9C75A0D222BF02C3535B6E3C0DC3124A0E603B9E6A89A3BF636305D2174A2B379C4E36685993C8E8B4E44905D2D352B9EE9101910DCB6931C904D16CB0A079B6669DA3FF8F925A3119EF27F4164DA23405F8F135E454D09BEA876E27449E5884884A24833F3BE93165240285E43A3E4B296CAB04891F574787335DDF17085F77B37AFCD8221AB748FCB28CA2C664931C397E2CD70F8EC8D21C467A16A1F33EB1A5E9C0CA80EC81697A40FE6B01753AC39216301D9763D401DE1460DEC6BC546FDB648C79F9A7B80D6A8CD2AC8E09970D52B1FD4D780A51DBDDC4FDCB53A3D6DB50C6959C78AE8E1912BBD9B259159BEFE965834EB8F17F00A10DE857A49A6E94BA5E930998F283CB035C83174B17596B4C3ECFAC1912AB9799A92E2A01D6A0004753E3D2E5F8748A697D4007DF99C32C3E6C1C3DDDDEF90B9539D716DCF3F95CFC4CA0A9D9AD13E570C55A708986D1304740AAE543C4506D96DB45AC0547854735EFAB7814C8FF5029B256DA0C58E6BC618008117E92228B618103642E8AE533D5859178AB2B39E3B0D044195F531E8304DCA4B883E1B2DFDA12663E9D5FE976935CCC1594C6284A68C4CECAAF842F570F3AF57
+20210528180427 2 6 100 8191 2 F08476CF6891E7C1CE5A873D1D744FC41D579F53B1F877B0F280D44DF57BEBB3EFDEBC7B8DA48C885005E0F3D8167BE79FAA61DA67EAB112C599882D369A7446FFB888D483317B6A7E0A6AC0CCB6ADD70D511AD81FDCDD71D40C5A40B3627872CE2EDD092B2ED810F6F5F3AE3C02D97856002D646C750910C9B6917615BA8D8D0345514B5F7B37EF910BE98C8E42FF9F9C2FE04F3252C2894D67A033AB22CA3B1BFA9FEB208509654755F3B83121AB827BC481F2E435F68EA144ECCC19670F5C234369F97461A9AFEAE48917B2D767E925D3B94C6380F4A1891EE20A1413C358EC93C8D0D34E90C424BCA367AB4B7C63FDFA0931FB8735ECC5FE22694F8E2784389AC68974BBF1FB5196A5CFA63D30464968927752F1F8F216A07A467EFBCFD4078203DA384AC63A6A304AC56114D2BBDF9212F58BDE3AC556E168ACBF0AB63370D44E90D63E5CEDACA9D94F248B74A783E3852BE5BFF73E27F6FAE6BD0BE5A7A014262CBFB7ADB6A29477D9F2F5FB45E9AD5F16C07B06CA166455C83377C52BF61D06D8CCA11B692F7F05E96264C52295C73D6CD991190A54A2B097BFDBBA8B89A5DFCD1FF9DAFD24542B78FF5F00AF78890EA8297223CCAD28DEE98D829750A17298ABE7F3ED70E7370B1CDE1B4F23C24D69F0F4EA9F821B89BAA2D4577A247118EEF70F780FEF57DB587E1F3EAE54748615BE921CA766FC7EC2961E36EFB41CFC607B989ED0C4254057FD9D39715A35C872ED17407856C80C35F65BD181B181942CB5D62710FE60D0347FEEC2AC3ACE45EA72FCB4256EC07C0383B6CF930CF56CDB9803CEE74A66F83ABEF9C75A0D222BF02C3535B6E3C0DC3124A0E603B9E6A89A3BF636305D2174A2B379C4E36685993C8E8B4E44905D2D352B9EE9101910DCB6931C904D16CB0A079B6669DA3FF8F925A3119EF27F4164DA23405F8F135E454D09BEA876E27449E5884884A24833F3BE93165240285E43A3E4B296CAB04891F574787335DDF17085F77B37AFCD8221AB748FCB28CA2C664931C397E2CD70F8EC8D21C467A16A1F33EB1A5E9C0CA80EC81697A40FE6B01753AC39216301D9763D401DE1460DEC6BC546FDB648C79F9A7B80D6A8CD2AC8E09970D52B1FD4D780A51DBDDC4FDCB53A3D6DB50C6959C78AE8E1912BBD9B259159BEFE965834EB8F17F00A10DE857A49A6E94BA5E930998F283CB035C83174B17596B4C3ECFAC1912AB9799A92E2A01D6A0004753E3D2E5F8748A697D4007DF99C32C3E6C1C3DDDDEF90B9539D716DCF3F95CFC4CA0A9D9AD13E570C55A708986D1304740AAE543C4506D96DB45AC0547854735EFAB7814C8FF5029B256DA0C58E6BC618008117E92228B618103642E8AE533D5859178AB2B39E3B0D044195F531E8304DCA4B883E1B2DFDA12663E9D5FE976935CCC1594C6284A68C4CECAAF842F571DF3C6B
+20210528235428 2 6 100 8191 2 F08476CF6891E7C1CE5A873D1D744FC41D579F53B1F877B0F280D44DF57BEBB3EFDEBC7B8DA48C885005E0F3D8167BE79FAA61DA67EAB112C599882D369A7446FFB888D483317B6A7E0A6AC0CCB6ADD70D511AD81FDCDD71D40C5A40B3627872CE2EDD092B2ED810F6F5F3AE3C02D97856002D646C750910C9B6917615BA8D8D0345514B5F7B37EF910BE98C8E42FF9F9C2FE04F3252C2894D67A033AB22CA3B1BFA9FEB208509654755F3B83121AB827BC481F2E435F68EA144ECCC19670F5C234369F97461A9AFEAE48917B2D767E925D3B94C6380F4A1891EE20A1413C358EC93C8D0D34E90C424BCA367AB4B7C63FDFA0931FB8735ECC5FE22694F8E2784389AC68974BBF1FB5196A5CFA63D30464968927752F1F8F216A07A467EFBCFD4078203DA384AC63A6A304AC56114D2BBDF9212F58BDE3AC556E168ACBF0AB63370D44E90D63E5CEDACA9D94F248B74A783E3852BE5BFF73E27F6FAE6BD0BE5A7A014262CBFB7ADB6A29477D9F2F5FB45E9AD5F16C07B06CA166455C83377C52BF61D06D8CCA11B692F7F05E96264C52295C73D6CD991190A54A2B097BFDBBA8B89A5DFCD1FF9DAFD24542B78FF5F00AF78890EA8297223CCAD28DEE98D829750A17298ABE7F3ED70E7370B1CDE1B4F23C24D69F0F4EA9F821B89BAA2D4577A247118EEF70F780FEF57DB587E1F3EAE54748615BE921CA766FC7EC2961E36EFB41CFC607B989ED0C4254057FD9D39715A35C872ED17407856C80C35F65BD181B181942CB5D62710FE60D0347FEEC2AC3ACE45EA72FCB4256EC07C0383B6CF930CF56CDB9803CEE74A66F83ABEF9C75A0D222BF02C3535B6E3C0DC3124A0E603B9E6A89A3BF636305D2174A2B379C4E36685993C8E8B4E44905D2D352B9EE9101910DCB6931C904D16CB0A079B6669DA3FF8F925A3119EF27F4164DA23405F8F135E454D09BEA876E27449E5884884A24833F3BE93165240285E43A3E4B296CAB04891F574787335DDF17085F77B37AFCD8221AB748FCB28CA2C664931C397E2CD70F8EC8D21C467A16A1F33EB1A5E9C0CA80EC81697A40FE6B01753AC39216301D9763D401DE1460DEC6BC546FDB648C79F9A7B80D6A8CD2AC8E09970D52B1FD4D780A51DBDDC4FDCB53A3D6DB50C6959C78AE8E1912BBD9B259159BEFE965834EB8F17F00A10DE857A49A6E94BA5E930998F283CB035C83174B17596B4C3ECFAC1912AB9799A92E2A01D6A0004753E3D2E5F8748A697D4007DF99C32C3E6C1C3DDDDEF90B9539D716DCF3F95CFC4CA0A9D9AD13E570C55A708986D1304740AAE543C4506D96DB45AC0547854735EFAB7814C8FF5029B256DA0C58E6BC618008117E92228B618103642E8AE533D5859178AB2B39E3B0D044195F531E8304DCA4B883E1B2DFDA12663E9D5FE976935CCC1594C6284A68C4CECAAF842F587F3BDB3
+20210529021000 2 6 100 8191 2 F08476CF6891E7C1CE5A873D1D744FC41D579F53B1F877B0F280D44DF57BEBB3EFDEBC7B8DA48C885005E0F3D8167BE79FAA61DA67EAB112C599882D369A7446FFB888D483317B6A7E0A6AC0CCB6ADD70D511AD81FDCDD71D40C5A40B3627872CE2EDD092B2ED810F6F5F3AE3C02D97856002D646C750910C9B6917615BA8D8D0345514B5F7B37EF910BE98C8E42FF9F9C2FE04F3252C2894D67A033AB22CA3B1BFA9FEB208509654755F3B83121AB827BC481F2E435F68EA144ECCC19670F5C234369F97461A9AFEAE48917B2D767E925D3B94C6380F4A1891EE20A1413C358EC93C8D0D34E90C424BCA367AB4B7C63FDFA0931FB8735ECC5FE22694F8E2784389AC68974BBF1FB5196A5CFA63D30464968927752F1F8F216A07A467EFBCFD4078203DA384AC63A6A304AC56114D2BBDF9212F58BDE3AC556E168ACBF0AB63370D44E90D63E5CEDACA9D94F248B74A783E3852BE5BFF73E27F6FAE6BD0BE5A7A014262CBFB7ADB6A29477D9F2F5FB45E9AD5F16C07B06CA166455C83377C52BF61D06D8CCA11B692F7F05E96264C52295C73D6CD991190A54A2B097BFDBBA8B89A5DFCD1FF9DAFD24542B78FF5F00AF78890EA8297223CCAD28DEE98D829750A17298ABE7F3ED70E7370B1CDE1B4F23C24D69F0F4EA9F821B89BAA2D4577A247118EEF70F780FEF57DB587E1F3EAE54748615BE921CA766FC7EC2961E36EFB41CFC607B989ED0C4254057FD9D39715A35C872ED17407856C80C35F65BD181B181942CB5D62710FE60D0347FEEC2AC3ACE45EA72FCB4256EC07C0383B6CF930CF56CDB9803CEE74A66F83ABEF9C75A0D222BF02C3535B6E3C0DC3124A0E603B9E6A89A3BF636305D2174A2B379C4E36685993C8E8B4E44905D2D352B9EE9101910DCB6931C904D16CB0A079B6669DA3FF8F925A3119EF27F4164DA23405F8F135E454D09BEA876E27449E5884884A24833F3BE93165240285E43A3E4B296CAB04891F574787335DDF17085F77B37AFCD8221AB748FCB28CA2C664931C397E2CD70F8EC8D21C467A16A1F33EB1A5E9C0CA80EC81697A40FE6B01753AC39216301D9763D401DE1460DEC6BC546FDB648C79F9A7B80D6A8CD2AC8E09970D52B1FD4D780A51DBDDC4FDCB53A3D6DB50C6959C78AE8E1912BBD9B259159BEFE965834EB8F17F00A10DE857A49A6E94BA5E930998F283CB035C83174B17596B4C3ECFAC1912AB9799A92E2A01D6A0004753E3D2E5F8748A697D4007DF99C32C3E6C1C3DDDDEF90B9539D716DCF3F95CFC4CA0A9D9AD13E570C55A708986D1304740AAE543C4506D96DB45AC0547854735EFAB7814C8FF5029B256DA0C58E6BC618008117E92228B618103642E8AE533D5859178AB2B39E3B0D044195F531E8304DCA4B883E1B2DFDA12663E9D5FE976935CCC1594C6284A68C4CECAAF842F590536F63
+20210529024531 2 6 100 8191 2 F08476CF6891E7C1CE5A873D1D744FC41D579F53B1F877B0F280D44DF57BEBB3EFDEBC7B8DA48C885005E0F3D8167BE79FAA61DA67EAB112C599882D369A7446FFB888D483317B6A7E0A6AC0CCB6ADD70D511AD81FDCDD71D40C5A40B3627872CE2EDD092B2ED810F6F5F3AE3C02D97856002D646C750910C9B6917615BA8D8D0345514B5F7B37EF910BE98C8E42FF9F9C2FE04F3252C2894D67A033AB22CA3B1BFA9FEB208509654755F3B83121AB827BC481F2E435F68EA144ECCC19670F5C234369F97461A9AFEAE48917B2D767E925D3B94C6380F4A1891EE20A1413C358EC93C8D0D34E90C424BCA367AB4B7C63FDFA0931FB8735ECC5FE22694F8E2784389AC68974BBF1FB5196A5CFA63D30464968927752F1F8F216A07A467EFBCFD4078203DA384AC63A6A304AC56114D2BBDF9212F58BDE3AC556E168ACBF0AB63370D44E90D63E5CEDACA9D94F248B74A783E3852BE5BFF73E27F6FAE6BD0BE5A7A014262CBFB7ADB6A29477D9F2F5FB45E9AD5F16C07B06CA166455C83377C52BF61D06D8CCA11B692F7F05E96264C52295C73D6CD991190A54A2B097BFDBBA8B89A5DFCD1FF9DAFD24542B78FF5F00AF78890EA8297223CCAD28DEE98D829750A17298ABE7F3ED70E7370B1CDE1B4F23C24D69F0F4EA9F821B89BAA2D4577A247118EEF70F780FEF57DB587E1F3EAE54748615BE921CA766FC7EC2961E36EFB41CFC607B989ED0C4254057FD9D39715A35C872ED17407856C80C35F65BD181B181942CB5D62710FE60D0347FEEC2AC3ACE45EA72FCB4256EC07C0383B6CF930CF56CDB9803CEE74A66F83ABEF9C75A0D222BF02C3535B6E3C0DC3124A0E603B9E6A89A3BF636305D2174A2B379C4E36685993C8E8B4E44905D2D352B9EE9101910DCB6931C904D16CB0A079B6669DA3FF8F925A3119EF27F4164DA23405F8F135E454D09BEA876E27449E5884884A24833F3BE93165240285E43A3E4B296CAB04891F574787335DDF17085F77B37AFCD8221AB748FCB28CA2C664931C397E2CD70F8EC8D21C467A16A1F33EB1A5E9C0CA80EC81697A40FE6B01753AC39216301D9763D401DE1460DEC6BC546FDB648C79F9A7B80D6A8CD2AC8E09970D52B1FD4D780A51DBDDC4FDCB53A3D6DB50C6959C78AE8E1912BBD9B259159BEFE965834EB8F17F00A10DE857A49A6E94BA5E930998F283CB035C83174B17596B4C3ECFAC1912AB9799A92E2A01D6A0004753E3D2E5F8748A697D4007DF99C32C3E6C1C3DDDDEF90B9539D716DCF3F95CFC4CA0A9D9AD13E570C55A708986D1304740AAE543C4506D96DB45AC0547854735EFAB7814C8FF5029B256DA0C58E6BC618008117E92228B618103642E8AE533D5859178AB2B39E3B0D044195F531E8304DCA4B883E1B2DFDA12663E9D5FE976935CCC1594C6284A68C4CECAAF842F5927CEA53
+20210529031713 2 6 100 8191 5 D8A2E2F024645B5A3FB339A2EF06A3E46CD2AA808530C320F121CE1EEBEE128D6DB4C49492881B35E5AA8C43CAA07E7F69A5C4ECD0EE62A29FC191B9C0DD6955E23E831A0573135B9931D03A5BBCA961410CA287D08D53C0E8CFEC19534C4FECBAD0F2BE625802AF1B504F59A4A88DAA5F52F221E0E9E0DB1396F07EAF2CA88B79D8CF35EF154A69569C545CA1D04A07ADE3628243039985880B79972FB9F5070951D40C9D21C1729348152724531B270C9DEBB5B2C730C72F4EA3932DB44BD3C746E082856A4109A37BA979164881D5B8007807FF1A7E0C48F99DBBE1709585203E579AE201D295E720CDD45B3A8652A7CE878765E699727641410F840871B4362DC51A3D4D15980876649089CE845B5733497FB8E7B2568EF8627EC1BEE0434A3A72094132A0BA0CA102A440952285823FB09684A1C52468193F6E8A6CC9D935C13FCC661DED5CB84B5D5DF721447531787F78AB31AA1D6342460A8B896518640B7DCF3825B52D46469351EF17E586B661D5C0E792C0AA0B0309B8A4BECB3B267BB459C7452387FF6028EEC1C6DFAE3EE9452EB7A7CFB9CDD361B45FF29E6648BD94712BEF29A1C86C492231F710BC66BF8CF83F8765EF6DBA6857C733789DD71245F17C6FA03DD07FCFFBC450029776FDB4F4B411D4B4A98E090CB79B4CF990398FE1C147CE959C8C11D5DE9A4271EA4CA3D8A50A6F7081A2B0F95AA4AD80081511C357D9F15B7547F0A725EED4EE7FDDAE32A3D00512984928679C51375777E968FE3363DCC495300762C7C6D32F4088DB4D4D4449610D05E87CECADA742827EF2B4EF1D064CEB0EEBB01264306F3E24D6260483829576F88B8346764429722BFD0FE3845F541837ACFFEDA101E0E082F618630B741BE1A9E44C677A947FEC31F08EB338798617A09C38EF3FF31A677E62DCDBA2C56D37B1F16AD2B06F41D3E5CDE9A9B7179B6EC46DF99D857521DF29E8012A1AFE6F2F0658171F56EEA20E531C3B2E02864B130BB0BA476F23024DCCA6411CE1BBD1D5C9F5346DB36334117AAF7A1B4ABE86470CABDF862010F5AE3129CA17F36BA89EE3DB83641804EC2455ED75686342E9F339068A77258BBC292E05AF5C233F5B74CA83080CC5DAE01E977E2F7D1ADC36803398B81DAC22DE391F512912148392371C658C416C96C8C3035928EDBB418CF249C9C02793AE6661AB04B4C6C944F55B23CB5621511DACD8EC5C1ECD463620CAC79C38B6CC95FA8993482EA255246D30DA6EA67C677889F56CDF4466F5D968069E152B0BE30B64E1B18607035D7D15503D364B73BAB5582CDF290FE30D2EB7A4F6F797D80702CC448E1153A3A9D882445C73BA490388588F31FA6C14BA7DBFAD39E1CE6B0E2FAD69015F81FF6DAAC56420A478CF717DD952A0DC51B1E38113CF5EF2AC2EC08B6F6CB427A06AD990213C09DB2CA36AA3B7
+20210529041139 2 6 100 8191 2 D8A2E2F024645B5A3FB339A2EF06A3E46CD2AA808530C320F121CE1EEBEE128D6DB4C49492881B35E5AA8C43CAA07E7F69A5C4ECD0EE62A29FC191B9C0DD6955E23E831A0573135B9931D03A5BBCA961410CA287D08D53C0E8CFEC19534C4FECBAD0F2BE625802AF1B504F59A4A88DAA5F52F221E0E9E0DB1396F07EAF2CA88B79D8CF35EF154A69569C545CA1D04A07ADE3628243039985880B79972FB9F5070951D40C9D21C1729348152724531B270C9DEBB5B2C730C72F4EA3932DB44BD3C746E082856A4109A37BA979164881D5B8007807FF1A7E0C48F99DBBE1709585203E579AE201D295E720CDD45B3A8652A7CE878765E699727641410F840871B4362DC51A3D4D15980876649089CE845B5733497FB8E7B2568EF8627EC1BEE0434A3A72094132A0BA0CA102A440952285823FB09684A1C52468193F6E8A6CC9D935C13FCC661DED5CB84B5D5DF721447531787F78AB31AA1D6342460A8B896518640B7DCF3825B52D46469351EF17E586B661D5C0E792C0AA0B0309B8A4BECB3B267BB459C7452387FF6028EEC1C6DFAE3EE9452EB7A7CFB9CDD361B45FF29E6648BD94712BEF29A1C86C492231F710BC66BF8CF83F8765EF6DBA6857C733789DD71245F17C6FA03DD07FCFFBC450029776FDB4F4B411D4B4A98E090CB79B4CF990398FE1C147CE959C8C11D5DE9A4271EA4CA3D8A50A6F7081A2B0F95AA4AD80081511C357D9F15B7547F0A725EED4EE7FDDAE32A3D00512984928679C51375777E968FE3363DCC495300762C7C6D32F4088DB4D4D4449610D05E87CECADA742827EF2B4EF1D064CEB0EEBB01264306F3E24D6260483829576F88B8346764429722BFD0FE3845F541837ACFFEDA101E0E082F618630B741BE1A9E44C677A947FEC31F08EB338798617A09C38EF3FF31A677E62DCDBA2C56D37B1F16AD2B06F41D3E5CDE9A9B7179B6EC46DF99D857521DF29E8012A1AFE6F2F0658171F56EEA20E531C3B2E02864B130BB0BA476F23024DCCA6411CE1BBD1D5C9F5346DB36334117AAF7A1B4ABE86470CABDF862010F5AE3129CA17F36BA89EE3DB83641804EC2455ED75686342E9F339068A77258BBC292E05AF5C233F5B74CA83080CC5DAE01E977E2F7D1ADC36803398B81DAC22DE391F512912148392371C658C416C96C8C3035928EDBB418CF249C9C02793AE6661AB04B4C6C944F55B23CB5621511DACD8EC5C1ECD463620CAC79C38B6CC95FA8993482EA255246D30DA6EA67C677889F56CDF4466F5D968069E152B0BE30B64E1B18607035D7D15503D364B73BAB5582CDF290FE30D2EB7A4F6F797D80702CC448E1153A3A9D882445C73BA490388588F31FA6C14BA7DBFAD39E1CE6B0E2FAD69015F81FF6DAAC56420A478CF717DD952A0DC51B1E38113CF5EF2AC2EC08B6F6CB427A06AD990213C09DB2CA75D422B
+20210529050432 2 6 100 8191 2 D8A2E2F024645B5A3FB339A2EF06A3E46CD2AA808530C320F121CE1EEBEE128D6DB4C49492881B35E5AA8C43CAA07E7F69A5C4ECD0EE62A29FC191B9C0DD6955E23E831A0573135B9931D03A5BBCA961410CA287D08D53C0E8CFEC19534C4FECBAD0F2BE625802AF1B504F59A4A88DAA5F52F221E0E9E0DB1396F07EAF2CA88B79D8CF35EF154A69569C545CA1D04A07ADE3628243039985880B79972FB9F5070951D40C9D21C1729348152724531B270C9DEBB5B2C730C72F4EA3932DB44BD3C746E082856A4109A37BA979164881D5B8007807FF1A7E0C48F99DBBE1709585203E579AE201D295E720CDD45B3A8652A7CE878765E699727641410F840871B4362DC51A3D4D15980876649089CE845B5733497FB8E7B2568EF8627EC1BEE0434A3A72094132A0BA0CA102A440952285823FB09684A1C52468193F6E8A6CC9D935C13FCC661DED5CB84B5D5DF721447531787F78AB31AA1D6342460A8B896518640B7DCF3825B52D46469351EF17E586B661D5C0E792C0AA0B0309B8A4BECB3B267BB459C7452387FF6028EEC1C6DFAE3EE9452EB7A7CFB9CDD361B45FF29E6648BD94712BEF29A1C86C492231F710BC66BF8CF83F8765EF6DBA6857C733789DD71245F17C6FA03DD07FCFFBC450029776FDB4F4B411D4B4A98E090CB79B4CF990398FE1C147CE959C8C11D5DE9A4271EA4CA3D8A50A6F7081A2B0F95AA4AD80081511C357D9F15B7547F0A725EED4EE7FDDAE32A3D00512984928679C51375777E968FE3363DCC495300762C7C6D32F4088DB4D4D4449610D05E87CECADA742827EF2B4EF1D064CEB0EEBB01264306F3E24D6260483829576F88B8346764429722BFD0FE3845F541837ACFFEDA101E0E082F618630B741BE1A9E44C677A947FEC31F08EB338798617A09C38EF3FF31A677E62DCDBA2C56D37B1F16AD2B06F41D3E5CDE9A9B7179B6EC46DF99D857521DF29E8012A1AFE6F2F0658171F56EEA20E531C3B2E02864B130BB0BA476F23024DCCA6411CE1BBD1D5C9F5346DB36334117AAF7A1B4ABE86470CABDF862010F5AE3129CA17F36BA89EE3DB83641804EC2455ED75686342E9F339068A77258BBC292E05AF5C233F5B74CA83080CC5DAE01E977E2F7D1ADC36803398B81DAC22DE391F512912148392371C658C416C96C8C3035928EDBB418CF249C9C02793AE6661AB04B4C6C944F55B23CB5621511DACD8EC5C1ECD463620CAC79C38B6CC95FA8993482EA255246D30DA6EA67C677889F56CDF4466F5D968069E152B0BE30B64E1B18607035D7D15503D364B73BAB5582CDF290FE30D2EB7A4F6F797D80702CC448E1153A3A9D882445C73BA490388588F31FA6C14BA7DBFAD39E1CE6B0E2FAD69015F81FF6DAAC56420A478CF717DD952A0DC51B1E38113CF5EF2AC2EC08B6F6CB427A06AD990213C09DB2CAB1C588B
+20210529050545 2 6 100 8191 5 D8A2E2F024645B5A3FB339A2EF06A3E46CD2AA808530C320F121CE1EEBEE128D6DB4C49492881B35E5AA8C43CAA07E7F69A5C4ECD0EE62A29FC191B9C0DD6955E23E831A0573135B9931D03A5BBCA961410CA287D08D53C0E8CFEC19534C4FECBAD0F2BE625802AF1B504F59A4A88DAA5F52F221E0E9E0DB1396F07EAF2CA88B79D8CF35EF154A69569C545CA1D04A07ADE3628243039985880B79972FB9F5070951D40C9D21C1729348152724531B270C9DEBB5B2C730C72F4EA3932DB44BD3C746E082856A4109A37BA979164881D5B8007807FF1A7E0C48F99DBBE1709585203E579AE201D295E720CDD45B3A8652A7CE878765E699727641410F840871B4362DC51A3D4D15980876649089CE845B5733497FB8E7B2568EF8627EC1BEE0434A3A72094132A0BA0CA102A440952285823FB09684A1C52468193F6E8A6CC9D935C13FCC661DED5CB84B5D5DF721447531787F78AB31AA1D6342460A8B896518640B7DCF3825B52D46469351EF17E586B661D5C0E792C0AA0B0309B8A4BECB3B267BB459C7452387FF6028EEC1C6DFAE3EE9452EB7A7CFB9CDD361B45FF29E6648BD94712BEF29A1C86C492231F710BC66BF8CF83F8765EF6DBA6857C733789DD71245F17C6FA03DD07FCFFBC450029776FDB4F4B411D4B4A98E090CB79B4CF990398FE1C147CE959C8C11D5DE9A4271EA4CA3D8A50A6F7081A2B0F95AA4AD80081511C357D9F15B7547F0A725EED4EE7FDDAE32A3D00512984928679C51375777E968FE3363DCC495300762C7C6D32F4088DB4D4D4449610D05E87CECADA742827EF2B4EF1D064CEB0EEBB01264306F3E24D6260483829576F88B8346764429722BFD0FE3845F541837ACFFEDA101E0E082F618630B741BE1A9E44C677A947FEC31F08EB338798617A09C38EF3FF31A677E62DCDBA2C56D37B1F16AD2B06F41D3E5CDE9A9B7179B6EC46DF99D857521DF29E8012A1AFE6F2F0658171F56EEA20E531C3B2E02864B130BB0BA476F23024DCCA6411CE1BBD1D5C9F5346DB36334117AAF7A1B4ABE86470CABDF862010F5AE3129CA17F36BA89EE3DB83641804EC2455ED75686342E9F339068A77258BBC292E05AF5C233F5B74CA83080CC5DAE01E977E2F7D1ADC36803398B81DAC22DE391F512912148392371C658C416C96C8C3035928EDBB418CF249C9C02793AE6661AB04B4C6C944F55B23CB5621511DACD8EC5C1ECD463620CAC79C38B6CC95FA8993482EA255246D30DA6EA67C677889F56CDF4466F5D968069E152B0BE30B64E1B18607035D7D15503D364B73BAB5582CDF290FE30D2EB7A4F6F797D80702CC448E1153A3A9D882445C73BA490388588F31FA6C14BA7DBFAD39E1CE6B0E2FAD69015F81FF6DAAC56420A478CF717DD952A0DC51B1E38113CF5EF2AC2EC08B6F6CB427A06AD990213C09DB2CAB28E9FF
+20210529063055 2 6 100 8191 5 D8A2E2F024645B5A3FB339A2EF06A3E46CD2AA808530C320F121CE1EEBEE128D6DB4C49492881B35E5AA8C43CAA07E7F69A5C4ECD0EE62A29FC191B9C0DD6955E23E831A0573135B9931D03A5BBCA961410CA287D08D53C0E8CFEC19534C4FECBAD0F2BE625802AF1B504F59A4A88DAA5F52F221E0E9E0DB1396F07EAF2CA88B79D8CF35EF154A69569C545CA1D04A07ADE3628243039985880B79972FB9F5070951D40C9D21C1729348152724531B270C9DEBB5B2C730C72F4EA3932DB44BD3C746E082856A4109A37BA979164881D5B8007807FF1A7E0C48F99DBBE1709585203E579AE201D295E720CDD45B3A8652A7CE878765E699727641410F840871B4362DC51A3D4D15980876649089CE845B5733497FB8E7B2568EF8627EC1BEE0434A3A72094132A0BA0CA102A440952285823FB09684A1C52468193F6E8A6CC9D935C13FCC661DED5CB84B5D5DF721447531787F78AB31AA1D6342460A8B896518640B7DCF3825B52D46469351EF17E586B661D5C0E792C0AA0B0309B8A4BECB3B267BB459C7452387FF6028EEC1C6DFAE3EE9452EB7A7CFB9CDD361B45FF29E6648BD94712BEF29A1C86C492231F710BC66BF8CF83F8765EF6DBA6857C733789DD71245F17C6FA03DD07FCFFBC450029776FDB4F4B411D4B4A98E090CB79B4CF990398FE1C147CE959C8C11D5DE9A4271EA4CA3D8A50A6F7081A2B0F95AA4AD80081511C357D9F15B7547F0A725EED4EE7FDDAE32A3D00512984928679C51375777E968FE3363DCC495300762C7C6D32F4088DB4D4D4449610D05E87CECADA742827EF2B4EF1D064CEB0EEBB01264306F3E24D6260483829576F88B8346764429722BFD0FE3845F541837ACFFEDA101E0E082F618630B741BE1A9E44C677A947FEC31F08EB338798617A09C38EF3FF31A677E62DCDBA2C56D37B1F16AD2B06F41D3E5CDE9A9B7179B6EC46DF99D857521DF29E8012A1AFE6F2F0658171F56EEA20E531C3B2E02864B130BB0BA476F23024DCCA6411CE1BBD1D5C9F5346DB36334117AAF7A1B4ABE86470CABDF862010F5AE3129CA17F36BA89EE3DB83641804EC2455ED75686342E9F339068A77258BBC292E05AF5C233F5B74CA83080CC5DAE01E977E2F7D1ADC36803398B81DAC22DE391F512912148392371C658C416C96C8C3035928EDBB418CF249C9C02793AE6661AB04B4C6C944F55B23CB5621511DACD8EC5C1ECD463620CAC79C38B6CC95FA8993482EA255246D30DA6EA67C677889F56CDF4466F5D968069E152B0BE30B64E1B18607035D7D15503D364B73BAB5582CDF290FE30D2EB7A4F6F797D80702CC448E1153A3A9D882445C73BA490388588F31FA6C14BA7DBFAD39E1CE6B0E2FAD69015F81FF6DAAC56420A478CF717DD952A0DC51B1E38113CF5EF2AC2EC08B6F6CB427A06AD990213C09DB2CB131E3CF
+20210529074241 2 6 100 8191 5 D8A2E2F024645B5A3FB339A2EF06A3E46CD2AA808530C320F121CE1EEBEE128D6DB4C49492881B35E5AA8C43CAA07E7F69A5C4ECD0EE62A29FC191B9C0DD6955E23E831A0573135B9931D03A5BBCA961410CA287D08D53C0E8CFEC19534C4FECBAD0F2BE625802AF1B504F59A4A88DAA5F52F221E0E9E0DB1396F07EAF2CA88B79D8CF35EF154A69569C545CA1D04A07ADE3628243039985880B79972FB9F5070951D40C9D21C1729348152724531B270C9DEBB5B2C730C72F4EA3932DB44BD3C746E082856A4109A37BA979164881D5B8007807FF1A7E0C48F99DBBE1709585203E579AE201D295E720CDD45B3A8652A7CE878765E699727641410F840871B4362DC51A3D4D15980876649089CE845B5733497FB8E7B2568EF8627EC1BEE0434A3A72094132A0BA0CA102A440952285823FB09684A1C52468193F6E8A6CC9D935C13FCC661DED5CB84B5D5DF721447531787F78AB31AA1D6342460A8B896518640B7DCF3825B52D46469351EF17E586B661D5C0E792C0AA0B0309B8A4BECB3B267BB459C7452387FF6028EEC1C6DFAE3EE9452EB7A7CFB9CDD361B45FF29E6648BD94712BEF29A1C86C492231F710BC66BF8CF83F8765EF6DBA6857C733789DD71245F17C6FA03DD07FCFFBC450029776FDB4F4B411D4B4A98E090CB79B4CF990398FE1C147CE959C8C11D5DE9A4271EA4CA3D8A50A6F7081A2B0F95AA4AD80081511C357D9F15B7547F0A725EED4EE7FDDAE32A3D00512984928679C51375777E968FE3363DCC495300762C7C6D32F4088DB4D4D4449610D05E87CECADA742827EF2B4EF1D064CEB0EEBB01264306F3E24D6260483829576F88B8346764429722BFD0FE3845F541837ACFFEDA101E0E082F618630B741BE1A9E44C677A947FEC31F08EB338798617A09C38EF3FF31A677E62DCDBA2C56D37B1F16AD2B06F41D3E5CDE9A9B7179B6EC46DF99D857521DF29E8012A1AFE6F2F0658171F56EEA20E531C3B2E02864B130BB0BA476F23024DCCA6411CE1BBD1D5C9F5346DB36334117AAF7A1B4ABE86470CABDF862010F5AE3129CA17F36BA89EE3DB83641804EC2455ED75686342E9F339068A77258BBC292E05AF5C233F5B74CA83080CC5DAE01E977E2F7D1ADC36803398B81DAC22DE391F512912148392371C658C416C96C8C3035928EDBB418CF249C9C02793AE6661AB04B4C6C944F55B23CB5621511DACD8EC5C1ECD463620CAC79C38B6CC95FA8993482EA255246D30DA6EA67C677889F56CDF4466F5D968069E152B0BE30B64E1B18607035D7D15503D364B73BAB5582CDF290FE30D2EB7A4F6F797D80702CC448E1153A3A9D882445C73BA490388588F31FA6C14BA7DBFAD39E1CE6B0E2FAD69015F81FF6DAAC56420A478CF717DD952A0DC51B1E38113CF5EF2AC2EC08B6F6CB427A06AD990213C09DB2CB6403B37
+20210529084711 2 6 100 8191 2 D8A2E2F024645B5A3FB339A2EF06A3E46CD2AA808530C320F121CE1EEBEE128D6DB4C49492881B35E5AA8C43CAA07E7F69A5C4ECD0EE62A29FC191B9C0DD6955E23E831A0573135B9931D03A5BBCA961410CA287D08D53C0E8CFEC19534C4FECBAD0F2BE625802AF1B504F59A4A88DAA5F52F221E0E9E0DB1396F07EAF2CA88B79D8CF35EF154A69569C545CA1D04A07ADE3628243039985880B79972FB9F5070951D40C9D21C1729348152724531B270C9DEBB5B2C730C72F4EA3932DB44BD3C746E082856A4109A37BA979164881D5B8007807FF1A7E0C48F99DBBE1709585203E579AE201D295E720CDD45B3A8652A7CE878765E699727641410F840871B4362DC51A3D4D15980876649089CE845B5733497FB8E7B2568EF8627EC1BEE0434A3A72094132A0BA0CA102A440952285823FB09684A1C52468193F6E8A6CC9D935C13FCC661DED5CB84B5D5DF721447531787F78AB31AA1D6342460A8B896518640B7DCF3825B52D46469351EF17E586B661D5C0E792C0AA0B0309B8A4BECB3B267BB459C7452387FF6028EEC1C6DFAE3EE9452EB7A7CFB9CDD361B45FF29E6648BD94712BEF29A1C86C492231F710BC66BF8CF83F8765EF6DBA6857C733789DD71245F17C6FA03DD07FCFFBC450029776FDB4F4B411D4B4A98E090CB79B4CF990398FE1C147CE959C8C11D5DE9A4271EA4CA3D8A50A6F7081A2B0F95AA4AD80081511C357D9F15B7547F0A725EED4EE7FDDAE32A3D00512984928679C51375777E968FE3363DCC495300762C7C6D32F4088DB4D4D4449610D05E87CECADA742827EF2B4EF1D064CEB0EEBB01264306F3E24D6260483829576F88B8346764429722BFD0FE3845F541837ACFFEDA101E0E082F618630B741BE1A9E44C677A947FEC31F08EB338798617A09C38EF3FF31A677E62DCDBA2C56D37B1F16AD2B06F41D3E5CDE9A9B7179B6EC46DF99D857521DF29E8012A1AFE6F2F0658171F56EEA20E531C3B2E02864B130BB0BA476F23024DCCA6411CE1BBD1D5C9F5346DB36334117AAF7A1B4ABE86470CABDF862010F5AE3129CA17F36BA89EE3DB83641804EC2455ED75686342E9F339068A77258BBC292E05AF5C233F5B74CA83080CC5DAE01E977E2F7D1ADC36803398B81DAC22DE391F512912148392371C658C416C96C8C3035928EDBB418CF249C9C02793AE6661AB04B4C6C944F55B23CB5621511DACD8EC5C1ECD463620CAC79C38B6CC95FA8993482EA255246D30DA6EA67C677889F56CDF4466F5D968069E152B0BE30B64E1B18607035D7D15503D364B73BAB5582CDF290FE30D2EB7A4F6F797D80702CC448E1153A3A9D882445C73BA490388588F31FA6C14BA7DBFAD39E1CE6B0E2FAD69015F81FF6DAAC56420A478CF717DD952A0DC51B1E38113CF5EF2AC2EC08B6F6CB427A06AD990213C09DB2CBAB7BD1B
+20210529091139 2 6 100 8191 2 D8A2E2F024645B5A3FB339A2EF06A3E46CD2AA808530C320F121CE1EEBEE128D6DB4C49492881B35E5AA8C43CAA07E7F69A5C4ECD0EE62A29FC191B9C0DD6955E23E831A0573135B9931D03A5BBCA961410CA287D08D53C0E8CFEC19534C4FECBAD0F2BE625802AF1B504F59A4A88DAA5F52F221E0E9E0DB1396F07EAF2CA88B79D8CF35EF154A69569C545CA1D04A07ADE3628243039985880B79972FB9F5070951D40C9D21C1729348152724531B270C9DEBB5B2C730C72F4EA3932DB44BD3C746E082856A4109A37BA979164881D5B8007807FF1A7E0C48F99DBBE1709585203E579AE201D295E720CDD45B3A8652A7CE878765E699727641410F840871B4362DC51A3D4D15980876649089CE845B5733497FB8E7B2568EF8627EC1BEE0434A3A72094132A0BA0CA102A440952285823FB09684A1C52468193F6E8A6CC9D935C13FCC661DED5CB84B5D5DF721447531787F78AB31AA1D6342460A8B896518640B7DCF3825B52D46469351EF17E586B661D5C0E792C0AA0B0309B8A4BECB3B267BB459C7452387FF6028EEC1C6DFAE3EE9452EB7A7CFB9CDD361B45FF29E6648BD94712BEF29A1C86C492231F710BC66BF8CF83F8765EF6DBA6857C733789DD71245F17C6FA03DD07FCFFBC450029776FDB4F4B411D4B4A98E090CB79B4CF990398FE1C147CE959C8C11D5DE9A4271EA4CA3D8A50A6F7081A2B0F95AA4AD80081511C357D9F15B7547F0A725EED4EE7FDDAE32A3D00512984928679C51375777E968FE3363DCC495300762C7C6D32F4088DB4D4D4449610D05E87CECADA742827EF2B4EF1D064CEB0EEBB01264306F3E24D6260483829576F88B8346764429722BFD0FE3845F541837ACFFEDA101E0E082F618630B741BE1A9E44C677A947FEC31F08EB338798617A09C38EF3FF31A677E62DCDBA2C56D37B1F16AD2B06F41D3E5CDE9A9B7179B6EC46DF99D857521DF29E8012A1AFE6F2F0658171F56EEA20E531C3B2E02864B130BB0BA476F23024DCCA6411CE1BBD1D5C9F5346DB36334117AAF7A1B4ABE86470CABDF862010F5AE3129CA17F36BA89EE3DB83641804EC2455ED75686342E9F339068A77258BBC292E05AF5C233F5B74CA83080CC5DAE01E977E2F7D1ADC36803398B81DAC22DE391F512912148392371C658C416C96C8C3035928EDBB418CF249C9C02793AE6661AB04B4C6C944F55B23CB5621511DACD8EC5C1ECD463620CAC79C38B6CC95FA8993482EA255246D30DA6EA67C677889F56CDF4466F5D968069E152B0BE30B64E1B18607035D7D15503D364B73BAB5582CDF290FE30D2EB7A4F6F797D80702CC448E1153A3A9D882445C73BA490388588F31FA6C14BA7DBFAD39E1CE6B0E2FAD69015F81FF6DAAC56420A478CF717DD952A0DC51B1E38113CF5EF2AC2EC08B6F6CB427A06AD990213C09DB2CBC6896B3
+20210529091418 2 6 100 8191 5 D8A2E2F024645B5A3FB339A2EF06A3E46CD2AA808530C320F121CE1EEBEE128D6DB4C49492881B35E5AA8C43CAA07E7F69A5C4ECD0EE62A29FC191B9C0DD6955E23E831A0573135B9931D03A5BBCA961410CA287D08D53C0E8CFEC19534C4FECBAD0F2BE625802AF1B504F59A4A88DAA5F52F221E0E9E0DB1396F07EAF2CA88B79D8CF35EF154A69569C545CA1D04A07ADE3628243039985880B79972FB9F5070951D40C9D21C1729348152724531B270C9DEBB5B2C730C72F4EA3932DB44BD3C746E082856A4109A37BA979164881D5B8007807FF1A7E0C48F99DBBE1709585203E579AE201D295E720CDD45B3A8652A7CE878765E699727641410F840871B4362DC51A3D4D15980876649089CE845B5733497FB8E7B2568EF8627EC1BEE0434A3A72094132A0BA0CA102A440952285823FB09684A1C52468193F6E8A6CC9D935C13FCC661DED5CB84B5D5DF721447531787F78AB31AA1D6342460A8B896518640B7DCF3825B52D46469351EF17E586B661D5C0E792C0AA0B0309B8A4BECB3B267BB459C7452387FF6028EEC1C6DFAE3EE9452EB7A7CFB9CDD361B45FF29E6648BD94712BEF29A1C86C492231F710BC66BF8CF83F8765EF6DBA6857C733789DD71245F17C6FA03DD07FCFFBC450029776FDB4F4B411D4B4A98E090CB79B4CF990398FE1C147CE959C8C11D5DE9A4271EA4CA3D8A50A6F7081A2B0F95AA4AD80081511C357D9F15B7547F0A725EED4EE7FDDAE32A3D00512984928679C51375777E968FE3363DCC495300762C7C6D32F4088DB4D4D4449610D05E87CECADA742827EF2B4EF1D064CEB0EEBB01264306F3E24D6260483829576F88B8346764429722BFD0FE3845F541837ACFFEDA101E0E082F618630B741BE1A9E44C677A947FEC31F08EB338798617A09C38EF3FF31A677E62DCDBA2C56D37B1F16AD2B06F41D3E5CDE9A9B7179B6EC46DF99D857521DF29E8012A1AFE6F2F0658171F56EEA20E531C3B2E02864B130BB0BA476F23024DCCA6411CE1BBD1D5C9F5346DB36334117AAF7A1B4ABE86470CABDF862010F5AE3129CA17F36BA89EE3DB83641804EC2455ED75686342E9F339068A77258BBC292E05AF5C233F5B74CA83080CC5DAE01E977E2F7D1ADC36803398B81DAC22DE391F512912148392371C658C416C96C8C3035928EDBB418CF249C9C02793AE6661AB04B4C6C944F55B23CB5621511DACD8EC5C1ECD463620CAC79C38B6CC95FA8993482EA255246D30DA6EA67C677889F56CDF4466F5D968069E152B0BE30B64E1B18607035D7D15503D364B73BAB5582CDF290FE30D2EB7A4F6F797D80702CC448E1153A3A9D882445C73BA490388588F31FA6C14BA7DBFAD39E1CE6B0E2FAD69015F81FF6DAAC56420A478CF717DD952A0DC51B1E38113CF5EF2AC2EC08B6F6CB427A06AD990213C09DB2CBC8EBF67
+20210529104434 2 6 100 8191 2 D8A2E2F024645B5A3FB339A2EF06A3E46CD2AA808530C320F121CE1EEBEE128D6DB4C49492881B35E5AA8C43CAA07E7F69A5C4ECD0EE62A29FC191B9C0DD6955E23E831A0573135B9931D03A5BBCA961410CA287D08D53C0E8CFEC19534C4FECBAD0F2BE625802AF1B504F59A4A88DAA5F52F221E0E9E0DB1396F07EAF2CA88B79D8CF35EF154A69569C545CA1D04A07ADE3628243039985880B79972FB9F5070951D40C9D21C1729348152724531B270C9DEBB5B2C730C72F4EA3932DB44BD3C746E082856A4109A37BA979164881D5B8007807FF1A7E0C48F99DBBE1709585203E579AE201D295E720CDD45B3A8652A7CE878765E699727641410F840871B4362DC51A3D4D15980876649089CE845B5733497FB8E7B2568EF8627EC1BEE0434A3A72094132A0BA0CA102A440952285823FB09684A1C52468193F6E8A6CC9D935C13FCC661DED5CB84B5D5DF721447531787F78AB31AA1D6342460A8B896518640B7DCF3825B52D46469351EF17E586B661D5C0E792C0AA0B0309B8A4BECB3B267BB459C7452387FF6028EEC1C6DFAE3EE9452EB7A7CFB9CDD361B45FF29E6648BD94712BEF29A1C86C492231F710BC66BF8CF83F8765EF6DBA6857C733789DD71245F17C6FA03DD07FCFFBC450029776FDB4F4B411D4B4A98E090CB79B4CF990398FE1C147CE959C8C11D5DE9A4271EA4CA3D8A50A6F7081A2B0F95AA4AD80081511C357D9F15B7547F0A725EED4EE7FDDAE32A3D00512984928679C51375777E968FE3363DCC495300762C7C6D32F4088DB4D4D4449610D05E87CECADA742827EF2B4EF1D064CEB0EEBB01264306F3E24D6260483829576F88B8346764429722BFD0FE3845F541837ACFFEDA101E0E082F618630B741BE1A9E44C677A947FEC31F08EB338798617A09C38EF3FF31A677E62DCDBA2C56D37B1F16AD2B06F41D3E5CDE9A9B7179B6EC46DF99D857521DF29E8012A1AFE6F2F0658171F56EEA20E531C3B2E02864B130BB0BA476F23024DCCA6411CE1BBD1D5C9F5346DB36334117AAF7A1B4ABE86470CABDF862010F5AE3129CA17F36BA89EE3DB83641804EC2455ED75686342E9F339068A77258BBC292E05AF5C233F5B74CA83080CC5DAE01E977E2F7D1ADC36803398B81DAC22DE391F512912148392371C658C416C96C8C3035928EDBB418CF249C9C02793AE6661AB04B4C6C944F55B23CB5621511DACD8EC5C1ECD463620CAC79C38B6CC95FA8993482EA255246D30DA6EA67C677889F56CDF4466F5D968069E152B0BE30B64E1B18607035D7D15503D364B73BAB5582CDF290FE30D2EB7A4F6F797D80702CC448E1153A3A9D882445C73BA490388588F31FA6C14BA7DBFAD39E1CE6B0E2FAD69015F81FF6DAAC56420A478CF717DD952A0DC51B1E38113CF5EF2AC2EC08B6F6CB427A06AD990213C09DB2CC2D31FCB
+20210529114106 2 6 100 8191 5 D8A2E2F024645B5A3FB339A2EF06A3E46CD2AA808530C320F121CE1EEBEE128D6DB4C49492881B35E5AA8C43CAA07E7F69A5C4ECD0EE62A29FC191B9C0DD6955E23E831A0573135B9931D03A5BBCA961410CA287D08D53C0E8CFEC19534C4FECBAD0F2BE625802AF1B504F59A4A88DAA5F52F221E0E9E0DB1396F07EAF2CA88B79D8CF35EF154A69569C545CA1D04A07ADE3628243039985880B79972FB9F5070951D40C9D21C1729348152724531B270C9DEBB5B2C730C72F4EA3932DB44BD3C746E082856A4109A37BA979164881D5B8007807FF1A7E0C48F99DBBE1709585203E579AE201D295E720CDD45B3A8652A7CE878765E699727641410F840871B4362DC51A3D4D15980876649089CE845B5733497FB8E7B2568EF8627EC1BEE0434A3A72094132A0BA0CA102A440952285823FB09684A1C52468193F6E8A6CC9D935C13FCC661DED5CB84B5D5DF721447531787F78AB31AA1D6342460A8B896518640B7DCF3825B52D46469351EF17E586B661D5C0E792C0AA0B0309B8A4BECB3B267BB459C7452387FF6028EEC1C6DFAE3EE9452EB7A7CFB9CDD361B45FF29E6648BD94712BEF29A1C86C492231F710BC66BF8CF83F8765EF6DBA6857C733789DD71245F17C6FA03DD07FCFFBC450029776FDB4F4B411D4B4A98E090CB79B4CF990398FE1C147CE959C8C11D5DE9A4271EA4CA3D8A50A6F7081A2B0F95AA4AD80081511C357D9F15B7547F0A725EED4EE7FDDAE32A3D00512984928679C51375777E968FE3363DCC495300762C7C6D32F4088DB4D4D4449610D05E87CECADA742827EF2B4EF1D064CEB0EEBB01264306F3E24D6260483829576F88B8346764429722BFD0FE3845F541837ACFFEDA101E0E082F618630B741BE1A9E44C677A947FEC31F08EB338798617A09C38EF3FF31A677E62DCDBA2C56D37B1F16AD2B06F41D3E5CDE9A9B7179B6EC46DF99D857521DF29E8012A1AFE6F2F0658171F56EEA20E531C3B2E02864B130BB0BA476F23024DCCA6411CE1BBD1D5C9F5346DB36334117AAF7A1B4ABE86470CABDF862010F5AE3129CA17F36BA89EE3DB83641804EC2455ED75686342E9F339068A77258BBC292E05AF5C233F5B74CA83080CC5DAE01E977E2F7D1ADC36803398B81DAC22DE391F512912148392371C658C416C96C8C3035928EDBB418CF249C9C02793AE6661AB04B4C6C944F55B23CB5621511DACD8EC5C1ECD463620CAC79C38B6CC95FA8993482EA255246D30DA6EA67C677889F56CDF4466F5D968069E152B0BE30B64E1B18607035D7D15503D364B73BAB5582CDF290FE30D2EB7A4F6F797D80702CC448E1153A3A9D882445C73BA490388588F31FA6C14BA7DBFAD39E1CE6B0E2FAD69015F81FF6DAAC56420A478CF717DD952A0DC51B1E38113CF5EF2AC2EC08B6F6CB427A06AD990213C09DB2CC6BA9507
+20210529124457 2 6 100 8191 5 D8A2E2F024645B5A3FB339A2EF06A3E46CD2AA808530C320F121CE1EEBEE128D6DB4C49492881B35E5AA8C43CAA07E7F69A5C4ECD0EE62A29FC191B9C0DD6955E23E831A0573135B9931D03A5BBCA961410CA287D08D53C0E8CFEC19534C4FECBAD0F2BE625802AF1B504F59A4A88DAA5F52F221E0E9E0DB1396F07EAF2CA88B79D8CF35EF154A69569C545CA1D04A07ADE3628243039985880B79972FB9F5070951D40C9D21C1729348152724531B270C9DEBB5B2C730C72F4EA3932DB44BD3C746E082856A4109A37BA979164881D5B8007807FF1A7E0C48F99DBBE1709585203E579AE201D295E720CDD45B3A8652A7CE878765E699727641410F840871B4362DC51A3D4D15980876649089CE845B5733497FB8E7B2568EF8627EC1BEE0434A3A72094132A0BA0CA102A440952285823FB09684A1C52468193F6E8A6CC9D935C13FCC661DED5CB84B5D5DF721447531787F78AB31AA1D6342460A8B896518640B7DCF3825B52D46469351EF17E586B661D5C0E792C0AA0B0309B8A4BECB3B267BB459C7452387FF6028EEC1C6DFAE3EE9452EB7A7CFB9CDD361B45FF29E6648BD94712BEF29A1C86C492231F710BC66BF8CF83F8765EF6DBA6857C733789DD71245F17C6FA03DD07FCFFBC450029776FDB4F4B411D4B4A98E090CB79B4CF990398FE1C147CE959C8C11D5DE9A4271EA4CA3D8A50A6F7081A2B0F95AA4AD80081511C357D9F15B7547F0A725EED4EE7FDDAE32A3D00512984928679C51375777E968FE3363DCC495300762C7C6D32F4088DB4D4D4449610D05E87CECADA742827EF2B4EF1D064CEB0EEBB01264306F3E24D6260483829576F88B8346764429722BFD0FE3845F541837ACFFEDA101E0E082F618630B741BE1A9E44C677A947FEC31F08EB338798617A09C38EF3FF31A677E62DCDBA2C56D37B1F16AD2B06F41D3E5CDE9A9B7179B6EC46DF99D857521DF29E8012A1AFE6F2F0658171F56EEA20E531C3B2E02864B130BB0BA476F23024DCCA6411CE1BBD1D5C9F5346DB36334117AAF7A1B4ABE86470CABDF862010F5AE3129CA17F36BA89EE3DB83641804EC2455ED75686342E9F339068A77258BBC292E05AF5C233F5B74CA83080CC5DAE01E977E2F7D1ADC36803398B81DAC22DE391F512912148392371C658C416C96C8C3035928EDBB418CF249C9C02793AE6661AB04B4C6C944F55B23CB5621511DACD8EC5C1ECD463620CAC79C38B6CC95FA8993482EA255246D30DA6EA67C677889F56CDF4466F5D968069E152B0BE30B64E1B18607035D7D15503D364B73BAB5582CDF290FE30D2EB7A4F6F797D80702CC448E1153A3A9D882445C73BA490388588F31FA6C14BA7DBFAD39E1CE6B0E2FAD69015F81FF6DAAC56420A478CF717DD952A0DC51B1E38113CF5EF2AC2EC08B6F6CB427A06AD990213C09DB2CCB1266F7
+20210529130632 2 6 100 8191 5 D8A2E2F024645B5A3FB339A2EF06A3E46CD2AA808530C320F121CE1EEBEE128D6DB4C49492881B35E5AA8C43CAA07E7F69A5C4ECD0EE62A29FC191B9C0DD6955E23E831A0573135B9931D03A5BBCA961410CA287D08D53C0E8CFEC19534C4FECBAD0F2BE625802AF1B504F59A4A88DAA5F52F221E0E9E0DB1396F07EAF2CA88B79D8CF35EF154A69569C545CA1D04A07ADE3628243039985880B79972FB9F5070951D40C9D21C1729348152724531B270C9DEBB5B2C730C72F4EA3932DB44BD3C746E082856A4109A37BA979164881D5B8007807FF1A7E0C48F99DBBE1709585203E579AE201D295E720CDD45B3A8652A7CE878765E699727641410F840871B4362DC51A3D4D15980876649089CE845B5733497FB8E7B2568EF8627EC1BEE0434A3A72094132A0BA0CA102A440952285823FB09684A1C52468193F6E8A6CC9D935C13FCC661DED5CB84B5D5DF721447531787F78AB31AA1D6342460A8B896518640B7DCF3825B52D46469351EF17E586B661D5C0E792C0AA0B0309B8A4BECB3B267BB459C7452387FF6028EEC1C6DFAE3EE9452EB7A7CFB9CDD361B45FF29E6648BD94712BEF29A1C86C492231F710BC66BF8CF83F8765EF6DBA6857C733789DD71245F17C6FA03DD07FCFFBC450029776FDB4F4B411D4B4A98E090CB79B4CF990398FE1C147CE959C8C11D5DE9A4271EA4CA3D8A50A6F7081A2B0F95AA4AD80081511C357D9F15B7547F0A725EED4EE7FDDAE32A3D00512984928679C51375777E968FE3363DCC495300762C7C6D32F4088DB4D4D4449610D05E87CECADA742827EF2B4EF1D064CEB0EEBB01264306F3E24D6260483829576F88B8346764429722BFD0FE3845F541837ACFFEDA101E0E082F618630B741BE1A9E44C677A947FEC31F08EB338798617A09C38EF3FF31A677E62DCDBA2C56D37B1F16AD2B06F41D3E5CDE9A9B7179B6EC46DF99D857521DF29E8012A1AFE6F2F0658171F56EEA20E531C3B2E02864B130BB0BA476F23024DCCA6411CE1BBD1D5C9F5346DB36334117AAF7A1B4ABE86470CABDF862010F5AE3129CA17F36BA89EE3DB83641804EC2455ED75686342E9F339068A77258BBC292E05AF5C233F5B74CA83080CC5DAE01E977E2F7D1ADC36803398B81DAC22DE391F512912148392371C658C416C96C8C3035928EDBB418CF249C9C02793AE6661AB04B4C6C944F55B23CB5621511DACD8EC5C1ECD463620CAC79C38B6CC95FA8993482EA255246D30DA6EA67C677889F56CDF4466F5D968069E152B0BE30B64E1B18607035D7D15503D364B73BAB5582CDF290FE30D2EB7A4F6F797D80702CC448E1153A3A9D882445C73BA490388588F31FA6C14BA7DBFAD39E1CE6B0E2FAD69015F81FF6DAAC56420A478CF717DD952A0DC51B1E38113CF5EF2AC2EC08B6F6CB427A06AD990213C09DB2CCC8BF0A7
+20210529154413 2 6 100 8191 5 D8A2E2F024645B5A3FB339A2EF06A3E46CD2AA808530C320F121CE1EEBEE128D6DB4C49492881B35E5AA8C43CAA07E7F69A5C4ECD0EE62A29FC191B9C0DD6955E23E831A0573135B9931D03A5BBCA961410CA287D08D53C0E8CFEC19534C4FECBAD0F2BE625802AF1B504F59A4A88DAA5F52F221E0E9E0DB1396F07EAF2CA88B79D8CF35EF154A69569C545CA1D04A07ADE3628243039985880B79972FB9F5070951D40C9D21C1729348152724531B270C9DEBB5B2C730C72F4EA3932DB44BD3C746E082856A4109A37BA979164881D5B8007807FF1A7E0C48F99DBBE1709585203E579AE201D295E720CDD45B3A8652A7CE878765E699727641410F840871B4362DC51A3D4D15980876649089CE845B5733497FB8E7B2568EF8627EC1BEE0434A3A72094132A0BA0CA102A440952285823FB09684A1C52468193F6E8A6CC9D935C13FCC661DED5CB84B5D5DF721447531787F78AB31AA1D6342460A8B896518640B7DCF3825B52D46469351EF17E586B661D5C0E792C0AA0B0309B8A4BECB3B267BB459C7452387FF6028EEC1C6DFAE3EE9452EB7A7CFB9CDD361B45FF29E6648BD94712BEF29A1C86C492231F710BC66BF8CF83F8765EF6DBA6857C733789DD71245F17C6FA03DD07FCFFBC450029776FDB4F4B411D4B4A98E090CB79B4CF990398FE1C147CE959C8C11D5DE9A4271EA4CA3D8A50A6F7081A2B0F95AA4AD80081511C357D9F15B7547F0A725EED4EE7FDDAE32A3D00512984928679C51375777E968FE3363DCC495300762C7C6D32F4088DB4D4D4449610D05E87CECADA742827EF2B4EF1D064CEB0EEBB01264306F3E24D6260483829576F88B8346764429722BFD0FE3845F541837ACFFEDA101E0E082F618630B741BE1A9E44C677A947FEC31F08EB338798617A09C38EF3FF31A677E62DCDBA2C56D37B1F16AD2B06F41D3E5CDE9A9B7179B6EC46DF99D857521DF29E8012A1AFE6F2F0658171F56EEA20E531C3B2E02864B130BB0BA476F23024DCCA6411CE1BBD1D5C9F5346DB36334117AAF7A1B4ABE86470CABDF862010F5AE3129CA17F36BA89EE3DB83641804EC2455ED75686342E9F339068A77258BBC292E05AF5C233F5B74CA83080CC5DAE01E977E2F7D1ADC36803398B81DAC22DE391F512912148392371C658C416C96C8C3035928EDBB418CF249C9C02793AE6661AB04B4C6C944F55B23CB5621511DACD8EC5C1ECD463620CAC79C38B6CC95FA8993482EA255246D30DA6EA67C677889F56CDF4466F5D968069E152B0BE30B64E1B18607035D7D15503D364B73BAB5582CDF290FE30D2EB7A4F6F797D80702CC448E1153A3A9D882445C73BA490388588F31FA6C14BA7DBFAD39E1CE6B0E2FAD69015F81FF6DAAC56420A478CF717DD952A0DC51B1E38113CF5EF2AC2EC08B6F6CB427A06AD990213C09DB2CD7337777
+20210529171849 2 6 100 8191 2 D8A2E2F024645B5A3FB339A2EF06A3E46CD2AA808530C320F121CE1EEBEE128D6DB4C49492881B35E5AA8C43CAA07E7F69A5C4ECD0EE62A29FC191B9C0DD6955E23E831A0573135B9931D03A5BBCA961410CA287D08D53C0E8CFEC19534C4FECBAD0F2BE625802AF1B504F59A4A88DAA5F52F221E0E9E0DB1396F07EAF2CA88B79D8CF35EF154A69569C545CA1D04A07ADE3628243039985880B79972FB9F5070951D40C9D21C1729348152724531B270C9DEBB5B2C730C72F4EA3932DB44BD3C746E082856A4109A37BA979164881D5B8007807FF1A7E0C48F99DBBE1709585203E579AE201D295E720CDD45B3A8652A7CE878765E699727641410F840871B4362DC51A3D4D15980876649089CE845B5733497FB8E7B2568EF8627EC1BEE0434A3A72094132A0BA0CA102A440952285823FB09684A1C52468193F6E8A6CC9D935C13FCC661DED5CB84B5D5DF721447531787F78AB31AA1D6342460A8B896518640B7DCF3825B52D46469351EF17E586B661D5C0E792C0AA0B0309B8A4BECB3B267BB459C7452387FF6028EEC1C6DFAE3EE9452EB7A7CFB9CDD361B45FF29E6648BD94712BEF29A1C86C492231F710BC66BF8CF83F8765EF6DBA6857C733789DD71245F17C6FA03DD07FCFFBC450029776FDB4F4B411D4B4A98E090CB79B4CF990398FE1C147CE959C8C11D5DE9A4271EA4CA3D8A50A6F7081A2B0F95AA4AD80081511C357D9F15B7547F0A725EED4EE7FDDAE32A3D00512984928679C51375777E968FE3363DCC495300762C7C6D32F4088DB4D4D4449610D05E87CECADA742827EF2B4EF1D064CEB0EEBB01264306F3E24D6260483829576F88B8346764429722BFD0FE3845F541837ACFFEDA101E0E082F618630B741BE1A9E44C677A947FEC31F08EB338798617A09C38EF3FF31A677E62DCDBA2C56D37B1F16AD2B06F41D3E5CDE9A9B7179B6EC46DF99D857521DF29E8012A1AFE6F2F0658171F56EEA20E531C3B2E02864B130BB0BA476F23024DCCA6411CE1BBD1D5C9F5346DB36334117AAF7A1B4ABE86470CABDF862010F5AE3129CA17F36BA89EE3DB83641804EC2455ED75686342E9F339068A77258BBC292E05AF5C233F5B74CA83080CC5DAE01E977E2F7D1ADC36803398B81DAC22DE391F512912148392371C658C416C96C8C3035928EDBB418CF249C9C02793AE6661AB04B4C6C944F55B23CB5621511DACD8EC5C1ECD463620CAC79C38B6CC95FA8993482EA255246D30DA6EA67C677889F56CDF4466F5D968069E152B0BE30B64E1B18607035D7D15503D364B73BAB5582CDF290FE30D2EB7A4F6F797D80702CC448E1153A3A9D882445C73BA490388588F31FA6C14BA7DBFAD39E1CE6B0E2FAD69015F81FF6DAAC56420A478CF717DD952A0DC51B1E38113CF5EF2AC2EC08B6F6CB427A06AD990213C09DB2CDD794B1B
+20210529201318 2 6 100 8191 5 D8A2E2F024645B5A3FB339A2EF06A3E46CD2AA808530C320F121CE1EEBEE128D6DB4C49492881B35E5AA8C43CAA07E7F69A5C4ECD0EE62A29FC191B9C0DD6955E23E831A0573135B9931D03A5BBCA961410CA287D08D53C0E8CFEC19534C4FECBAD0F2BE625802AF1B504F59A4A88DAA5F52F221E0E9E0DB1396F07EAF2CA88B79D8CF35EF154A69569C545CA1D04A07ADE3628243039985880B79972FB9F5070951D40C9D21C1729348152724531B270C9DEBB5B2C730C72F4EA3932DB44BD3C746E082856A4109A37BA979164881D5B8007807FF1A7E0C48F99DBBE1709585203E579AE201D295E720CDD45B3A8652A7CE878765E699727641410F840871B4362DC51A3D4D15980876649089CE845B5733497FB8E7B2568EF8627EC1BEE0434A3A72094132A0BA0CA102A440952285823FB09684A1C52468193F6E8A6CC9D935C13FCC661DED5CB84B5D5DF721447531787F78AB31AA1D6342460A8B896518640B7DCF3825B52D46469351EF17E586B661D5C0E792C0AA0B0309B8A4BECB3B267BB459C7452387FF6028EEC1C6DFAE3EE9452EB7A7CFB9CDD361B45FF29E6648BD94712BEF29A1C86C492231F710BC66BF8CF83F8765EF6DBA6857C733789DD71245F17C6FA03DD07FCFFBC450029776FDB4F4B411D4B4A98E090CB79B4CF990398FE1C147CE959C8C11D5DE9A4271EA4CA3D8A50A6F7081A2B0F95AA4AD80081511C357D9F15B7547F0A725EED4EE7FDDAE32A3D00512984928679C51375777E968FE3363DCC495300762C7C6D32F4088DB4D4D4449610D05E87CECADA742827EF2B4EF1D064CEB0EEBB01264306F3E24D6260483829576F88B8346764429722BFD0FE3845F541837ACFFEDA101E0E082F618630B741BE1A9E44C677A947FEC31F08EB338798617A09C38EF3FF31A677E62DCDBA2C56D37B1F16AD2B06F41D3E5CDE9A9B7179B6EC46DF99D857521DF29E8012A1AFE6F2F0658171F56EEA20E531C3B2E02864B130BB0BA476F23024DCCA6411CE1BBD1D5C9F5346DB36334117AAF7A1B4ABE86470CABDF862010F5AE3129CA17F36BA89EE3DB83641804EC2455ED75686342E9F339068A77258BBC292E05AF5C233F5B74CA83080CC5DAE01E977E2F7D1ADC36803398B81DAC22DE391F512912148392371C658C416C96C8C3035928EDBB418CF249C9C02793AE6661AB04B4C6C944F55B23CB5621511DACD8EC5C1ECD463620CAC79C38B6CC95FA8993482EA255246D30DA6EA67C677889F56CDF4466F5D968069E152B0BE30B64E1B18607035D7D15503D364B73BAB5582CDF290FE30D2EB7A4F6F797D80702CC448E1153A3A9D882445C73BA490388588F31FA6C14BA7DBFAD39E1CE6B0E2FAD69015F81FF6DAAC56420A478CF717DD952A0DC51B1E38113CF5EF2AC2EC08B6F6CB427A06AD990213C09DB2CE8F228D7
+20210529210612 2 6 100 8191 2 D8A2E2F024645B5A3FB339A2EF06A3E46CD2AA808530C320F121CE1EEBEE128D6DB4C49492881B35E5AA8C43CAA07E7F69A5C4ECD0EE62A29FC191B9C0DD6955E23E831A0573135B9931D03A5BBCA961410CA287D08D53C0E8CFEC19534C4FECBAD0F2BE625802AF1B504F59A4A88DAA5F52F221E0E9E0DB1396F07EAF2CA88B79D8CF35EF154A69569C545CA1D04A07ADE3628243039985880B79972FB9F5070951D40C9D21C1729348152724531B270C9DEBB5B2C730C72F4EA3932DB44BD3C746E082856A4109A37BA979164881D5B8007807FF1A7E0C48F99DBBE1709585203E579AE201D295E720CDD45B3A8652A7CE878765E699727641410F840871B4362DC51A3D4D15980876649089CE845B5733497FB8E7B2568EF8627EC1BEE0434A3A72094132A0BA0CA102A440952285823FB09684A1C52468193F6E8A6CC9D935C13FCC661DED5CB84B5D5DF721447531787F78AB31AA1D6342460A8B896518640B7DCF3825B52D46469351EF17E586B661D5C0E792C0AA0B0309B8A4BECB3B267BB459C7452387FF6028EEC1C6DFAE3EE9452EB7A7CFB9CDD361B45FF29E6648BD94712BEF29A1C86C492231F710BC66BF8CF83F8765EF6DBA6857C733789DD71245F17C6FA03DD07FCFFBC450029776FDB4F4B411D4B4A98E090CB79B4CF990398FE1C147CE959C8C11D5DE9A4271EA4CA3D8A50A6F7081A2B0F95AA4AD80081511C357D9F15B7547F0A725EED4EE7FDDAE32A3D00512984928679C51375777E968FE3363DCC495300762C7C6D32F4088DB4D4D4449610D05E87CECADA742827EF2B4EF1D064CEB0EEBB01264306F3E24D6260483829576F88B8346764429722BFD0FE3845F541837ACFFEDA101E0E082F618630B741BE1A9E44C677A947FEC31F08EB338798617A09C38EF3FF31A677E62DCDBA2C56D37B1F16AD2B06F41D3E5CDE9A9B7179B6EC46DF99D857521DF29E8012A1AFE6F2F0658171F56EEA20E531C3B2E02864B130BB0BA476F23024DCCA6411CE1BBD1D5C9F5346DB36334117AAF7A1B4ABE86470CABDF862010F5AE3129CA17F36BA89EE3DB83641804EC2455ED75686342E9F339068A77258BBC292E05AF5C233F5B74CA83080CC5DAE01E977E2F7D1ADC36803398B81DAC22DE391F512912148392371C658C416C96C8C3035928EDBB418CF249C9C02793AE6661AB04B4C6C944F55B23CB5621511DACD8EC5C1ECD463620CAC79C38B6CC95FA8993482EA255246D30DA6EA67C677889F56CDF4466F5D968069E152B0BE30B64E1B18607035D7D15503D364B73BAB5582CDF290FE30D2EB7A4F6F797D80702CC448E1153A3A9D882445C73BA490388588F31FA6C14BA7DBFAD39E1CE6B0E2FAD69015F81FF6DAAC56420A478CF717DD952A0DC51B1E38113CF5EF2AC2EC08B6F6CB427A06AD990213C09DB2CEC4AD6BB
+20210529211901 2 6 100 8191 5 D8A2E2F024645B5A3FB339A2EF06A3E46CD2AA808530C320F121CE1EEBEE128D6DB4C49492881B35E5AA8C43CAA07E7F69A5C4ECD0EE62A29FC191B9C0DD6955E23E831A0573135B9931D03A5BBCA961410CA287D08D53C0E8CFEC19534C4FECBAD0F2BE625802AF1B504F59A4A88DAA5F52F221E0E9E0DB1396F07EAF2CA88B79D8CF35EF154A69569C545CA1D04A07ADE3628243039985880B79972FB9F5070951D40C9D21C1729348152724531B270C9DEBB5B2C730C72F4EA3932DB44BD3C746E082856A4109A37BA979164881D5B8007807FF1A7E0C48F99DBBE1709585203E579AE201D295E720CDD45B3A8652A7CE878765E699727641410F840871B4362DC51A3D4D15980876649089CE845B5733497FB8E7B2568EF8627EC1BEE0434A3A72094132A0BA0CA102A440952285823FB09684A1C52468193F6E8A6CC9D935C13FCC661DED5CB84B5D5DF721447531787F78AB31AA1D6342460A8B896518640B7DCF3825B52D46469351EF17E586B661D5C0E792C0AA0B0309B8A4BECB3B267BB459C7452387FF6028EEC1C6DFAE3EE9452EB7A7CFB9CDD361B45FF29E6648BD94712BEF29A1C86C492231F710BC66BF8CF83F8765EF6DBA6857C733789DD71245F17C6FA03DD07FCFFBC450029776FDB4F4B411D4B4A98E090CB79B4CF990398FE1C147CE959C8C11D5DE9A4271EA4CA3D8A50A6F7081A2B0F95AA4AD80081511C357D9F15B7547F0A725EED4EE7FDDAE32A3D00512984928679C51375777E968FE3363DCC495300762C7C6D32F4088DB4D4D4449610D05E87CECADA742827EF2B4EF1D064CEB0EEBB01264306F3E24D6260483829576F88B8346764429722BFD0FE3845F541837ACFFEDA101E0E082F618630B741BE1A9E44C677A947FEC31F08EB338798617A09C38EF3FF31A677E62DCDBA2C56D37B1F16AD2B06F41D3E5CDE9A9B7179B6EC46DF99D857521DF29E8012A1AFE6F2F0658171F56EEA20E531C3B2E02864B130BB0BA476F23024DCCA6411CE1BBD1D5C9F5346DB36334117AAF7A1B4ABE86470CABDF862010F5AE3129CA17F36BA89EE3DB83641804EC2455ED75686342E9F339068A77258BBC292E05AF5C233F5B74CA83080CC5DAE01E977E2F7D1ADC36803398B81DAC22DE391F512912148392371C658C416C96C8C3035928EDBB418CF249C9C02793AE6661AB04B4C6C944F55B23CB5621511DACD8EC5C1ECD463620CAC79C38B6CC95FA8993482EA255246D30DA6EA67C677889F56CDF4466F5D968069E152B0BE30B64E1B18607035D7D15503D364B73BAB5582CDF290FE30D2EB7A4F6F797D80702CC448E1153A3A9D882445C73BA490388588F31FA6C14BA7DBFAD39E1CE6B0E2FAD69015F81FF6DAAC56420A478CF717DD952A0DC51B1E38113CF5EF2AC2EC08B6F6CB427A06AD990213C09DB2CED1A6127
+20210529213817 2 6 100 8191 2 D8A2E2F024645B5A3FB339A2EF06A3E46CD2AA808530C320F121CE1EEBEE128D6DB4C49492881B35E5AA8C43CAA07E7F69A5C4ECD0EE62A29FC191B9C0DD6955E23E831A0573135B9931D03A5BBCA961410CA287D08D53C0E8CFEC19534C4FECBAD0F2BE625802AF1B504F59A4A88DAA5F52F221E0E9E0DB1396F07EAF2CA88B79D8CF35EF154A69569C545CA1D04A07ADE3628243039985880B79972FB9F5070951D40C9D21C1729348152724531B270C9DEBB5B2C730C72F4EA3932DB44BD3C746E082856A4109A37BA979164881D5B8007807FF1A7E0C48F99DBBE1709585203E579AE201D295E720CDD45B3A8652A7CE878765E699727641410F840871B4362DC51A3D4D15980876649089CE845B5733497FB8E7B2568EF8627EC1BEE0434A3A72094132A0BA0CA102A440952285823FB09684A1C52468193F6E8A6CC9D935C13FCC661DED5CB84B5D5DF721447531787F78AB31AA1D6342460A8B896518640B7DCF3825B52D46469351EF17E586B661D5C0E792C0AA0B0309B8A4BECB3B267BB459C7452387FF6028EEC1C6DFAE3EE9452EB7A7CFB9CDD361B45FF29E6648BD94712BEF29A1C86C492231F710BC66BF8CF83F8765EF6DBA6857C733789DD71245F17C6FA03DD07FCFFBC450029776FDB4F4B411D4B4A98E090CB79B4CF990398FE1C147CE959C8C11D5DE9A4271EA4CA3D8A50A6F7081A2B0F95AA4AD80081511C357D9F15B7547F0A725EED4EE7FDDAE32A3D00512984928679C51375777E968FE3363DCC495300762C7C6D32F4088DB4D4D4449610D05E87CECADA742827EF2B4EF1D064CEB0EEBB01264306F3E24D6260483829576F88B8346764429722BFD0FE3845F541837ACFFEDA101E0E082F618630B741BE1A9E44C677A947FEC31F08EB338798617A09C38EF3FF31A677E62DCDBA2C56D37B1F16AD2B06F41D3E5CDE9A9B7179B6EC46DF99D857521DF29E8012A1AFE6F2F0658171F56EEA20E531C3B2E02864B130BB0BA476F23024DCCA6411CE1BBD1D5C9F5346DB36334117AAF7A1B4ABE86470CABDF862010F5AE3129CA17F36BA89EE3DB83641804EC2455ED75686342E9F339068A77258BBC292E05AF5C233F5B74CA83080CC5DAE01E977E2F7D1ADC36803398B81DAC22DE391F512912148392371C658C416C96C8C3035928EDBB418CF249C9C02793AE6661AB04B4C6C944F55B23CB5621511DACD8EC5C1ECD463620CAC79C38B6CC95FA8993482EA255246D30DA6EA67C677889F56CDF4466F5D968069E152B0BE30B64E1B18607035D7D15503D364B73BAB5582CDF290FE30D2EB7A4F6F797D80702CC448E1153A3A9D882445C73BA490388588F31FA6C14BA7DBFAD39E1CE6B0E2FAD69015F81FF6DAAC56420A478CF717DD952A0DC51B1E38113CF5EF2AC2EC08B6F6CB427A06AD990213C09DB2CEE51861B
+20210529215309 2 6 100 8191 2 D8A2E2F024645B5A3FB339A2EF06A3E46CD2AA808530C320F121CE1EEBEE128D6DB4C49492881B35E5AA8C43CAA07E7F69A5C4ECD0EE62A29FC191B9C0DD6955E23E831A0573135B9931D03A5BBCA961410CA287D08D53C0E8CFEC19534C4FECBAD0F2BE625802AF1B504F59A4A88DAA5F52F221E0E9E0DB1396F07EAF2CA88B79D8CF35EF154A69569C545CA1D04A07ADE3628243039985880B79972FB9F5070951D40C9D21C1729348152724531B270C9DEBB5B2C730C72F4EA3932DB44BD3C746E082856A4109A37BA979164881D5B8007807FF1A7E0C48F99DBBE1709585203E579AE201D295E720CDD45B3A8652A7CE878765E699727641410F840871B4362DC51A3D4D15980876649089CE845B5733497FB8E7B2568EF8627EC1BEE0434A3A72094132A0BA0CA102A440952285823FB09684A1C52468193F6E8A6CC9D935C13FCC661DED5CB84B5D5DF721447531787F78AB31AA1D6342460A8B896518640B7DCF3825B52D46469351EF17E586B661D5C0E792C0AA0B0309B8A4BECB3B267BB459C7452387FF6028EEC1C6DFAE3EE9452EB7A7CFB9CDD361B45FF29E6648BD94712BEF29A1C86C492231F710BC66BF8CF83F8765EF6DBA6857C733789DD71245F17C6FA03DD07FCFFBC450029776FDB4F4B411D4B4A98E090CB79B4CF990398FE1C147CE959C8C11D5DE9A4271EA4CA3D8A50A6F7081A2B0F95AA4AD80081511C357D9F15B7547F0A725EED4EE7FDDAE32A3D00512984928679C51375777E968FE3363DCC495300762C7C6D32F4088DB4D4D4449610D05E87CECADA742827EF2B4EF1D064CEB0EEBB01264306F3E24D6260483829576F88B8346764429722BFD0FE3845F541837ACFFEDA101E0E082F618630B741BE1A9E44C677A947FEC31F08EB338798617A09C38EF3FF31A677E62DCDBA2C56D37B1F16AD2B06F41D3E5CDE9A9B7179B6EC46DF99D857521DF29E8012A1AFE6F2F0658171F56EEA20E531C3B2E02864B130BB0BA476F23024DCCA6411CE1BBD1D5C9F5346DB36334117AAF7A1B4ABE86470CABDF862010F5AE3129CA17F36BA89EE3DB83641804EC2455ED75686342E9F339068A77258BBC292E05AF5C233F5B74CA83080CC5DAE01E977E2F7D1ADC36803398B81DAC22DE391F512912148392371C658C416C96C8C3035928EDBB418CF249C9C02793AE6661AB04B4C6C944F55B23CB5621511DACD8EC5C1ECD463620CAC79C38B6CC95FA8993482EA255246D30DA6EA67C677889F56CDF4466F5D968069E152B0BE30B64E1B18607035D7D15503D364B73BAB5582CDF290FE30D2EB7A4F6F797D80702CC448E1153A3A9D882445C73BA490388588F31FA6C14BA7DBFAD39E1CE6B0E2FAD69015F81FF6DAAC56420A478CF717DD952A0DC51B1E38113CF5EF2AC2EC08B6F6CB427A06AD990213C09DB2CEF3757F3
+20210529215904 2 6 100 8191 5 D8A2E2F024645B5A3FB339A2EF06A3E46CD2AA808530C320F121CE1EEBEE128D6DB4C49492881B35E5AA8C43CAA07E7F69A5C4ECD0EE62A29FC191B9C0DD6955E23E831A0573135B9931D03A5BBCA961410CA287D08D53C0E8CFEC19534C4FECBAD0F2BE625802AF1B504F59A4A88DAA5F52F221E0E9E0DB1396F07EAF2CA88B79D8CF35EF154A69569C545CA1D04A07ADE3628243039985880B79972FB9F5070951D40C9D21C1729348152724531B270C9DEBB5B2C730C72F4EA3932DB44BD3C746E082856A4109A37BA979164881D5B8007807FF1A7E0C48F99DBBE1709585203E579AE201D295E720CDD45B3A8652A7CE878765E699727641410F840871B4362DC51A3D4D15980876649089CE845B5733497FB8E7B2568EF8627EC1BEE0434A3A72094132A0BA0CA102A440952285823FB09684A1C52468193F6E8A6CC9D935C13FCC661DED5CB84B5D5DF721447531787F78AB31AA1D6342460A8B896518640B7DCF3825B52D46469351EF17E586B661D5C0E792C0AA0B0309B8A4BECB3B267BB459C7452387FF6028EEC1C6DFAE3EE9452EB7A7CFB9CDD361B45FF29E6648BD94712BEF29A1C86C492231F710BC66BF8CF83F8765EF6DBA6857C733789DD71245F17C6FA03DD07FCFFBC450029776FDB4F4B411D4B4A98E090CB79B4CF990398FE1C147CE959C8C11D5DE9A4271EA4CA3D8A50A6F7081A2B0F95AA4AD80081511C357D9F15B7547F0A725EED4EE7FDDAE32A3D00512984928679C51375777E968FE3363DCC495300762C7C6D32F4088DB4D4D4449610D05E87CECADA742827EF2B4EF1D064CEB0EEBB01264306F3E24D6260483829576F88B8346764429722BFD0FE3845F541837ACFFEDA101E0E082F618630B741BE1A9E44C677A947FEC31F08EB338798617A09C38EF3FF31A677E62DCDBA2C56D37B1F16AD2B06F41D3E5CDE9A9B7179B6EC46DF99D857521DF29E8012A1AFE6F2F0658171F56EEA20E531C3B2E02864B130BB0BA476F23024DCCA6411CE1BBD1D5C9F5346DB36334117AAF7A1B4ABE86470CABDF862010F5AE3129CA17F36BA89EE3DB83641804EC2455ED75686342E9F339068A77258BBC292E05AF5C233F5B74CA83080CC5DAE01E977E2F7D1ADC36803398B81DAC22DE391F512912148392371C658C416C96C8C3035928EDBB418CF249C9C02793AE6661AB04B4C6C944F55B23CB5621511DACD8EC5C1ECD463620CAC79C38B6CC95FA8993482EA255246D30DA6EA67C677889F56CDF4466F5D968069E152B0BE30B64E1B18607035D7D15503D364B73BAB5582CDF290FE30D2EB7A4F6F797D80702CC448E1153A3A9D882445C73BA490388588F31FA6C14BA7DBFAD39E1CE6B0E2FAD69015F81FF6DAAC56420A478CF717DD952A0DC51B1E38113CF5EF2AC2EC08B6F6CB427A06AD990213C09DB2CEF8E8187
+20210530010351 2 6 100 8191 2 D8A2E2F024645B5A3FB339A2EF06A3E46CD2AA808530C320F121CE1EEBEE128D6DB4C49492881B35E5AA8C43CAA07E7F69A5C4ECD0EE62A29FC191B9C0DD6955E23E831A0573135B9931D03A5BBCA961410CA287D08D53C0E8CFEC19534C4FECBAD0F2BE625802AF1B504F59A4A88DAA5F52F221E0E9E0DB1396F07EAF2CA88B79D8CF35EF154A69569C545CA1D04A07ADE3628243039985880B79972FB9F5070951D40C9D21C1729348152724531B270C9DEBB5B2C730C72F4EA3932DB44BD3C746E082856A4109A37BA979164881D5B8007807FF1A7E0C48F99DBBE1709585203E579AE201D295E720CDD45B3A8652A7CE878765E699727641410F840871B4362DC51A3D4D15980876649089CE845B5733497FB8E7B2568EF8627EC1BEE0434A3A72094132A0BA0CA102A440952285823FB09684A1C52468193F6E8A6CC9D935C13FCC661DED5CB84B5D5DF721447531787F78AB31AA1D6342460A8B896518640B7DCF3825B52D46469351EF17E586B661D5C0E792C0AA0B0309B8A4BECB3B267BB459C7452387FF6028EEC1C6DFAE3EE9452EB7A7CFB9CDD361B45FF29E6648BD94712BEF29A1C86C492231F710BC66BF8CF83F8765EF6DBA6857C733789DD71245F17C6FA03DD07FCFFBC450029776FDB4F4B411D4B4A98E090CB79B4CF990398FE1C147CE959C8C11D5DE9A4271EA4CA3D8A50A6F7081A2B0F95AA4AD80081511C357D9F15B7547F0A725EED4EE7FDDAE32A3D00512984928679C51375777E968FE3363DCC495300762C7C6D32F4088DB4D4D4449610D05E87CECADA742827EF2B4EF1D064CEB0EEBB01264306F3E24D6260483829576F88B8346764429722BFD0FE3845F541837ACFFEDA101E0E082F618630B741BE1A9E44C677A947FEC31F08EB338798617A09C38EF3FF31A677E62DCDBA2C56D37B1F16AD2B06F41D3E5CDE9A9B7179B6EC46DF99D857521DF29E8012A1AFE6F2F0658171F56EEA20E531C3B2E02864B130BB0BA476F23024DCCA6411CE1BBD1D5C9F5346DB36334117AAF7A1B4ABE86470CABDF862010F5AE3129CA17F36BA89EE3DB83641804EC2455ED75686342E9F339068A77258BBC292E05AF5C233F5B74CA83080CC5DAE01E977E2F7D1ADC36803398B81DAC22DE391F512912148392371C658C416C96C8C3035928EDBB418CF249C9C02793AE6661AB04B4C6C944F55B23CB5621511DACD8EC5C1ECD463620CAC79C38B6CC95FA8993482EA255246D30DA6EA67C677889F56CDF4466F5D968069E152B0BE30B64E1B18607035D7D15503D364B73BAB5582CDF290FE30D2EB7A4F6F797D80702CC448E1153A3A9D882445C73BA490388588F31FA6C14BA7DBFAD39E1CE6B0E2FAD69015F81FF6DAAC56420A478CF717DD952A0DC51B1E38113CF5EF2AC2EC08B6F6CB427A06AD990213C09DB2CFB5346BB
+20210530015721 2 6 100 8191 5 D8A2E2F024645B5A3FB339A2EF06A3E46CD2AA808530C320F121CE1EEBEE128D6DB4C49492881B35E5AA8C43CAA07E7F69A5C4ECD0EE62A29FC191B9C0DD6955E23E831A0573135B9931D03A5BBCA961410CA287D08D53C0E8CFEC19534C4FECBAD0F2BE625802AF1B504F59A4A88DAA5F52F221E0E9E0DB1396F07EAF2CA88B79D8CF35EF154A69569C545CA1D04A07ADE3628243039985880B79972FB9F5070951D40C9D21C1729348152724531B270C9DEBB5B2C730C72F4EA3932DB44BD3C746E082856A4109A37BA979164881D5B8007807FF1A7E0C48F99DBBE1709585203E579AE201D295E720CDD45B3A8652A7CE878765E699727641410F840871B4362DC51A3D4D15980876649089CE845B5733497FB8E7B2568EF8627EC1BEE0434A3A72094132A0BA0CA102A440952285823FB09684A1C52468193F6E8A6CC9D935C13FCC661DED5CB84B5D5DF721447531787F78AB31AA1D6342460A8B896518640B7DCF3825B52D46469351EF17E586B661D5C0E792C0AA0B0309B8A4BECB3B267BB459C7452387FF6028EEC1C6DFAE3EE9452EB7A7CFB9CDD361B45FF29E6648BD94712BEF29A1C86C492231F710BC66BF8CF83F8765EF6DBA6857C733789DD71245F17C6FA03DD07FCFFBC450029776FDB4F4B411D4B4A98E090CB79B4CF990398FE1C147CE959C8C11D5DE9A4271EA4CA3D8A50A6F7081A2B0F95AA4AD80081511C357D9F15B7547F0A725EED4EE7FDDAE32A3D00512984928679C51375777E968FE3363DCC495300762C7C6D32F4088DB4D4D4449610D05E87CECADA742827EF2B4EF1D064CEB0EEBB01264306F3E24D6260483829576F88B8346764429722BFD0FE3845F541837ACFFEDA101E0E082F618630B741BE1A9E44C677A947FEC31F08EB338798617A09C38EF3FF31A677E62DCDBA2C56D37B1F16AD2B06F41D3E5CDE9A9B7179B6EC46DF99D857521DF29E8012A1AFE6F2F0658171F56EEA20E531C3B2E02864B130BB0BA476F23024DCCA6411CE1BBD1D5C9F5346DB36334117AAF7A1B4ABE86470CABDF862010F5AE3129CA17F36BA89EE3DB83641804EC2455ED75686342E9F339068A77258BBC292E05AF5C233F5B74CA83080CC5DAE01E977E2F7D1ADC36803398B81DAC22DE391F512912148392371C658C416C96C8C3035928EDBB418CF249C9C02793AE6661AB04B4C6C944F55B23CB5621511DACD8EC5C1ECD463620CAC79C38B6CC95FA8993482EA255246D30DA6EA67C677889F56CDF4466F5D968069E152B0BE30B64E1B18607035D7D15503D364B73BAB5582CDF290FE30D2EB7A4F6F797D80702CC448E1153A3A9D882445C73BA490388588F31FA6C14BA7DBFAD39E1CE6B0E2FAD69015F81FF6DAAC56420A478CF717DD952A0DC51B1E38113CF5EF2AC2EC08B6F6CB427A06AD990213C09DB2CFE9B3287
+20210530020811 2 6 100 8191 2 D8A2E2F024645B5A3FB339A2EF06A3E46CD2AA808530C320F121CE1EEBEE128D6DB4C49492881B35E5AA8C43CAA07E7F69A5C4ECD0EE62A29FC191B9C0DD6955E23E831A0573135B9931D03A5BBCA961410CA287D08D53C0E8CFEC19534C4FECBAD0F2BE625802AF1B504F59A4A88DAA5F52F221E0E9E0DB1396F07EAF2CA88B79D8CF35EF154A69569C545CA1D04A07ADE3628243039985880B79972FB9F5070951D40C9D21C1729348152724531B270C9DEBB5B2C730C72F4EA3932DB44BD3C746E082856A4109A37BA979164881D5B8007807FF1A7E0C48F99DBBE1709585203E579AE201D295E720CDD45B3A8652A7CE878765E699727641410F840871B4362DC51A3D4D15980876649089CE845B5733497FB8E7B2568EF8627EC1BEE0434A3A72094132A0BA0CA102A440952285823FB09684A1C52468193F6E8A6CC9D935C13FCC661DED5CB84B5D5DF721447531787F78AB31AA1D6342460A8B896518640B7DCF3825B52D46469351EF17E586B661D5C0E792C0AA0B0309B8A4BECB3B267BB459C7452387FF6028EEC1C6DFAE3EE9452EB7A7CFB9CDD361B45FF29E6648BD94712BEF29A1C86C492231F710BC66BF8CF83F8765EF6DBA6857C733789DD71245F17C6FA03DD07FCFFBC450029776FDB4F4B411D4B4A98E090CB79B4CF990398FE1C147CE959C8C11D5DE9A4271EA4CA3D8A50A6F7081A2B0F95AA4AD80081511C357D9F15B7547F0A725EED4EE7FDDAE32A3D00512984928679C51375777E968FE3363DCC495300762C7C6D32F4088DB4D4D4449610D05E87CECADA742827EF2B4EF1D064CEB0EEBB01264306F3E24D6260483829576F88B8346764429722BFD0FE3845F541837ACFFEDA101E0E082F618630B741BE1A9E44C677A947FEC31F08EB338798617A09C38EF3FF31A677E62DCDBA2C56D37B1F16AD2B06F41D3E5CDE9A9B7179B6EC46DF99D857521DF29E8012A1AFE6F2F0658171F56EEA20E531C3B2E02864B130BB0BA476F23024DCCA6411CE1BBD1D5C9F5346DB36334117AAF7A1B4ABE86470CABDF862010F5AE3129CA17F36BA89EE3DB83641804EC2455ED75686342E9F339068A77258BBC292E05AF5C233F5B74CA83080CC5DAE01E977E2F7D1ADC36803398B81DAC22DE391F512912148392371C658C416C96C8C3035928EDBB418CF249C9C02793AE6661AB04B4C6C944F55B23CB5621511DACD8EC5C1ECD463620CAC79C38B6CC95FA8993482EA255246D30DA6EA67C677889F56CDF4466F5D968069E152B0BE30B64E1B18607035D7D15503D364B73BAB5582CDF290FE30D2EB7A4F6F797D80702CC448E1153A3A9D882445C73BA490388588F31FA6C14BA7DBFAD39E1CE6B0E2FAD69015F81FF6DAAC56420A478CF717DD952A0DC51B1E38113CF5EF2AC2EC08B6F6CB427A06AD990213C09DB2CFF416103
+20210530062143 2 6 100 8191 5 D8A2E2F024645B5A3FB339A2EF06A3E46CD2AA808530C320F121CE1EEBEE128D6DB4C49492881B35E5AA8C43CAA07E7F69A5C4ECD0EE62A29FC191B9C0DD6955E23E831A0573135B9931D03A5BBCA961410CA287D08D53C0E8CFEC19534C4FECBAD0F2BE625802AF1B504F59A4A88DAA5F52F221E0E9E0DB1396F07EAF2CA88B79D8CF35EF154A69569C545CA1D04A07ADE3628243039985880B79972FB9F5070951D40C9D21C1729348152724531B270C9DEBB5B2C730C72F4EA3932DB44BD3C746E082856A4109A37BA979164881D5B8007807FF1A7E0C48F99DBBE1709585203E579AE201D295E720CDD45B3A8652A7CE878765E699727641410F840871B4362DC51A3D4D15980876649089CE845B5733497FB8E7B2568EF8627EC1BEE0434A3A72094132A0BA0CA102A440952285823FB09684A1C52468193F6E8A6CC9D935C13FCC661DED5CB84B5D5DF721447531787F78AB31AA1D6342460A8B896518640B7DCF3825B52D46469351EF17E586B661D5C0E792C0AA0B0309B8A4BECB3B267BB459C7452387FF6028EEC1C6DFAE3EE9452EB7A7CFB9CDD361B45FF29E6648BD94712BEF29A1C86C492231F710BC66BF8CF83F8765EF6DBA6857C733789DD71245F17C6FA03DD07FCFFBC450029776FDB4F4B411D4B4A98E090CB79B4CF990398FE1C147CE959C8C11D5DE9A4271EA4CA3D8A50A6F7081A2B0F95AA4AD80081511C357D9F15B7547F0A725EED4EE7FDDAE32A3D00512984928679C51375777E968FE3363DCC495300762C7C6D32F4088DB4D4D4449610D05E87CECADA742827EF2B4EF1D064CEB0EEBB01264306F3E24D6260483829576F88B8346764429722BFD0FE3845F541837ACFFEDA101E0E082F618630B741BE1A9E44C677A947FEC31F08EB338798617A09C38EF3FF31A677E62DCDBA2C56D37B1F16AD2B06F41D3E5CDE9A9B7179B6EC46DF99D857521DF29E8012A1AFE6F2F0658171F56EEA20E531C3B2E02864B130BB0BA476F23024DCCA6411CE1BBD1D5C9F5346DB36334117AAF7A1B4ABE86470CABDF862010F5AE3129CA17F36BA89EE3DB83641804EC2455ED75686342E9F339068A77258BBC292E05AF5C233F5B74CA83080CC5DAE01E977E2F7D1ADC36803398B81DAC22DE391F512912148392371C658C416C96C8C3035928EDBB418CF249C9C02793AE6661AB04B4C6C944F55B23CB5621511DACD8EC5C1ECD463620CAC79C38B6CC95FA8993482EA255246D30DA6EA67C677889F56CDF4466F5D968069E152B0BE30B64E1B18607035D7D15503D364B73BAB5582CDF290FE30D2EB7A4F6F797D80702CC448E1153A3A9D882445C73BA490388588F31FA6C14BA7DBFAD39E1CE6B0E2FAD69015F81FF6DAAC56420A478CF717DD952A0DC51B1E38113CF5EF2AC2EC08B6F6CB427A06AD990213C09DB2D0EB89917
+20210530071701 2 6 100 8191 5 D8A2E2F024645B5A3FB339A2EF06A3E46CD2AA808530C320F121CE1EEBEE128D6DB4C49492881B35E5AA8C43CAA07E7F69A5C4ECD0EE62A29FC191B9C0DD6955E23E831A0573135B9931D03A5BBCA961410CA287D08D53C0E8CFEC19534C4FECBAD0F2BE625802AF1B504F59A4A88DAA5F52F221E0E9E0DB1396F07EAF2CA88B79D8CF35EF154A69569C545CA1D04A07ADE3628243039985880B79972FB9F5070951D40C9D21C1729348152724531B270C9DEBB5B2C730C72F4EA3932DB44BD3C746E082856A4109A37BA979164881D5B8007807FF1A7E0C48F99DBBE1709585203E579AE201D295E720CDD45B3A8652A7CE878765E699727641410F840871B4362DC51A3D4D15980876649089CE845B5733497FB8E7B2568EF8627EC1BEE0434A3A72094132A0BA0CA102A440952285823FB09684A1C52468193F6E8A6CC9D935C13FCC661DED5CB84B5D5DF721447531787F78AB31AA1D6342460A8B896518640B7DCF3825B52D46469351EF17E586B661D5C0E792C0AA0B0309B8A4BECB3B267BB459C7452387FF6028EEC1C6DFAE3EE9452EB7A7CFB9CDD361B45FF29E6648BD94712BEF29A1C86C492231F710BC66BF8CF83F8765EF6DBA6857C733789DD71245F17C6FA03DD07FCFFBC450029776FDB4F4B411D4B4A98E090CB79B4CF990398FE1C147CE959C8C11D5DE9A4271EA4CA3D8A50A6F7081A2B0F95AA4AD80081511C357D9F15B7547F0A725EED4EE7FDDAE32A3D00512984928679C51375777E968FE3363DCC495300762C7C6D32F4088DB4D4D4449610D05E87CECADA742827EF2B4EF1D064CEB0EEBB01264306F3E24D6260483829576F88B8346764429722BFD0FE3845F541837ACFFEDA101E0E082F618630B741BE1A9E44C677A947FEC31F08EB338798617A09C38EF3FF31A677E62DCDBA2C56D37B1F16AD2B06F41D3E5CDE9A9B7179B6EC46DF99D857521DF29E8012A1AFE6F2F0658171F56EEA20E531C3B2E02864B130BB0BA476F23024DCCA6411CE1BBD1D5C9F5346DB36334117AAF7A1B4ABE86470CABDF862010F5AE3129CA17F36BA89EE3DB83641804EC2455ED75686342E9F339068A77258BBC292E05AF5C233F5B74CA83080CC5DAE01E977E2F7D1ADC36803398B81DAC22DE391F512912148392371C658C416C96C8C3035928EDBB418CF249C9C02793AE6661AB04B4C6C944F55B23CB5621511DACD8EC5C1ECD463620CAC79C38B6CC95FA8993482EA255246D30DA6EA67C677889F56CDF4466F5D968069E152B0BE30B64E1B18607035D7D15503D364B73BAB5582CDF290FE30D2EB7A4F6F797D80702CC448E1153A3A9D882445C73BA490388588F31FA6C14BA7DBFAD39E1CE6B0E2FAD69015F81FF6DAAC56420A478CF717DD952A0DC51B1E38113CF5EF2AC2EC08B6F6CB427A06AD990213C09DB2D1208E667
+20210530095307 2 6 100 8191 2 D8A2E2F024645B5A3FB339A2EF06A3E46CD2AA808530C320F121CE1EEBEE128D6DB4C49492881B35E5AA8C43CAA07E7F69A5C4ECD0EE62A29FC191B9C0DD6955E23E831A0573135B9931D03A5BBCA961410CA287D08D53C0E8CFEC19534C4FECBAD0F2BE625802AF1B504F59A4A88DAA5F52F221E0E9E0DB1396F07EAF2CA88B79D8CF35EF154A69569C545CA1D04A07ADE3628243039985880B79972FB9F5070951D40C9D21C1729348152724531B270C9DEBB5B2C730C72F4EA3932DB44BD3C746E082856A4109A37BA979164881D5B8007807FF1A7E0C48F99DBBE1709585203E579AE201D295E720CDD45B3A8652A7CE878765E699727641410F840871B4362DC51A3D4D15980876649089CE845B5733497FB8E7B2568EF8627EC1BEE0434A3A72094132A0BA0CA102A440952285823FB09684A1C52468193F6E8A6CC9D935C13FCC661DED5CB84B5D5DF721447531787F78AB31AA1D6342460A8B896518640B7DCF3825B52D46469351EF17E586B661D5C0E792C0AA0B0309B8A4BECB3B267BB459C7452387FF6028EEC1C6DFAE3EE9452EB7A7CFB9CDD361B45FF29E6648BD94712BEF29A1C86C492231F710BC66BF8CF83F8765EF6DBA6857C733789DD71245F17C6FA03DD07FCFFBC450029776FDB4F4B411D4B4A98E090CB79B4CF990398FE1C147CE959C8C11D5DE9A4271EA4CA3D8A50A6F7081A2B0F95AA4AD80081511C357D9F15B7547F0A725EED4EE7FDDAE32A3D00512984928679C51375777E968FE3363DCC495300762C7C6D32F4088DB4D4D4449610D05E87CECADA742827EF2B4EF1D064CEB0EEBB01264306F3E24D6260483829576F88B8346764429722BFD0FE3845F541837ACFFEDA101E0E082F618630B741BE1A9E44C677A947FEC31F08EB338798617A09C38EF3FF31A677E62DCDBA2C56D37B1F16AD2B06F41D3E5CDE9A9B7179B6EC46DF99D857521DF29E8012A1AFE6F2F0658171F56EEA20E531C3B2E02864B130BB0BA476F23024DCCA6411CE1BBD1D5C9F5346DB36334117AAF7A1B4ABE86470CABDF862010F5AE3129CA17F36BA89EE3DB83641804EC2455ED75686342E9F339068A77258BBC292E05AF5C233F5B74CA83080CC5DAE01E977E2F7D1ADC36803398B81DAC22DE391F512912148392371C658C416C96C8C3035928EDBB418CF249C9C02793AE6661AB04B4C6C944F55B23CB5621511DACD8EC5C1ECD463620CAC79C38B6CC95FA8993482EA255246D30DA6EA67C677889F56CDF4466F5D968069E152B0BE30B64E1B18607035D7D15503D364B73BAB5582CDF290FE30D2EB7A4F6F797D80702CC448E1153A3A9D882445C73BA490388588F31FA6C14BA7DBFAD39E1CE6B0E2FAD69015F81FF6DAAC56420A478CF717DD952A0DC51B1E38113CF5EF2AC2EC08B6F6CB427A06AD990213C09DB2D1B675F3B
+20210530111421 2 6 100 8191 5 D8A2E2F024645B5A3FB339A2EF06A3E46CD2AA808530C320F121CE1EEBEE128D6DB4C49492881B35E5AA8C43CAA07E7F69A5C4ECD0EE62A29FC191B9C0DD6955E23E831A0573135B9931D03A5BBCA961410CA287D08D53C0E8CFEC19534C4FECBAD0F2BE625802AF1B504F59A4A88DAA5F52F221E0E9E0DB1396F07EAF2CA88B79D8CF35EF154A69569C545CA1D04A07ADE3628243039985880B79972FB9F5070951D40C9D21C1729348152724531B270C9DEBB5B2C730C72F4EA3932DB44BD3C746E082856A4109A37BA979164881D5B8007807FF1A7E0C48F99DBBE1709585203E579AE201D295E720CDD45B3A8652A7CE878765E699727641410F840871B4362DC51A3D4D15980876649089CE845B5733497FB8E7B2568EF8627EC1BEE0434A3A72094132A0BA0CA102A440952285823FB09684A1C52468193F6E8A6CC9D935C13FCC661DED5CB84B5D5DF721447531787F78AB31AA1D6342460A8B896518640B7DCF3825B52D46469351EF17E586B661D5C0E792C0AA0B0309B8A4BECB3B267BB459C7452387FF6028EEC1C6DFAE3EE9452EB7A7CFB9CDD361B45FF29E6648BD94712BEF29A1C86C492231F710BC66BF8CF83F8765EF6DBA6857C733789DD71245F17C6FA03DD07FCFFBC450029776FDB4F4B411D4B4A98E090CB79B4CF990398FE1C147CE959C8C11D5DE9A4271EA4CA3D8A50A6F7081A2B0F95AA4AD80081511C357D9F15B7547F0A725EED4EE7FDDAE32A3D00512984928679C51375777E968FE3363DCC495300762C7C6D32F4088DB4D4D4449610D05E87CECADA742827EF2B4EF1D064CEB0EEBB01264306F3E24D6260483829576F88B8346764429722BFD0FE3845F541837ACFFEDA101E0E082F618630B741BE1A9E44C677A947FEC31F08EB338798617A09C38EF3FF31A677E62DCDBA2C56D37B1F16AD2B06F41D3E5CDE9A9B7179B6EC46DF99D857521DF29E8012A1AFE6F2F0658171F56EEA20E531C3B2E02864B130BB0BA476F23024DCCA6411CE1BBD1D5C9F5346DB36334117AAF7A1B4ABE86470CABDF862010F5AE3129CA17F36BA89EE3DB83641804EC2455ED75686342E9F339068A77258BBC292E05AF5C233F5B74CA83080CC5DAE01E977E2F7D1ADC36803398B81DAC22DE391F512912148392371C658C416C96C8C3035928EDBB418CF249C9C02793AE6661AB04B4C6C944F55B23CB5621511DACD8EC5C1ECD463620CAC79C38B6CC95FA8993482EA255246D30DA6EA67C677889F56CDF4466F5D968069E152B0BE30B64E1B18607035D7D15503D364B73BAB5582CDF290FE30D2EB7A4F6F797D80702CC448E1153A3A9D882445C73BA490388588F31FA6C14BA7DBFAD39E1CE6B0E2FAD69015F81FF6DAAC56420A478CF717DD952A0DC51B1E38113CF5EF2AC2EC08B6F6CB427A06AD990213C09DB2D2044A90F
diff --git a/moduli.0 b/moduli.0
index 15d7899ffc84..495bd5205aa7 100644
--- a/moduli.0
+++ b/moduli.0
@@ -71,4 +71,4 @@ STANDARDS
      the Secure Shell (SSH) Transport Layer Protocol, RFC 4419, March 2006,
      2006.
 
-OpenBSD 6.9                   September 26, 2012                   OpenBSD 6.9
+OpenBSD 7.0                   September 26, 2012                   OpenBSD 7.0
diff --git a/monitor.c b/monitor.c
index 74c803e15ad3..c199cb9bc089 100644
--- a/monitor.c
+++ b/monitor.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor.c,v 1.228 2021/08/11 05:20:17 djm Exp $ */
+/* $OpenBSD: monitor.c,v 1.231 2022/01/28 06:18:42 guenther Exp $ */
 /*
  * Copyright 2002 Niels Provos <provos@citi.umich.edu>
  * Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -790,7 +790,7 @@ mm_answer_pwnamallow(struct ssh *ssh, int sock, struct sshbuf *m)
 	if (auth2_setup_methods_lists(authctxt) != 0) {
 		/*
 		 * The monitor will continue long enough to let the child
-		 * run to it's packet_disconnect(), but it must not allow any
+		 * run to its packet_disconnect(), but it must not allow any
 		 * authentication to succeed.
 		 */
 		debug_f("no valid authentication method lists");
@@ -1246,11 +1246,12 @@ static int
 monitor_valid_userblob(struct ssh *ssh, const u_char *data, u_int datalen)
 {
 	struct sshbuf *b;
+	struct sshkey *hostkey = NULL;
 	const u_char *p;
 	char *userstyle, *cp;
 	size_t len;
 	u_char type;
-	int r, fail = 0;
+	int hostbound = 0, r, fail = 0;
 
 	if ((b = sshbuf_from(data, datalen)) == NULL)
 		fatal_f("sshbuf_from");
@@ -1291,19 +1292,34 @@ monitor_valid_userblob(struct ssh *ssh, const u_char *data, u_int datalen)
 	if ((r = sshbuf_skip_string(b)) != 0 ||	/* service */
 	    (r = sshbuf_get_cstring(b, &cp, NULL)) != 0)
 		fatal_fr(r, "parse method");
-	if (strcmp("publickey", cp) != 0)
-		fail++;
+	if (strcmp("publickey", cp) != 0) {
+		if (strcmp("publickey-hostbound-v00@openssh.com", cp) == 0)
+			hostbound = 1;
+		else
+			fail++;
+	}
 	free(cp);
 	if ((r = sshbuf_get_u8(b, &type)) != 0)
 		fatal_fr(r, "parse pktype");
 	if (type == 0)
 		fail++;
 	if ((r = sshbuf_skip_string(b)) != 0 ||	/* pkalg */
-	    (r = sshbuf_skip_string(b)) != 0)	/* pkblob */
+	    (r = sshbuf_skip_string(b)) != 0 ||	/* pkblob */
+	    (hostbound && (r = sshkey_froms(b, &hostkey)) != 0))
 		fatal_fr(r, "parse pk");
 	if (sshbuf_len(b) != 0)
 		fail++;
 	sshbuf_free(b);
+	if (hostkey != NULL) {
+		/*
+		 * Ensure this is actually one of our hostkeys; unfortunately
+		 * can't check ssh->kex->initial_hostkey directly at this point
+		 * as packet state has not yet been exported to monitor.
+		 */
+		if (get_hostkey_index(hostkey, 1, ssh) == -1)
+			fatal_f("hostbound hostkey does not match");
+		sshkey_free(hostkey);
+	}
 	return (fail == 0);
 }
 
@@ -1432,7 +1448,8 @@ mm_answer_keyverify(struct ssh *ssh, int sock, struct sshbuf *m)
 
 	ret = sshkey_verify(key, signature, signaturelen, data, datalen,
 	    sigalg, ssh->compat, &sig_details);
-	debug3_f("%s %s signature %s%s%s", auth_method, sshkey_type(key),
+	debug3_f("%s %s signature using %s %s%s%s", auth_method,
+	    sshkey_type(key), sigalg == NULL ? "default" : sigalg,
 	    (ret == 0) ? "verified" : "unverified",
 	    (ret != 0) ? ": " : "", (ret != 0) ? ssh_err(ret) : "");
 
diff --git a/mux.c b/mux.c
index 4c0eb4249bcd..176f035c86f5 100644
--- a/mux.c
+++ b/mux.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: mux.c,v 1.91 2021/07/23 04:00:59 djm Exp $ */
+/* $OpenBSD: mux.c,v 1.92 2022/01/11 01:26:47 djm Exp $ */
 /*
  * Copyright (c) 2002-2008 Damien Miller <djm@openbsd.org>
  *
@@ -2037,7 +2037,7 @@ mux_client_request_session(int fd)
 	} else
 		debug2("Received exit status from master %d", exitval);
 
-	if (tty_flag && options.log_level != SYSLOG_LEVEL_QUIET)
+	if (tty_flag && options.log_level >= SYSLOG_LEVEL_INFO)
 		fprintf(stderr, "Shared connection to %s closed.\r\n", host);
 
 	exit(exitval);
diff --git a/myproposal.h b/myproposal.h
index 6d79937b6fa8..ee50d215be06 100644
--- a/myproposal.h
+++ b/myproposal.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: myproposal.h,v 1.69 2021/08/29 23:53:10 djm Exp $ */
+/* $OpenBSD: myproposal.h,v 1.70 2021/11/10 06:29:25 djm Exp $ */
 
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
@@ -30,6 +30,7 @@
 	"ecdh-sha2-nistp256," \
 	"ecdh-sha2-nistp384," \
 	"ecdh-sha2-nistp521," \
+	"sntrup761x25519-sha512@openssh.com," \
 	"diffie-hellman-group-exchange-sha256," \
 	"diffie-hellman-group16-sha512," \
 	"diffie-hellman-group18-sha512," \
diff --git a/nchan.c b/nchan.c
index 7ef3a350b79a..d33426fedf91 100644
--- a/nchan.c
+++ b/nchan.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: nchan.c,v 1.73 2021/05/19 01:24:05 djm Exp $ */
+/* $OpenBSD: nchan.c,v 1.74 2022/02/01 23:32:51 djm Exp $ */
 /*
  * Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl.  All rights reserved.
  *
@@ -82,8 +82,12 @@ static void	chan_shutdown_write(struct ssh *, Channel *);
 static void	chan_shutdown_read(struct ssh *, Channel *);
 static void	chan_shutdown_extended_read(struct ssh *, Channel *);
 
-static const char *ostates[] = { "open", "drain", "wait_ieof", "closed" };
-static const char *istates[] = { "open", "drain", "wait_oclose", "closed" };
+static const char * const ostates[] = {
+	"open", "drain", "wait_ieof", "closed",
+};
+static const char * const istates[] = {
+	"open", "drain", "wait_oclose", "closed",
+};
 
 static void
 chan_set_istate(Channel *c, u_int next)
diff --git a/openbsd-compat/arc4random.c b/openbsd-compat/arc4random.c
index 14853aba43d1..80ff3c1801a1 100644
--- a/openbsd-compat/arc4random.c
+++ b/openbsd-compat/arc4random.c
@@ -39,6 +39,8 @@
 
 #ifndef HAVE_ARC4RANDOM
 
+#define MINIMUM(a, b)    (((a) < (b)) ? (a) : (b))
+
 #ifdef WITH_OPENSSL
 #include <openssl/rand.h>
 #include <openssl/err.h>
@@ -170,7 +172,7 @@ _rs_rekey(u_char *dat, size_t datlen)
 	if (dat) {
 		size_t i, m;
 
-		m = MIN(datlen, KEYSZ + IVSZ);
+		m = MINIMUM(datlen, KEYSZ + IVSZ);
 		for (i = 0; i < m; i++)
 			rs_buf[i] ^= dat[i];
 	}
@@ -189,7 +191,7 @@ _rs_random_buf(void *_buf, size_t n)
 	_rs_stir_if_needed(n);
 	while (n > 0) {
 		if (rs_have > 0) {
-			m = MIN(n, rs_have);
+			m = MINIMUM(n, rs_have);
 			memcpy(buf, rs_buf + RSBUFSZ - rs_have, m);
 			memset(rs_buf + RSBUFSZ - rs_have, 0, m);
 			buf += m;
@@ -230,7 +232,7 @@ arc4random_addrandom(u_char *dat, int datlen)
 	if (!rs_initialized)
 		_rs_stir();
 	while (datlen > 0) {
-		m = MIN(datlen, KEYSZ + IVSZ);
+		m = MINIMUM(datlen, KEYSZ + IVSZ);
 		_rs_rekey(dat, m);
 		dat += m;
 		datlen -= m;
diff --git a/openbsd-compat/base64.c b/openbsd-compat/base64.c
index b7dce095e4c3..e5faba3c52b9 100644
--- a/openbsd-compat/base64.c
+++ b/openbsd-compat/base64.c
@@ -49,7 +49,6 @@
 #if (!defined(HAVE_B64_NTOP) && !defined(HAVE___B64_NTOP)) || (!defined(HAVE_B64_PTON) && !defined(HAVE___B64_PTON))
 
 #include <sys/types.h>
-#include <sys/param.h>
 #include <sys/socket.h>
 #include <netinet/in.h>
 #include <arpa/inet.h>
diff --git a/openbsd-compat/bcrypt_pbkdf.c b/openbsd-compat/bcrypt_pbkdf.c
index 62728d38f002..5a22ba3b4258 100644
--- a/openbsd-compat/bcrypt_pbkdf.c
+++ b/openbsd-compat/bcrypt_pbkdf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: bcrypt_pbkdf.c,v 1.13 2015/01/12 03:20:04 tedu Exp $ */
+/* $OpenBSD: bcrypt_pbkdf.c,v 1.16 2020/08/02 18:35:48 tb Exp $ */
 /*
  * Copyright (c) 2013 Ted Unangst <tedu@openbsd.org>
  *
@@ -17,12 +17,13 @@
 
 /* OPENBSD ORIGINAL: lib/libutil/bcrypt_pbkdf.c */
 
+/* This version has been modified to use SHA512 from SUPERCOP */
+
 #include "includes.h"
 
 #ifndef HAVE_BCRYPT_PBKDF
 
 #include <sys/types.h>
-#include <sys/param.h>
 
 #ifdef HAVE_STDLIB_H
 # include <stdlib.h>
@@ -48,7 +49,7 @@
  * function with the following modifications:
  * 1. The input password and salt are preprocessed with SHA512.
  * 2. The output length is expanded to 256 bits.
- * 3. Subsequently the magic string to be encrypted is lengthened and modified
+ * 3. Subsequently the magic string to be encrypted is lengthened and modifed
  *    to "OxychromaticBlowfishSwatDynamite"
  * 4. The hash function is defined to perform 64 rounds of initial state
  *    expansion. (More rounds are performed by iterating the hash.)
@@ -69,10 +70,10 @@
 #define BCRYPT_HASHSIZE (BCRYPT_WORDS * 4)
 
 static void
-bcrypt_hash(u_int8_t *sha2pass, u_int8_t *sha2salt, u_int8_t *out)
+bcrypt_hash(uint8_t *sha2pass, uint8_t *sha2salt, uint8_t *out)
 {
 	blf_ctx state;
-	u_int8_t ciphertext[BCRYPT_HASHSIZE] =
+	uint8_t ciphertext[BCRYPT_HASHSIZE] =
 	    "OxychromaticBlowfishSwatDynamite";
 	uint32_t cdata[BCRYPT_WORDS];
 	int i;
@@ -93,7 +94,7 @@ bcrypt_hash(u_int8_t *sha2pass, u_int8_t *sha2salt, u_int8_t *out)
 		cdata[i] = Blowfish_stream2word(ciphertext, sizeof(ciphertext),
 		    &j);
 	for (i = 0; i < 64; i++)
-		blf_enc(&state, cdata, sizeof(cdata) / (sizeof(uint64_t)));
+		blf_enc(&state, cdata, BCRYPT_WORDS / 2);
 
 	/* copy out */
 	for (i = 0; i < BCRYPT_WORDS; i++) {
@@ -110,26 +111,26 @@ bcrypt_hash(u_int8_t *sha2pass, u_int8_t *sha2salt, u_int8_t *out)
 }
 
 int
-bcrypt_pbkdf(const char *pass, size_t passlen, const u_int8_t *salt, size_t saltlen,
-    u_int8_t *key, size_t keylen, unsigned int rounds)
+bcrypt_pbkdf(const char *pass, size_t passlen, const uint8_t *salt, size_t saltlen,
+    uint8_t *key, size_t keylen, unsigned int rounds)
 {
-	u_int8_t sha2pass[SHA512_DIGEST_LENGTH];
-	u_int8_t sha2salt[SHA512_DIGEST_LENGTH];
-	u_int8_t out[BCRYPT_HASHSIZE];
-	u_int8_t tmpout[BCRYPT_HASHSIZE];
-	u_int8_t *countsalt;
+	uint8_t sha2pass[SHA512_DIGEST_LENGTH];
+	uint8_t sha2salt[SHA512_DIGEST_LENGTH];
+	uint8_t out[BCRYPT_HASHSIZE];
+	uint8_t tmpout[BCRYPT_HASHSIZE];
+	uint8_t *countsalt;
 	size_t i, j, amt, stride;
 	uint32_t count;
 	size_t origkeylen = keylen;
 
 	/* nothing crazy */
 	if (rounds < 1)
-		return -1;
+		goto bad;
 	if (passlen == 0 || saltlen == 0 || keylen == 0 ||
 	    keylen > sizeof(out) * sizeof(out) || saltlen > 1<<20)
-		return -1;
+		goto bad;
 	if ((countsalt = calloc(1, saltlen + 4)) == NULL)
-		return -1;
+		goto bad;
 	stride = (keylen + sizeof(out) - 1) / sizeof(out);
 	amt = (keylen + stride - 1) / stride;
 
@@ -173,9 +174,15 @@ bcrypt_pbkdf(const char *pass, size_t passlen, const u_int8_t *salt, size_t salt
 	}
 
 	/* zap */
+	freezero(countsalt, saltlen + 4);
 	explicit_bzero(out, sizeof(out));
-	free(countsalt);
+	explicit_bzero(tmpout, sizeof(tmpout));
 
 	return 0;
+
+bad:
+	/* overwrite with random in case caller doesn't check return code */
+	arc4random_buf(key, keylen);
+	return -1;
 }
 #endif /* HAVE_BCRYPT_PBKDF */
diff --git a/openbsd-compat/bindresvport.c b/openbsd-compat/bindresvport.c
index eeb269d59dfc..346c7fe5654a 100644
--- a/openbsd-compat/bindresvport.c
+++ b/openbsd-compat/bindresvport.c
@@ -40,6 +40,7 @@
 #include <arpa/inet.h>
 
 #include <errno.h>
+#include <stdlib.h>
 #include <string.h>
 
 #define STARTPORT 600
diff --git a/openbsd-compat/blf.h b/openbsd-compat/blf.h
index f1ac5a5c2b64..5b8a73e55aca 100644
--- a/openbsd-compat/blf.h
+++ b/openbsd-compat/blf.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: blf.h,v 1.7 2007/03/14 17:59:41 grunk Exp $ */
+/* $OpenBSD: blf.h,v 1.8 2021/11/29 01:04:45 djm Exp $ */
 /*
  * Blowfish - a fast block cipher designed by Bruce Schneier
  *
@@ -13,10 +13,7 @@
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by Niels Provos.
- * 4. The name of the author may not be used to endorse or promote products
+ * 3. The name of the author may not be used to endorse or promote products
  *    derived from this software without specific prior written permission.
  *
  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
diff --git a/openbsd-compat/blowfish.c b/openbsd-compat/blowfish.c
index e10f7e7d9273..bfeba47c0db3 100644
--- a/openbsd-compat/blowfish.c
+++ b/openbsd-compat/blowfish.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: blowfish.c,v 1.18 2004/11/02 17:23:26 hshoexer Exp $ */
+/* $OpenBSD: blowfish.c,v 1.20 2021/11/29 01:04:45 djm Exp $ */
 /*
  * Blowfish block cipher for OpenBSD
  * Copyright 1997 Niels Provos <provos@physnet.uni-hamburg.de>
@@ -14,10 +14,7 @@
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by Niels Provos.
- * 4. The name of the author may not be used to endorse or promote products
+ * 3. The name of the author may not be used to endorse or promote products
  *    derived from this software without specific prior written permission.
  *
  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
diff --git a/openbsd-compat/bsd-closefrom.c b/openbsd-compat/bsd-closefrom.c
index 8fadca2dad66..704da531fef9 100644
--- a/openbsd-compat/bsd-closefrom.c
+++ b/openbsd-compat/bsd-closefrom.c
@@ -16,10 +16,9 @@
 
 #include "includes.h"
 
-#ifndef HAVE_CLOSEFROM
+#if !defined(HAVE_CLOSEFROM) || defined(BROKEN_CLOSEFROM)
 
 #include <sys/types.h>
-#include <sys/param.h>
 #include <unistd.h>
 #include <stdio.h>
 #ifdef HAVE_FCNTL_H
@@ -130,6 +129,11 @@ closefrom(int lowfd)
     DIR *dirp;
     int len;
 
+#ifdef HAVE_CLOSE_RANGE
+	if (close_range(lowfd, INT_MAX, 0) == 0)
+		return;
+#endif
+
     /* Check for a /proc/$$/fd directory. */
     len = snprintf(fdpath, sizeof(fdpath), "/proc/%ld/fd", (long)getpid());
     if (len > 0 && (size_t)len < sizeof(fdpath) && (dirp = opendir(fdpath))) {
diff --git a/openbsd-compat/bsd-cygwin_util.c b/openbsd-compat/bsd-cygwin_util.c
index 54628e2607b4..9ede21d243a2 100644
--- a/openbsd-compat/bsd-cygwin_util.c
+++ b/openbsd-compat/bsd-cygwin_util.c
@@ -194,11 +194,11 @@ _match_pattern(const char *s, const char *pattern)
 	size_t len;
 	int ret;
 
-	if ((len = mbstowcs(NULL, s, 0)) < 0)
+	if ((len = mbstowcs(NULL, s, 0)) == (size_t) -1)
 		return 0;
 	ws = (wchar_t *) xcalloc(len + 1, sizeof (wchar_t));
 	mbstowcs(ws, s, len + 1);
-	if ((len = mbstowcs(NULL, pattern, 0)) < 0)
+	if ((len = mbstowcs(NULL, pattern, 0)) == (size_t) -1)
 		return 0;
 	wpattern = (wchar_t *) xcalloc(len + 1, sizeof (wchar_t));
 	mbstowcs(wpattern, pattern, len + 1);
diff --git a/openbsd-compat/bsd-getline.c b/openbsd-compat/bsd-getline.c
index d676f4cefa7e..e51bd7a1313d 100644
--- a/openbsd-compat/bsd-getline.c
+++ b/openbsd-compat/bsd-getline.c
@@ -39,7 +39,7 @@
 #include "file.h"
 #endif
 
-#if !HAVE_GETLINE
+#if !defined(HAVE_GETLINE) || defined(BROKEN_GETLINE)
 #include <stdlib.h>
 #include <stdio.h>
 #include <unistd.h>
diff --git a/openbsd-compat/bsd-openpty.c b/openbsd-compat/bsd-openpty.c
index 1ab41f42b634..f5507000a5cb 100644
--- a/openbsd-compat/bsd-openpty.c
+++ b/openbsd-compat/bsd-openpty.c
@@ -66,33 +66,16 @@
 #include <unistd.h>
 
 #include "misc.h"
+#include "log.h"
 
 #ifndef O_NOCTTY
 #define O_NOCTTY 0
 #endif
 
-int
-openpty(int *amaster, int *aslave, char *name, struct termios *termp,
-   struct winsize *winp)
+#if defined(HAVE_DEV_PTMX) && !defined(HAVE__GETPTY)
+static int
+openpty_streams(int *amaster, int *aslave)
 {
-#if defined(HAVE__GETPTY)
-	/*
-	 * _getpty(3) exists in SGI Irix 4.x, 5.x & 6.x -- it generates more
-	 * pty's automagically when needed
-	 */
-	char *slave;
-
-	if ((slave = _getpty(amaster, O_RDWR, 0622, 0)) == NULL)
-		return (-1);
-
-	/* Open the slave side. */
-	if ((*aslave = open(slave, O_RDWR | O_NOCTTY)) == -1) {
-		close(*amaster);
-		return (-1);
-	}
-	return (0);
-
-#elif defined(HAVE_DEV_PTMX)
 	/*
 	 * This code is used e.g. on Solaris 2.x.  (Note that Solaris 2.3
 	 * also has bsd-style ptys, but they simply do not work.)
@@ -141,9 +124,60 @@ openpty(int *amaster, int *aslave, char *name, struct termios *termp,
 # ifndef __hpux
 	ioctl(*aslave, I_PUSH, "ttcompat");
 # endif /* __hpux */
+	return (0);
+}
+#endif
+
+int
+openpty(int *amaster, int *aslave, char *name, struct termios *termp,
+   struct winsize *winp)
+{
+#if defined(HAVE__GETPTY)
+	/*
+	 * _getpty(3) exists in SGI Irix 4.x, 5.x & 6.x -- it generates more
+	 * pty's automagically when needed
+	 */
+	char *slave;
+
+	if ((slave = _getpty(amaster, O_RDWR, 0622, 0)) == NULL)
+		return (-1);
 
+	/* Open the slave side. */
+	if ((*aslave = open(slave, O_RDWR | O_NOCTTY)) == -1) {
+		close(*amaster);
+		return (-1);
+	}
 	return (0);
 
+#elif defined(HAVE_DEV_PTMX)
+
+#ifdef SSHD_ACQUIRES_CTTY
+	/*
+	 * On some (most? all?) SysV based systems with STREAMS based terminals,
+	 * sshd will acquire a controlling terminal when it pushes the "ptem"
+	 * module.  On such platforms, first allocate a sacrificial pty so
+	 * that sshd already has a controlling terminal before allocating the
+	 * one that will be passed back to the user process.  This ensures
+	 * the second pty is not already the controlling terminal for a
+	 * different session and is available to become controlling terminal
+	 * for the client's subprocess.  See bugzilla #245 for details.
+	 */
+	int r, fd;
+	static int junk_ptyfd = -1, junk_ttyfd;
+
+	r = openpty_streams(amaster, aslave);
+	if (junk_ptyfd == -1 && (fd = open(_PATH_TTY, O_RDWR|O_NOCTTY)) >= 0) {
+		close(fd);
+		junk_ptyfd = *amaster;
+		junk_ttyfd = *aslave;
+		debug("STREAMS bug workaround pty %d tty %d name %s",
+		    junk_ptyfd, junk_ttyfd, ttyname(junk_ttyfd));
+        } else
+		return r;
+#endif
+
+	return openpty_streams(amaster, aslave);
+
 #elif defined(HAVE_DEV_PTS_AND_PTC)
 	/* AIX-style pty code. */
 	const char *ttname;
diff --git a/openbsd-compat/bsd-poll.c b/openbsd-compat/bsd-poll.c
index c8e6222c0e34..781ee978a651 100644
--- a/openbsd-compat/bsd-poll.c
+++ b/openbsd-compat/bsd-poll.c
@@ -15,40 +15,45 @@
  */
 
 #include "includes.h"
-#if !defined(HAVE_POLL)
+#if !defined(HAVE_PPOLL) || !defined(HAVE_POLL) || defined(BROKEN_POLL)
 
 #include <sys/types.h>
 #include <sys/time.h>
+#ifdef HAVE_SYS_PARAM_H
+# include <sys/param.h>
+#endif
 #ifdef HAVE_SYS_SELECT_H
 # include <sys/select.h>
 #endif
 
 #include <errno.h>
+#include <signal.h>
 #include <stdlib.h>
 #include <unistd.h>
 #include "bsd-poll.h"
 
+#if !defined(HAVE_PPOLL) || defined(BROKEN_POLL)
 /*
- * A minimal implementation of poll(2), built on top of select(2).
+ * A minimal implementation of ppoll(2), built on top of pselect(2).
  *
- * Only supports POLLIN and POLLOUT flags in pfd.events, and POLLIN, POLLOUT
- * and POLLERR flags in revents.
+ * Only supports POLLIN, POLLOUT and POLLPRI flags in pfd.events and
+ * revents. Notably POLLERR, POLLHUP and POLLNVAL are not supported.
  *
  * Supports pfd.fd = -1 meaning "unused" although it's not standard.
  */
 
 int
-poll(struct pollfd *fds, nfds_t nfds, int timeout)
+ppoll(struct pollfd *fds, nfds_t nfds, const struct timespec *tmoutp,
+    const sigset_t *sigmask)
 {
 	nfds_t i;
 	int saved_errno, ret, fd, maxfd = 0;
 	fd_set *readfds = NULL, *writefds = NULL, *exceptfds = NULL;
 	size_t nmemb;
-	struct timeval tv, *tvp = NULL;
 
 	for (i = 0; i < nfds; i++) {
 		fd = fds[i].fd;
-		if (fd >= FD_SETSIZE) {
+		if (fd != -1 && fd >= FD_SETSIZE) {
 			errno = EINVAL;
 			return -1;
 		}
@@ -69,24 +74,15 @@ poll(struct pollfd *fds, nfds_t nfds, int timeout)
 		fd = fds[i].fd;
 		if (fd == -1)
 			continue;
-		if (fds[i].events & POLLIN) {
+		if (fds[i].events & POLLIN)
 			FD_SET(fd, readfds);
-			FD_SET(fd, exceptfds);
-		}
-		if (fds[i].events & POLLOUT) {
+		if (fds[i].events & POLLOUT)
 			FD_SET(fd, writefds);
+		if (fds[i].events & POLLPRI)
 			FD_SET(fd, exceptfds);
-		}
 	}
 
-	/* poll timeout is msec, select is timeval (sec + usec) */
-	if (timeout >= 0) {
-		tv.tv_sec = timeout / 1000;
-		tv.tv_usec = (timeout % 1000) * 1000;
-		tvp = &tv;
-	}
-
-	ret = select(maxfd + 1, readfds, writefds, exceptfds, tvp);
+	ret = pselect(maxfd + 1, readfds, writefds, exceptfds, tmoutp, sigmask);
 	saved_errno = errno;
 
 	/* scan through select results and set poll() flags */
@@ -95,15 +91,12 @@ poll(struct pollfd *fds, nfds_t nfds, int timeout)
 		fds[i].revents = 0;
 		if (fd == -1)
 			continue;
-		if (FD_ISSET(fd, readfds)) {
+		if (FD_ISSET(fd, readfds))
 			fds[i].revents |= POLLIN;
-		}
-		if (FD_ISSET(fd, writefds)) {
+		if (FD_ISSET(fd, writefds))
 			fds[i].revents |= POLLOUT;
-		}
-		if (FD_ISSET(fd, exceptfds)) {
-			fds[i].revents |= POLLERR;
-		}
+		if (FD_ISSET(fd, exceptfds))
+			fds[i].revents |= POLLPRI;
 	}
 
 out:
@@ -114,4 +107,23 @@ out:
 		errno = saved_errno;
 	return ret;
 }
-#endif
+#endif /* !HAVE_PPOLL || BROKEN_POLL */
+
+#if !defined(HAVE_POLL) || defined(BROKEN_POLL)
+int
+poll(struct pollfd *fds, nfds_t nfds, int timeout)
+{
+	struct timespec ts, *tsp = NULL;
+
+	/* poll timeout is msec, ppoll is timespec (sec + nsec) */
+	if (timeout >= 0) {
+		ts.tv_sec = timeout / 1000;
+		ts.tv_nsec = (timeout % 1000) * 1000000;
+		tsp = &ts;
+	}
+
+	return ppoll(fds, nfds, tsp, NULL);
+}
+#endif /* !HAVE_POLL || BROKEN_POLL */
+
+#endif /* !HAVE_PPOLL || !HAVE_POLL || BROKEN_POLL */
diff --git a/openbsd-compat/bsd-poll.h b/openbsd-compat/bsd-poll.h
index 8420ca1db378..586647ee1aff 100644
--- a/openbsd-compat/bsd-poll.h
+++ b/openbsd-compat/bsd-poll.h
@@ -27,26 +27,31 @@
 
 /* OPENBSD ORIGINAL: sys/sys/poll.h */
 
-#if !defined(HAVE_POLL) && !defined(HAVE_POLL_H)
 #ifndef	_COMPAT_POLL_H_
 #define	_COMPAT_POLL_H_
 
+#include <sys/types.h>
+#ifdef HAVE_POLL_H
+# include <poll.h>
+#elif HAVE_SYS_POLL_H
+# include <sys/poll.h>
+#endif
+
+#ifndef HAVE_STRUCT_POLLFD_FD
 typedef struct pollfd {
 	int	fd;
 	short	events;
 	short	revents;
 } pollfd_t;
 
-typedef unsigned int	nfds_t;
-
 #define	POLLIN		0x0001
+#define	POLLPRI		0x0002
 #define	POLLOUT		0x0004
 #define	POLLERR		0x0008
 #define	POLLHUP		0x0010
 #define	POLLNVAL	0x0020
 #if 0
 /* the following are currently not implemented */
-#define	POLLPRI		0x0002
 #define	POLLRDNORM	0x0040
 #define POLLNORM	POLLRDNORM
 #define POLLWRNORM      POLLOUT
@@ -55,7 +60,18 @@ typedef unsigned int	nfds_t;
 #endif
 
 #define INFTIM		(-1)	/* not standard */
+#endif /* !HAVE_STRUCT_POLLFD_FD */
 
+#ifndef HAVE_NFDS_T
+typedef unsigned int	nfds_t;
+#endif
+
+#ifndef HAVE_POLL
 int   poll(struct pollfd *, nfds_t, int);
+#endif
+
+#ifndef HAVE_PPOLL
+int   ppoll(struct pollfd *, nfds_t, const struct timespec *, const sigset_t *);
+#endif
+
 #endif /* !_COMPAT_POLL_H_ */
-#endif /* !HAVE_POLL_H */
diff --git a/openbsd-compat/bsd-statvfs.c b/openbsd-compat/bsd-statvfs.c
index 10d8764392c2..18ca726cfc73 100644
--- a/openbsd-compat/bsd-statvfs.c
+++ b/openbsd-compat/bsd-statvfs.c
@@ -18,7 +18,6 @@
 
 #if !defined(HAVE_STATVFS) || !defined(HAVE_FSTATVFS)
 
-#include <sys/param.h>
 #ifdef HAVE_SYS_MOUNT_H
 # include <sys/mount.h>
 #endif
diff --git a/openbsd-compat/dirname.c b/openbsd-compat/dirname.c
index 30fcb496856d..127bc2ae16f1 100644
--- a/openbsd-compat/dirname.c
+++ b/openbsd-compat/dirname.c
@@ -23,7 +23,6 @@
 
 #include <errno.h>
 #include <string.h>
-#include <sys/param.h>
 
 char *
 dirname(const char *path)
diff --git a/openbsd-compat/getcwd.c b/openbsd-compat/getcwd.c
index e4f7f5a3d0ae..2d56bae19dd6 100644
--- a/openbsd-compat/getcwd.c
+++ b/openbsd-compat/getcwd.c
@@ -34,7 +34,6 @@
 
 #if !defined(HAVE_GETCWD)
 
-#include <sys/param.h>
 #include <sys/stat.h>
 #include <errno.h>
 #include <dirent.h>
diff --git a/openbsd-compat/inet_aton.c b/openbsd-compat/inet_aton.c
index 093a17203fb6..5efcc5f0374a 100644
--- a/openbsd-compat/inet_aton.c
+++ b/openbsd-compat/inet_aton.c
@@ -56,7 +56,6 @@
 #if !defined(HAVE_INET_ATON)
 
 #include <sys/types.h>
-#include <sys/param.h>
 #include <netinet/in.h>
 #include <arpa/inet.h>
 #include <ctype.h>
diff --git a/openbsd-compat/inet_ntop.c b/openbsd-compat/inet_ntop.c
index 3259037baadd..c037f0805a6f 100644
--- a/openbsd-compat/inet_ntop.c
+++ b/openbsd-compat/inet_ntop.c
@@ -22,7 +22,6 @@
 
 #ifndef HAVE_INET_NTOP
 
-#include <sys/param.h>
 #include <sys/types.h>
 #include <sys/socket.h>
 #include <netinet/in.h>
diff --git a/openbsd-compat/openbsd-compat.h b/openbsd-compat/openbsd-compat.h
index a7209ceb26a9..c202e1429245 100644
--- a/openbsd-compat/openbsd-compat.h
+++ b/openbsd-compat/openbsd-compat.h
@@ -315,8 +315,8 @@ int timingsafe_bcmp(const void *, const void *, size_t);
 #endif
 
 #ifndef HAVE_BCRYPT_PBKDF
-int	bcrypt_pbkdf(const char *, size_t, const u_int8_t *, size_t,
-    u_int8_t *, size_t, unsigned int);
+int	bcrypt_pbkdf(const char *, size_t, const uint8_t *, size_t,
+    uint8_t *, size_t, unsigned int);
 #endif
 
 #ifndef HAVE_EXPLICIT_BZERO
diff --git a/openbsd-compat/port-solaris.c b/openbsd-compat/port-solaris.c
index b84fbff5e7f5..10c2d6b7fa5a 100644
--- a/openbsd-compat/port-solaris.c
+++ b/openbsd-compat/port-solaris.c
@@ -19,7 +19,6 @@
 
 #include <sys/types.h>
 #include <sys/stat.h>
-#include <sys/param.h>
 
 #include <errno.h>
 #ifdef HAVE_FCNTL_H
diff --git a/openbsd-compat/xcrypt.c b/openbsd-compat/xcrypt.c
index 360b187af9fb..9cded66845cc 100644
--- a/openbsd-compat/xcrypt.c
+++ b/openbsd-compat/xcrypt.c
@@ -54,15 +54,13 @@
 #  include <pwdadj.h>
 # endif
 
-# if defined(HAVE_MD5_PASSWORDS) && !defined(HAVE_MD5_CRYPT)
-#  include "md5crypt.h"
-# endif
-
 # if defined(WITH_OPENSSL) && !defined(HAVE_CRYPT) && defined(HAVE_DES_CRYPT)
 #  include <openssl/des.h>
 #  define crypt DES_crypt
 # endif
 
+#define MINIMUM(a, b)	(((a) < (b)) ? (a) : (b))
+
 /*
  * Pick an appropriate password encryption type and salt for the running
  * system by searching through accounts until we find one that has a valid
@@ -86,7 +84,7 @@ pick_salt(void)
 			continue;
 		if (passwd[0] == '$' && (p = strrchr(passwd+1, '$')) != NULL) {
 			typelen = p - passwd + 1;
-			strlcpy(salt, passwd, MIN(typelen, sizeof(salt)));
+			strlcpy(salt, passwd, MINIMUM(typelen, sizeof(salt)));
 			explicit_bzero(passwd, strlen(passwd));
 			goto out;
 		}
@@ -108,12 +106,7 @@ xcrypt(const char *password, const char *salt)
 	if (salt == NULL)
 		salt = pick_salt();
 
-# ifdef HAVE_MD5_PASSWORDS
-	if (is_md5_salt(salt))
-		crypted = md5_crypt(password, salt);
-	else
-		crypted = crypt(password, salt);
-# elif defined(__hpux) && !defined(HAVE_SECUREWARE)
+#if defined(__hpux) && !defined(HAVE_SECUREWARE)
 	if (iscomsec())
 		crypted = bigcrypt(password, salt);
 	else
@@ -122,7 +115,7 @@ xcrypt(const char *password, const char *salt)
 	crypted = bigcrypt(password, salt);
 # else
 	crypted = crypt(password, salt);
-# endif
+#endif
 
 	return crypted;
 }
diff --git a/packet.c b/packet.c
index 9908994182f4..bde6c1045e8a 100644
--- a/packet.c
+++ b/packet.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: packet.c,v 1.301 2021/07/16 09:00:23 djm Exp $ */
+/* $OpenBSD: packet.c,v 1.307 2022/01/22 00:49:34 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -794,7 +794,7 @@ uncompress_buffer(struct ssh *ssh, struct sshbuf *in, struct sshbuf *out)
 		ssh->state->compression_in_stream.avail_out = sizeof(buf);
 
 		status = inflate(&ssh->state->compression_in_stream,
-		    Z_PARTIAL_FLUSH);
+		    Z_SYNC_FLUSH);
 		switch (status) {
 		case Z_OK:
 			if ((r = sshbuf_put(out, buf, sizeof(buf) -
@@ -871,7 +871,7 @@ ssh_set_newkeys(struct ssh *ssh, int mode)
 	int r, crypt_type;
 	const char *dir = mode == MODE_OUT ? "out" : "in";
 
-	debug2("set_newkeys: mode %d", mode);
+	debug2_f("mode %d", mode);
 
 	if (mode == MODE_OUT) {
 		ccp = &state->send_context;
@@ -908,7 +908,7 @@ ssh_set_newkeys(struct ssh *ssh, int mode)
 			return r;
 	}
 	mac->enabled = 1;
-	DBG(debug_f("cipher_init_context: %s", dir));
+	DBG(debug_f("cipher_init: %s", dir));
 	cipher_free(*ccp);
 	*ccp = NULL;
 	if ((r = cipher_init(ccp, enc->cipher, enc->key, enc->key_len,
@@ -1325,17 +1325,13 @@ ssh_packet_read_seqnr(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p)
 {
 	struct session_state *state = ssh->state;
 	int len, r, ms_remain;
-	fd_set *setp;
+	struct pollfd pfd;
 	char buf[8192];
-	struct timeval timeout, start, *timeoutp = NULL;
+	struct timeval start;
+	struct timespec timespec, *timespecp = NULL;
 
 	DBG(debug("packet_read()"));
 
-	setp = calloc(howmany(state->connection_in + 1,
-	    NFDBITS), sizeof(fd_mask));
-	if (setp == NULL)
-		return SSH_ERR_ALLOC_FAIL;
-
 	/*
 	 * Since we are blocking, ensure that all written packets have
 	 * been sent.
@@ -1356,22 +1352,20 @@ ssh_packet_read_seqnr(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p)
 		 * Otherwise, wait for some data to arrive, add it to the
 		 * buffer, and try again.
 		 */
-		memset(setp, 0, howmany(state->connection_in + 1,
-		    NFDBITS) * sizeof(fd_mask));
-		FD_SET(state->connection_in, setp);
+		pfd.fd = state->connection_in;
+		pfd.events = POLLIN;
 
 		if (state->packet_timeout_ms > 0) {
 			ms_remain = state->packet_timeout_ms;
-			timeoutp = &timeout;
+			timespecp = &timespec;
 		}
 		/* Wait for some data to arrive. */
 		for (;;) {
 			if (state->packet_timeout_ms > 0) {
-				ms_to_timeval(&timeout, ms_remain);
+				ms_to_timespec(&timespec, ms_remain);
 				monotime_tv(&start);
 			}
-			if ((r = select(state->connection_in + 1, setp,
-			    NULL, NULL, timeoutp)) >= 0)
+			if ((r = ppoll(&pfd, 1, timespecp, NULL)) >= 0)
 				break;
 			if (errno != EAGAIN && errno != EINTR &&
 			    errno != EWOULDBLOCK) {
@@ -1406,7 +1400,6 @@ ssh_packet_read_seqnr(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p)
 			goto out;
 	}
  out:
-	free(setp);
 	return r;
 }
 
@@ -1767,10 +1760,9 @@ ssh_packet_read_poll_seqnr(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p)
 }
 
 /*
- * Buffers the given amount of input characters.  This is intended to be used
- * together with packet_read_poll.
+ * Buffers the supplied input data. This is intended to be used together
+ * with packet_read_poll().
  */
-
 int
 ssh_packet_process_incoming(struct ssh *ssh, const char *buf, u_int len)
 {
@@ -1786,9 +1778,34 @@ ssh_packet_process_incoming(struct ssh *ssh, const char *buf, u_int len)
 		state->packet_discard -= len;
 		return 0;
 	}
-	if ((r = sshbuf_put(ssh->state->input, buf, len)) != 0)
+	if ((r = sshbuf_put(state->input, buf, len)) != 0)
+		return r;
+
+	return 0;
+}
+
+/* Reads and buffers data from the specified fd */
+int
+ssh_packet_process_read(struct ssh *ssh, int fd)
+{
+	struct session_state *state = ssh->state;
+	int r;
+	size_t rlen;
+
+	if ((r = sshbuf_read(fd, state->input, PACKET_MAX_SIZE, &rlen)) != 0)
 		return r;
 
+	if (state->packet_discard) {
+		if ((r = sshbuf_consume_end(state->input, rlen)) != 0)
+			return r;
+		state->keep_alive_timeouts = 0; /* ?? */
+		if (rlen >= state->packet_discard) {
+			if ((r = ssh_packet_stop_discard(ssh)) != 0)
+				return r;
+		}
+		state->packet_discard -= rlen;
+		return 0;
+	}
 	return 0;
 }
 
@@ -1986,35 +2003,28 @@ ssh_packet_write_poll(struct ssh *ssh)
 int
 ssh_packet_write_wait(struct ssh *ssh)
 {
-	fd_set *setp;
 	int ret, r, ms_remain = 0;
-	struct timeval start, timeout, *timeoutp = NULL;
+	struct timeval start;
+	struct timespec timespec, *timespecp = NULL;
 	struct session_state *state = ssh->state;
+	struct pollfd pfd;
 
-	setp = calloc(howmany(state->connection_out + 1,
-	    NFDBITS), sizeof(fd_mask));
-	if (setp == NULL)
-		return SSH_ERR_ALLOC_FAIL;
-	if ((r = ssh_packet_write_poll(ssh)) != 0) {
-		free(setp);
+	if ((r = ssh_packet_write_poll(ssh)) != 0)
 		return r;
-	}
 	while (ssh_packet_have_data_to_write(ssh)) {
-		memset(setp, 0, howmany(state->connection_out + 1,
-		    NFDBITS) * sizeof(fd_mask));
-		FD_SET(state->connection_out, setp);
+		pfd.fd = state->connection_out;
+		pfd.events = POLLOUT;
 
 		if (state->packet_timeout_ms > 0) {
 			ms_remain = state->packet_timeout_ms;
-			timeoutp = &timeout;
+			timespecp = &timespec;
 		}
 		for (;;) {
 			if (state->packet_timeout_ms > 0) {
-				ms_to_timeval(&timeout, ms_remain);
+				ms_to_timespec(&timespec, ms_remain);
 				monotime_tv(&start);
 			}
-			if ((ret = select(state->connection_out + 1,
-			    NULL, setp, NULL, timeoutp)) >= 0)
+			if ((ret = ppoll(&pfd, 1, timespecp, NULL)) >= 0)
 				break;
 			if (errno != EAGAIN && errno != EINTR &&
 			    errno != EWOULDBLOCK)
@@ -2027,16 +2037,11 @@ ssh_packet_write_wait(struct ssh *ssh)
 				break;
 			}
 		}
-		if (ret == 0) {
-			free(setp);
+		if (ret == 0)
 			return SSH_ERR_CONN_TIMEOUT;
-		}
-		if ((r = ssh_packet_write_poll(ssh)) != 0) {
-			free(setp);
+		if ((r = ssh_packet_write_poll(ssh)) != 0)
 			return r;
-		}
 	}
-	free(setp);
 	return 0;
 }
 
@@ -2102,16 +2107,16 @@ ssh_packet_set_maxsize(struct ssh *ssh, u_int s)
 	struct session_state *state = ssh->state;
 
 	if (state->set_maxsize_called) {
-		logit("packet_set_maxsize: called twice: old %d new %d",
+		logit_f("called twice: old %d new %d",
 		    state->max_packet_size, s);
 		return -1;
 	}
 	if (s < 4 * 1024 || s > 1024 * 1024) {
-		logit("packet_set_maxsize: bad size %d", s);
+		logit_f("bad size %d", s);
 		return -1;
 	}
 	state->set_maxsize_called = 1;
-	debug("packet_set_maxsize: setting to %d", s);
+	debug_f("setting to %d", s);
 	state->max_packet_size = s;
 	return s;
 }
diff --git a/packet.h b/packet.h
index 2ad0e70cfd79..176488b1e5d2 100644
--- a/packet.h
+++ b/packet.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: packet.h,v 1.93 2021/07/16 09:00:23 djm Exp $ */
+/* $OpenBSD: packet.h,v 1.94 2022/01/22 00:49:34 djm Exp $ */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -128,6 +128,7 @@ int	 ssh_packet_read_expect(struct ssh *, u_int type);
 int      ssh_packet_read_poll(struct ssh *);
 int ssh_packet_read_poll2(struct ssh *, u_char *, u_int32_t *seqnr_p);
 int	 ssh_packet_process_incoming(struct ssh *, const char *buf, u_int len);
+int	 ssh_packet_process_read(struct ssh *, int);
 int      ssh_packet_read_seqnr(struct ssh *, u_char *, u_int32_t *seqnr_p);
 int      ssh_packet_read_poll_seqnr(struct ssh *, u_char *, u_int32_t *seqnr_p);
 
diff --git a/platform-tracing.c b/platform-tracing.c
index 0daf2a86f333..c2810f2d0b36 100644
--- a/platform-tracing.c
+++ b/platform-tracing.c
@@ -30,6 +30,8 @@
 #include <priv.h> /* For setpflags() and __PROC_PROTECT  */
 #endif
 #include <stdarg.h>
+#include <stdio.h>
+#include <string.h>
 
 #include "log.h"
 
@@ -41,21 +43,24 @@ platform_disable_tracing(int strict)
 	int disable_trace = PROC_TRACE_CTL_DISABLE;
 
 	if (procctl(P_PID, 0, PROC_TRACE_CTL, &disable_trace) && strict)
-		fatal("unable to make the process untraceable");
+		fatal("unable to make the process untraceable: %s",
+		    strerror(errno));
 #endif
 #if defined(HAVE_PRCTL) && defined(PR_SET_DUMPABLE)
 	/* Disable ptrace on Linux without sgid bit */
 	if (prctl(PR_SET_DUMPABLE, 0) != 0 && strict)
-		fatal("unable to make the process undumpable");
+		fatal("unable to make the process undumpable: %s",
+		    strerror(errno));
 #endif
 #if defined(HAVE_SETPFLAGS) && defined(__PROC_PROTECT)
 	/* On Solaris, we should make this process untraceable */
 	if (setpflags(__PROC_PROTECT, 1) != 0 && strict)
-		fatal("unable to make the process untraceable");
+		fatal("unable to make the process untraceable: %s",
+		    strerror(errno));
 #endif
 #ifdef PT_DENY_ATTACH
 	/* Mac OS X */
 	if (ptrace(PT_DENY_ATTACH, 0, 0, 0) == -1 && strict)
-		fatal("unable to set PT_DENY_ATTACH");
+		fatal("unable to set PT_DENY_ATTACH: %s", strerror(errno));
 #endif
 }
diff --git a/readconf.c b/readconf.c
index bcca6ed47c4c..f26fabaa6af4 100644
--- a/readconf.c
+++ b/readconf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: readconf.c,v 1.363 2021/09/16 05:36:03 djm Exp $ */
+/* $OpenBSD: readconf.c,v 1.366 2022/02/08 08:59:12 dtucker Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -890,6 +890,15 @@ static const struct multistate multistate_canonicalizehostname[] = {
 	{ "always",			SSH_CANONICALISE_ALWAYS },
 	{ NULL, -1 }
 };
+static const struct multistate multistate_pubkey_auth[] = {
+	{ "true",			SSH_PUBKEY_AUTH_ALL },
+	{ "false",			SSH_PUBKEY_AUTH_NO },
+	{ "yes",			SSH_PUBKEY_AUTH_ALL },
+	{ "no",				SSH_PUBKEY_AUTH_NO },
+	{ "unbound",			SSH_PUBKEY_AUTH_UNBOUND },
+	{ "host-bound",			SSH_PUBKEY_AUTH_HBOUND },
+	{ NULL, -1 }
+};
 static const struct multistate multistate_compression[] = {
 #ifdef WITH_ZLIB
 	{ "yes",			COMP_ZLIB },
@@ -934,7 +943,7 @@ process_config_line_depth(Options *options, struct passwd *pw, const char *host,
     const char *original_host, char *line, const char *filename,
     int linenum, int *activep, int flags, int *want_final_pass, int depth)
 {
-	char *str, **charptr, *endofnumber, *keyword, *arg, *arg2, *p, ch;
+	char *str, **charptr, *endofnumber, *keyword, *arg, *arg2, *p;
 	char **cpptr, ***cppptr, fwdarg[256];
 	u_int i, *uintptr, uvalue, max_entries = 0;
 	int r, oactive, negated, opcode, *intptr, value, value2, cmdline = 0;
@@ -1102,8 +1111,9 @@ parse_time:
 		goto parse_string;
 
 	case oPubkeyAuthentication:
+		multistate_ptr = multistate_pubkey_auth;
 		intptr = &options->pubkey_authentication;
-		goto parse_flag;
+		goto parse_multistate;
 
 	case oHostbasedAuthentication:
 		intptr = &options->hostbased_authentication;
@@ -1574,9 +1584,8 @@ parse_pubkey_algos:
 		}
 		while ((arg = argv_next(&ac, &av)) != NULL) {
 			arg2 = xstrdup(arg);
-			ch = '\0';
-			p = hpdelim2(&arg, &ch);
-			if (p == NULL || ch == '/') {
+			p = hpdelim(&arg);
+			if (p == NULL) {
 				fatal("%s line %d: missing host in %s",
 				    filename, linenum,
 				    lookup_opcode_name(opcode));
@@ -2487,7 +2496,7 @@ fill_default_options(Options * options)
 	if (options->fwd_opts.streamlocal_bind_unlink == -1)
 		options->fwd_opts.streamlocal_bind_unlink = 0;
 	if (options->pubkey_authentication == -1)
-		options->pubkey_authentication = 1;
+		options->pubkey_authentication = SSH_PUBKEY_AUTH_ALL;
 	if (options->gss_authentication == -1)
 		options->gss_authentication = 0;
 	if (options->gss_deleg_creds == -1)
@@ -2523,7 +2532,6 @@ fill_default_options(Options * options)
 	}
 	if (options->num_identity_files == 0) {
 		add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_RSA, 0);
-		add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_DSA, 0);
 #ifdef OPENSSL_HAS_ECC
 		add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_ECDSA, 0);
 		add_identity_file(options, "~/",
@@ -2534,6 +2542,7 @@ fill_default_options(Options * options)
 		add_identity_file(options, "~/",
 		    _PATH_SSH_CLIENT_ID_ED25519_SK, 0);
 		add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_XMSS, 0);
+		add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_DSA, 0);
 	}
 	if (options->escape_char == -1)
 		options->escape_char = '~';
@@ -3137,6 +3146,8 @@ fmt_intarg(OpCodes code, int val)
 		return fmt_multistate_int(val, multistate_canonicalizehostname);
 	case oAddKeysToAgent:
 		return fmt_multistate_int(val, multistate_yesnoaskconfirm);
+	case oPubkeyAuthentication:
+		return fmt_multistate_int(val, multistate_pubkey_auth);
 	case oFingerprintHash:
 		return ssh_digest_alg_name(val);
 	default:
diff --git a/readconf.h b/readconf.h
index f24719f982df..ded13c943d3f 100644
--- a/readconf.h
+++ b/readconf.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: readconf.h,v 1.145 2021/09/15 06:56:01 djm Exp $ */
+/* $OpenBSD: readconf.h,v 1.146 2021/12/19 22:14:47 djm Exp $ */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -179,6 +179,11 @@ typedef struct {
 	char	*ignored_unknown; /* Pattern list of unknown tokens to ignore */
 }       Options;
 
+#define SSH_PUBKEY_AUTH_NO	0x00
+#define SSH_PUBKEY_AUTH_UNBOUND	0x01
+#define SSH_PUBKEY_AUTH_HBOUND	0x02
+#define SSH_PUBKEY_AUTH_ALL	0x03
+
 #define SSH_CANONICALISE_NO	0
 #define SSH_CANONICALISE_YES	1
 #define SSH_CANONICALISE_ALWAYS	2
diff --git a/regress/Makefile b/regress/Makefile
index 0b5ad45d753a..0554c1ac9bc7 100644
--- a/regress/Makefile
+++ b/regress/Makefile
@@ -1,4 +1,4 @@
-#	$OpenBSD: Makefile,v 1.117 2021/09/03 04:11:13 dtucker Exp $
+#	$OpenBSD: Makefile,v 1.120 2022/01/06 21:46:56 dtucker Exp $
 
 tests:		prep file-tests t-exec unit
 
@@ -98,8 +98,10 @@ LTESTS= 	connect \
 		allow-deny-users \
 		authinfo \
 		sshsig \
-		knownhosts-command
-
+		knownhosts \
+		knownhosts-command \
+		agent-restrict \
+		hostbased
 
 INTEROP_TESTS=	putty-transfer putty-ciphers putty-kex conch-ciphers
 #INTEROP_TESTS+=ssh-com ssh-com-client ssh-com-keygen ssh-com-sftp
@@ -188,13 +190,13 @@ t8: $(OBJ)/t8.out
 	${TEST_SSH_SSHKEYGEN} -Bf $(OBJ)/t8.out > /dev/null
 
 $(OBJ)/t9.out:
-	test "${TEST_SSH_ECC}" != yes || \
+	! ${TEST_SSH_SSH} -Q key-plain | grep ecdsa >/dev/null || \
 	${TEST_SSH_SSHKEYGEN} -q -t ecdsa -N '' -f $@
 
 t9: $(OBJ)/t9.out
-	test "${TEST_SSH_ECC}" != yes || \
+	! ${TEST_SSH_SSH} -Q key-plain | grep ecdsa >/dev/null || \
 	${TEST_SSH_SSHKEYGEN} -lf $(OBJ)/t9.out > /dev/null
-	test "${TEST_SSH_ECC}" != yes || \
+	! ${TEST_SSH_SSH} -Q key-plain | grep ecdsa >/dev/null || \
 	${TEST_SSH_SSHKEYGEN} -Bf $(OBJ)/t9.out > /dev/null
 
 
diff --git a/regress/agent-getpeereid.sh b/regress/agent-getpeereid.sh
index 2874100fa0f1..b84471a78558 100644
--- a/regress/agent-getpeereid.sh
+++ b/regress/agent-getpeereid.sh
@@ -12,6 +12,9 @@ if config_defined HAVE_GETPEEREID HAVE_GETPEERUCRED HAVE_SO_PEERCRED ; then
 else
 	skip "skipped (not supported on this platform)"
 fi
+if test "x$USER" = "xroot"; then
+	skip "skipped (running as root)"
+fi
 case "x$SUDO" in
 	xsudo) sudo=1;;
 	xdoas|xdoas\ *) ;;
diff --git a/regress/agent-restrict.sh b/regress/agent-restrict.sh
new file mode 100644
index 000000000000..a30aed7bf3d5
--- /dev/null
+++ b/regress/agent-restrict.sh
@@ -0,0 +1,495 @@
+#	$OpenBSD: agent-restrict.sh,v 1.5 2022/01/13 04:53:16 dtucker Exp $
+#	Placed in the Public Domain.
+
+tid="agent restrictions"
+
+SSH_AUTH_SOCK="$OBJ/agent.sock"
+export SSH_AUTH_SOCK
+rm -f $SSH_AUTH_SOCK $OBJ/agent.log $OBJ/host_[abcdex]* $OBJ/user_[abcdex]*
+rm -f $OBJ/sshd_proxy_host* $OBJ/ssh_output* $OBJ/expect_*
+rm -f $OBJ/ssh_proxy[._]* $OBJ/command
+
+verbose "generate keys"
+for h in a b c d e x ca ; do
+	$SSHKEYGEN -q -t ed25519 -C host_$h -N '' -f $OBJ/host_$h || \
+		fatal "ssh-keygen hostkey failed"
+	$SSHKEYGEN -q -t ed25519 -C user_$h -N '' -f $OBJ/user_$h || \
+		fatal "ssh-keygen userkey failed"
+done
+
+# Make some hostcerts
+for h in d e ; do
+	id="host_$h"
+	$SSHKEYGEN -q -s $OBJ/host_ca -I $id -n $id -h $OBJ/host_${h}.pub || \
+		fatal "ssh-keygen certify failed"
+done
+
+verbose "prepare client config"
+egrep -vi '(identityfile|hostname|hostkeyalias|proxycommand)' \
+	$OBJ/ssh_proxy > $OBJ/ssh_proxy.bak
+cat << _EOF > $OBJ/ssh_proxy
+IdentitiesOnly yes
+ForwardAgent yes
+ExitOnForwardFailure yes
+_EOF
+cp $OBJ/ssh_proxy $OBJ/ssh_proxy_noid
+for h in a b c d e ; do
+	cat << _EOF >> $OBJ/ssh_proxy
+Host host_$h
+	Hostname host_$h
+	HostkeyAlias host_$h
+	IdentityFile $OBJ/user_$h
+	ProxyCommand ${SUDO} env SSH_SK_HELPER=\"$SSH_SK_HELPER\" sh ${SRC}/sshd-log-wrapper.sh ${TEST_SSHD_LOGFILE} ${SSHD} -i -f $OBJ/sshd_proxy_host_$h
+_EOF
+	# Variant with no specified keys.
+	cat << _EOF >> $OBJ/ssh_proxy_noid
+Host host_$h
+	Hostname host_$h
+	HostkeyAlias host_$h
+	ProxyCommand ${SUDO} env SSH_SK_HELPER=\"$SSH_SK_HELPER\" sh ${SRC}/sshd-log-wrapper.sh ${TEST_SSHD_LOGFILE} ${SSHD} -i -f $OBJ/sshd_proxy_host_$h
+_EOF
+done
+cat $OBJ/ssh_proxy.bak >> $OBJ/ssh_proxy
+cat $OBJ/ssh_proxy.bak >> $OBJ/ssh_proxy_noid
+
+LC_ALL=C
+export LC_ALL
+echo "SetEnv LC_ALL=${LC_ALL}" >> sshd_proxy
+
+verbose "prepare known_hosts"
+rm -f $OBJ/known_hosts
+for h in a b c x ; do
+	(printf "host_$h " ; cat $OBJ/host_${h}.pub) >> $OBJ/known_hosts
+done
+(printf "@cert-authority host_* " ; cat $OBJ/host_ca.pub) >> $OBJ/known_hosts
+
+verbose "prepare server configs"
+egrep -vi '(hostkey|pidfile)' $OBJ/sshd_proxy \
+	> $OBJ/sshd_proxy.bak
+for h in a b c d e; do
+	cp $OBJ/sshd_proxy.bak $OBJ/sshd_proxy_host_$h
+	cat << _EOF >> $OBJ/sshd_proxy_host_$h
+ExposeAuthInfo yes
+PidFile none
+Hostkey $OBJ/host_$h
+_EOF
+done
+for h in d e ; do
+	echo "HostCertificate $OBJ/host_${h}-cert.pub" \
+		>> $OBJ/sshd_proxy_host_$h
+done
+# Create authorized_keys with canned command.
+reset_keys() {
+	_whichcmd="$1"
+	_command=""
+	case "$_whichcmd" in
+	authinfo)	_command="cat \$SSH_USER_AUTH" ;;
+	keylist)		_command="$SSHADD -L | cut -d' ' -f-2 | sort" ;;
+	*)		fatal "unsupported command $_whichcmd" ;;
+	esac
+	trace "reset keys"
+	>$OBJ/authorized_keys_$USER
+	for h in e d c b a; do
+		(printf "%s" "restrict,agent-forwarding,command=\"$_command\" ";
+		 cat $OBJ/user_$h.pub) >> $OBJ/authorized_keys_$USER
+	done
+}
+# Prepare a key for comparison with ExposeAuthInfo/$SSH_USER_AUTH.
+expect_key() {
+	_key="$OBJ/${1}.pub"
+	_file="$OBJ/$2"
+	(printf "publickey " ; cut -d' ' -f-2 $_key) > $_file
+}
+# Prepare expect_* files to compare against authinfo forced command to ensure
+# keys used for authentication match.
+reset_expect_keys() {
+	for u in a b c d e; do
+		expect_key user_$u expect_$u
+	done
+}
+# ssh to host, expecting success and that output matched expectation for
+# that host (expect_$h file).
+expect_succeed() {
+	_id="$1"
+	_case="$2"
+	shift; shift; _extra="$@"
+	_host="host_$_id"
+	trace "connect $_host expect success"
+	rm -f $OBJ/ssh_output
+	${SSH} $_extra -F $OBJ/ssh_proxy $_host true > $OBJ/ssh_output
+	_s=$?
+	test $_s -eq 0 || fail "host $_host $_case fail, exit status $_s"
+	diff $OBJ/ssh_output $OBJ/expect_${_id} ||
+		fail "unexpected ssh output"
+}
+# ssh to host using explicit key, expecting success and that the key was
+# actually used for authentication.
+expect_succeed_key() {
+	_id="$1"
+	_key="$2"
+	_case="$3"
+	shift; shift; shift; _extra="$@"
+	_host="host_$_id"
+	trace "connect $_host expect success, with key $_key"
+	_keyfile="$OBJ/$_key"
+	rm -f $OBJ/ssh_output
+	${SSH} $_extra -F $OBJ/ssh_proxy_noid \
+	    -oIdentityFile=$_keyfile $_host true > $OBJ/ssh_output
+	_s=$?
+	test $_s -eq 0 || fail "host $_host $_key $_case fail, exit status $_s"
+	expect_key $_key expect_key
+	diff $OBJ/ssh_output $OBJ/expect_key ||
+		fail "incorrect key used for authentication"
+}
+# ssh to a host, expecting it to fail.
+expect_fail() {
+	_host="$1"
+	_case="$2"
+	shift; shift; _extra="$@"
+	trace "connect $_host expect failure"
+	${SSH} $_extra -F $OBJ/ssh_proxy $_host true >/dev/null && \
+		fail "host $_host $_case succeeded unexpectedly"
+}
+# ssh to a host using an explicit key, expecting it to fail.
+expect_fail_key() {
+	_id="$1"
+	_key="$2"
+	_case="$3"
+	shift; shift; shift; _extra="$@"
+	_host="host_$_id"
+	trace "connect $_host expect failure, with key $_key"
+	_keyfile="$OBJ/$_key"
+	${SSH} $_extra -F $OBJ/ssh_proxy_noid -oIdentityFile=$_keyfile \
+	    $_host true > $OBJ/ssh_output && \
+		fail "host $_host $_key $_case succeeded unexpectedly"
+}
+# Move the private key files out of the way to force use of agent-hosted keys.
+hide_privatekeys() {
+	trace "hide private keys"
+	for u in a b c d e x; do
+		mv $OBJ/user_$u $OBJ/user_x$u || fatal "hide privkey $u"
+	done
+}
+# Put the private key files back.
+restore_privatekeys() {
+	trace "restore private keys"
+	for u in a b c d e x; do
+		mv $OBJ/user_x$u $OBJ/user_$u || fatal "restore privkey $u"
+	done
+}
+clear_agent() {
+	${SSHADD} -D > /dev/null 2>&1 || fatal "clear agent failed"
+}
+
+reset_keys authinfo
+reset_expect_keys
+
+verbose "authentication w/o agent"
+for h in a b c d e ; do
+	expect_succeed $h "w/o agent"
+	wrongkey=user_e
+	test "$h" = "e" && wrongkey=user_a
+	expect_succeed_key $h $wrongkey "\"wrong\" key w/o agent"
+done
+hide_privatekeys
+for h in a b c d e ; do
+	expect_fail $h "w/o agent"
+done
+restore_privatekeys
+
+verbose "start agent"
+${SSHAGENT} ${EXTRA_AGENT_ARGS} -d -a $SSH_AUTH_SOCK > $OBJ/agent.log 2>&1 &
+AGENT_PID=$!
+trap "kill $AGENT_PID" EXIT
+sleep 4 # Give it a chance to start
+# Check that it's running.
+${SSHADD} -l > /dev/null 2>&1
+if [ $? -ne 1 ]; then
+	fail "ssh-add -l did not fail with exit code 1"
+fi
+
+verbose "authentication with agent (no restrict)"
+for u in a b c d e x; do
+	$SSHADD -q $OBJ/user_$u || fatal "add key $u unrestricted"
+done
+hide_privatekeys
+for h in a b c d e ; do
+	expect_succeed $h "with agent"
+	wrongkey=user_e
+	test "$h" = "e" && wrongkey=user_a
+	expect_succeed_key $h $wrongkey "\"wrong\" key with agent"
+done
+
+verbose "unrestricted keylist"
+reset_keys keylist
+rm -f $OBJ/expect_list.pre
+# List of keys from agent should contain everything.
+for u in a b c d e x; do
+	cut -d " " -f-2 $OBJ/user_${u}.pub >> $OBJ/expect_list.pre
+done
+sort $OBJ/expect_list.pre > $OBJ/expect_list
+for h in a b c d e; do
+	cp $OBJ/expect_list $OBJ/expect_$h
+	expect_succeed $h "unrestricted keylist"
+done
+restore_privatekeys
+
+verbose "authentication with agent (basic restrict)"
+reset_keys authinfo
+reset_expect_keys
+for h in a b c d e; do
+	$SSHADD -h host_$h -H $OBJ/known_hosts -q $OBJ/user_$h \
+		|| fatal "add key $u basic restrict"
+done
+# One more, unrestricted
+$SSHADD -q $OBJ/user_x || fatal "add unrestricted key"
+hide_privatekeys
+# Authentication to host with expected key should work.
+for h in a b c d e ; do
+	expect_succeed $h "with agent"
+done
+# Authentication to host with incorrect key should fail.
+verbose "authentication with agent incorrect key (basic restrict)"
+for h in a b c d e ; do
+	wrongkey=user_e
+	test "$h" = "e" && wrongkey=user_a
+	expect_fail_key $h $wrongkey "wrong key with agent (basic restrict)"
+done
+
+verbose "keylist (basic restrict)"
+reset_keys keylist
+# List from forwarded agent should contain only user_x - the unrestricted key.
+cut -d " " -f-2 $OBJ/user_x.pub > $OBJ/expect_list
+for h in a b c d e; do
+	cp $OBJ/expect_list $OBJ/expect_$h
+	expect_succeed $h "keylist (basic restrict)"
+done
+restore_privatekeys
+
+verbose "username"
+reset_keys authinfo
+reset_expect_keys
+for h in a b c d e; do
+	$SSHADD -h "${USER}@host_$h" -H $OBJ/known_hosts -q $OBJ/user_$h \
+		|| fatal "add key $u basic restrict"
+done
+hide_privatekeys
+for h in a b c d e ; do
+	expect_succeed $h "wildcard user"
+done
+restore_privatekeys
+
+verbose "username wildcard"
+reset_keys authinfo
+reset_expect_keys
+for h in a b c d e; do
+	$SSHADD -h "*@host_$h" -H $OBJ/known_hosts -q $OBJ/user_$h \
+		|| fatal "add key $u basic restrict"
+done
+hide_privatekeys
+for h in a b c d e ; do
+	expect_succeed $h "wildcard user"
+done
+restore_privatekeys
+
+verbose "username incorrect"
+reset_keys authinfo
+reset_expect_keys
+for h in a b c d e; do
+	$SSHADD -h "--BADUSER@host_$h" -H $OBJ/known_hosts -q $OBJ/user_$h \
+		|| fatal "add key $u basic restrict"
+done
+hide_privatekeys
+for h in a b c d e ; do
+	expect_fail $h "incorrect user"
+done
+restore_privatekeys
+
+
+verbose "agent restriction honours certificate principal"
+reset_keys authinfo
+reset_expect_keys
+clear_agent
+$SSHADD -h host_e -H $OBJ/known_hosts -q $OBJ/user_d || fatal "add key"
+hide_privatekeys
+expect_fail d "restricted agent w/ incorrect cert principal"
+restore_privatekeys
+
+# Prepares the script used to drive chained ssh connections for the
+# multihop tests. Believe me, this is easier than getting the escaping
+# right for 5 hops on the command-line...
+prepare_multihop_script() {
+	MULTIHOP_RUN=$OBJ/command
+	cat << _EOF > $MULTIHOP_RUN
+#!/bin/sh
+#set -x
+me="\$1" ; shift
+next="\$1"
+if test ! -z "\$me" ; then 
+	rm -f $OBJ/done
+	echo "HOSTNAME host_\$me"
+	echo "AUTHINFO"
+	cat \$SSH_USER_AUTH
+fi
+echo AGENT
+$SSHADD -L | egrep "^ssh" | cut -d" " -f-2 | sort
+if test -z "\$next" ; then 
+	touch $OBJ/done
+	echo "FINISH"
+	e=0
+else
+	echo NEXT
+	${SSH} -F $OBJ/ssh_proxy_noid -oIdentityFile=$OBJ/user_a \
+		host_\$next $MULTIHOP_RUN "\$@"
+	e=\$?
+fi
+echo "COMPLETE \"\$me\""
+if test ! -z "\$me" ; then 
+	if test ! -f $OBJ/done ; then
+		echo "DONE MARKER MISSING"
+		test \$e -eq 0 && e=63
+	fi
+fi
+exit \$e
+_EOF
+	chmod u+x $MULTIHOP_RUN
+}
+
+# Prepare expected output for multihop tests at expect_a
+prepare_multihop_expected() {
+	_keys="$1"
+	_hops="a b c d e"
+	test -z "$2" || _hops="$2"
+	_revhops=$(echo "$_hops" | rev)
+	_lasthop=$(echo "$_hops" | sed 's/.* //')
+
+	rm -f $OBJ/expect_keys
+	for h in a b c d e; do
+		cut -d" " -f-2 $OBJ/user_${h}.pub >> $OBJ/expect_keys
+	done
+	rm -f $OBJ/expect_a
+	echo "AGENT" >> $OBJ/expect_a
+	test "x$_keys" = "xnone" || sort $OBJ/expect_keys >> $OBJ/expect_a
+	echo "NEXT" >> $OBJ/expect_a
+	for h in $_hops ; do 
+		echo "HOSTNAME host_$h" >> $OBJ/expect_a
+		echo "AUTHINFO" >> $OBJ/expect_a
+		(printf "publickey " ; cut -d" " -f-2 $OBJ/user_a.pub) >> $OBJ/expect_a
+		echo "AGENT" >> $OBJ/expect_a
+		if test "x$_keys" = "xall" ; then
+			sort $OBJ/expect_keys >> $OBJ/expect_a
+		fi
+		if test "x$h" != "x$_lasthop" ; then
+			if test "x$_keys" = "xfiltered" ; then
+				cut -d" " -f-2 $OBJ/user_a.pub >> $OBJ/expect_a
+			fi
+			echo "NEXT" >> $OBJ/expect_a
+		fi
+	done
+	echo "FINISH" >> $OBJ/expect_a
+	for h in $_revhops "" ; do 
+		echo "COMPLETE \"$h\"" >> $OBJ/expect_a
+	done
+}
+
+prepare_multihop_script
+cp $OBJ/user_a.pub $OBJ/authorized_keys_$USER # only one key used.
+
+verbose "multihop without agent"
+clear_agent
+prepare_multihop_expected none
+$MULTIHOP_RUN "" a b c d e > $OBJ/ssh_output || fail "multihop no agent ssh failed"
+diff $OBJ/ssh_output $OBJ/expect_a || fail "unexpected ssh output"
+
+verbose "multihop agent unrestricted"
+clear_agent
+$SSHADD -q $OBJ/user_[abcde]
+prepare_multihop_expected all
+$MULTIHOP_RUN "" a b c d e > $OBJ/ssh_output || fail "multihop no agent ssh failed"
+diff $OBJ/ssh_output $OBJ/expect_a || fail "unexpected ssh output"
+
+verbose "multihop restricted"
+clear_agent
+prepare_multihop_expected filtered
+# Add user_a, with permission to connect through the whole chain.
+$SSHADD -h host_a -h "host_a>host_b" -h "host_b>host_c" \
+	-h "host_c>host_d" -h "host_d>host_e" \
+	-H $OBJ/known_hosts -q $OBJ/user_a \
+	|| fatal "add key user_a multihop"
+# Add the other keys, bound to a unused host.
+$SSHADD -q -h host_x -H $OBJ/known_hosts $OBJ/user_[bcde] || fail "add keys"
+hide_privatekeys
+$MULTIHOP_RUN "" a b c d e > $OBJ/ssh_output || fail "multihop ssh failed"
+diff $OBJ/ssh_output $OBJ/expect_a || fail "unexpected ssh output"
+restore_privatekeys
+
+verbose "multihop username"
+$SSHADD -h host_a -h "host_a>${USER}@host_b" -h "host_b>${USER}@host_c" \
+	-h "host_c>${USER}@host_d"  -h "host_d>${USER}@host_e" \
+	-H $OBJ/known_hosts -q $OBJ/user_a || fatal "add key user_a multihop"
+hide_privatekeys
+$MULTIHOP_RUN "" a b c d e > $OBJ/ssh_output || fail "multihop w/ user ssh failed"
+diff $OBJ/ssh_output $OBJ/expect_a || fail "unexpected ssh output"
+restore_privatekeys
+
+verbose "multihop wildcard username"
+$SSHADD -h host_a -h "host_a>*@host_b" -h "host_b>*@host_c" \
+	-h "host_c>*@host_d"  -h "host_d>*@host_e" \
+	-H $OBJ/known_hosts -q $OBJ/user_a || fatal "add key user_a multihop"
+hide_privatekeys
+$MULTIHOP_RUN "" a b c d e > $OBJ/ssh_output || fail "multihop w/ user ssh failed"
+diff $OBJ/ssh_output $OBJ/expect_a || fail "unexpected ssh output"
+restore_privatekeys
+
+verbose "multihop wrong username"
+$SSHADD -h host_a -h "host_a>*@host_b" -h "host_b>*@host_c" \
+	-h "host_c>--BADUSER@host_d"  -h "host_d>*@host_e" \
+	-H $OBJ/known_hosts -q $OBJ/user_a || fatal "add key user_a multihop"
+hide_privatekeys
+$MULTIHOP_RUN "" a b c d e > $OBJ/ssh_output && \
+	fail "multihop with wrong user succeeded unexpectedly"
+restore_privatekeys
+
+verbose "multihop cycle no agent"
+clear_agent
+prepare_multihop_expected none "a b a a c d e"
+$MULTIHOP_RUN "" a b a a c d e > $OBJ/ssh_output || \
+	fail "multihop cycle no-agent fail"
+diff $OBJ/ssh_output $OBJ/expect_a || fail "unexpected ssh output"
+
+verbose "multihop cycle agent unrestricted"
+clear_agent
+$SSHADD -q $OBJ/user_[abcde] || fail "add keys"
+prepare_multihop_expected all "a b a a c d e"
+$MULTIHOP_RUN "" a b a a c d e > $OBJ/ssh_output || \
+	fail "multihop cycle agent ssh failed"
+diff $OBJ/ssh_output $OBJ/expect_a || fail "unexpected ssh output"
+
+verbose "multihop cycle restricted deny"
+clear_agent
+$SSHADD -q -h host_x -H $OBJ/known_hosts $OBJ/user_[bcde] || fail "add keys"
+$SSHADD -h host_a -h "host_a>host_b" -h "host_b>host_c" \
+	-h "host_c>host_d" -h "host_d>host_e" \
+	-H $OBJ/known_hosts -q $OBJ/user_a \
+	|| fatal "add key user_a multihop"
+prepare_multihop_expected filtered "a b a a c d e"
+hide_privatekeys
+$MULTIHOP_RUN "" a b a a c d e > $OBJ/ssh_output && \
+	fail "multihop cycle restricted deny succeded unexpectedly"
+restore_privatekeys
+
+verbose "multihop cycle restricted allow"
+clear_agent
+$SSHADD -q -h host_x -H $OBJ/known_hosts $OBJ/user_[bcde] || fail "add keys"
+$SSHADD -h host_a -h "host_a>host_b" -h "host_b>host_c" \
+	-h "host_c>host_d" -h "host_d>host_e" \
+	-h "host_b>host_a" -h "host_a>host_a" -h "host_a>host_c" \
+	-H $OBJ/known_hosts -q $OBJ/user_a \
+	|| fatal "add key user_a multihop"
+prepare_multihop_expected filtered "a b a a c d e"
+hide_privatekeys
+$MULTIHOP_RUN "" a b a a c d e > $OBJ/ssh_output || \
+	fail "multihop cycle restricted allow failed"
+diff $OBJ/ssh_output $OBJ/expect_a || fail "unexpected ssh output"
+restore_privatekeys
+
diff --git a/regress/cert-hostkey.sh b/regress/cert-hostkey.sh
index de8652b0e5e2..a3414e1a5c50 100644
--- a/regress/cert-hostkey.sh
+++ b/regress/cert-hostkey.sh
@@ -1,4 +1,4 @@
-#	$OpenBSD: cert-hostkey.sh,v 1.25 2021/06/08 22:30:27 djm Exp $
+#	$OpenBSD: cert-hostkey.sh,v 1.27 2021/09/30 05:26:26 dtucker Exp $
 #	Placed in the Public Domain.
 
 tid="certified host keys"
@@ -131,35 +131,32 @@ attempt_connect() {
 }
 
 # Basic connect and revocation tests.
-for privsep in yes ; do
-	for ktype in $PLAIN_TYPES ; do
-		verbose "$tid: host ${ktype} cert connect privsep $privsep"
-		(
-			cat $OBJ/sshd_proxy_bak
-			echo HostKey $OBJ/cert_host_key_${ktype}
-			echo HostCertificate $OBJ/cert_host_key_${ktype}-cert.pub
-			echo UsePrivilegeSeparation $privsep
-		) > $OBJ/sshd_proxy
+for ktype in $PLAIN_TYPES ; do
+	verbose "$tid: host ${ktype} cert connect"
+	(
+		cat $OBJ/sshd_proxy_bak
+		echo HostKey $OBJ/cert_host_key_${ktype}
+		echo HostCertificate $OBJ/cert_host_key_${ktype}-cert.pub
+	) > $OBJ/sshd_proxy
 
-		#               test name                         expect success
-		attempt_connect "$ktype basic connect"			"yes"
-		attempt_connect "$ktype empty KRL"			"yes" \
-		    -oRevokedHostKeys=$OBJ/host_krl_empty
-		attempt_connect "$ktype KRL w/ plain key revoked"	"no" \
-		    -oRevokedHostKeys=$OBJ/host_krl_plain
-		attempt_connect "$ktype KRL w/ cert revoked"		"no" \
-		    -oRevokedHostKeys=$OBJ/host_krl_cert
-		attempt_connect "$ktype KRL w/ CA revoked"		"no" \
-		    -oRevokedHostKeys=$OBJ/host_krl_ca
-		attempt_connect "$ktype empty plaintext revocation"	"yes" \
-		    -oRevokedHostKeys=$OBJ/host_revoked_empty
-		attempt_connect "$ktype plain key plaintext revocation"	"no" \
-		    -oRevokedHostKeys=$OBJ/host_revoked_plain
-		attempt_connect "$ktype cert plaintext revocation"	"no" \
-		    -oRevokedHostKeys=$OBJ/host_revoked_cert
-		attempt_connect "$ktype CA plaintext revocation"	"no" \
-		    -oRevokedHostKeys=$OBJ/host_revoked_ca
-	done
+	#               test name                         expect success
+	attempt_connect "$ktype basic connect"			"yes"
+	attempt_connect "$ktype empty KRL"			"yes" \
+	    -oRevokedHostKeys=$OBJ/host_krl_empty
+	attempt_connect "$ktype KRL w/ plain key revoked"	"no" \
+	    -oRevokedHostKeys=$OBJ/host_krl_plain
+	attempt_connect "$ktype KRL w/ cert revoked"		"no" \
+	    -oRevokedHostKeys=$OBJ/host_krl_cert
+	attempt_connect "$ktype KRL w/ CA revoked"		"no" \
+	    -oRevokedHostKeys=$OBJ/host_krl_ca
+	attempt_connect "$ktype empty plaintext revocation"	"yes" \
+	    -oRevokedHostKeys=$OBJ/host_revoked_empty
+	attempt_connect "$ktype plain key plaintext revocation"	"no" \
+	    -oRevokedHostKeys=$OBJ/host_revoked_plain
+	attempt_connect "$ktype cert plaintext revocation"	"no" \
+	    -oRevokedHostKeys=$OBJ/host_revoked_cert
+	attempt_connect "$ktype CA plaintext revocation"	"no" \
+	    -oRevokedHostKeys=$OBJ/host_revoked_ca
 done
 
 # Revoked certificates with key present
@@ -169,24 +166,21 @@ for ktype in $PLAIN_TYPES ; do
 	kh_revoke cert_host_key_${ktype}.pub >> $OBJ/known_hosts-cert.orig
 done
 cp $OBJ/known_hosts-cert.orig $OBJ/known_hosts-cert
-for privsep in yes ; do
-	for ktype in $PLAIN_TYPES ; do
-		verbose "$tid: host ${ktype} revoked cert privsep $privsep"
-		(
-			cat $OBJ/sshd_proxy_bak
-			echo HostKey $OBJ/cert_host_key_${ktype}
-			echo HostCertificate $OBJ/cert_host_key_${ktype}-cert.pub
-			echo UsePrivilegeSeparation $privsep
-		) > $OBJ/sshd_proxy
+for ktype in $PLAIN_TYPES ; do
+	verbose "$tid: host ${ktype} revoked cert"
+	(
+		cat $OBJ/sshd_proxy_bak
+		echo HostKey $OBJ/cert_host_key_${ktype}
+		echo HostCertificate $OBJ/cert_host_key_${ktype}-cert.pub
+	) > $OBJ/sshd_proxy
 
-		cp $OBJ/known_hosts-cert.orig $OBJ/known_hosts-cert
-		${SSH} -oUserKnownHostsFile=$OBJ/known_hosts-cert \
-		    -oGlobalKnownHostsFile=$OBJ/known_hosts-cert \
-			-F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
-		if [ $? -eq 0 ]; then
-			fail "ssh cert connect succeeded unexpectedly"
-		fi
-	done
+	cp $OBJ/known_hosts-cert.orig $OBJ/known_hosts-cert
+	${SSH} -oUserKnownHostsFile=$OBJ/known_hosts-cert \
+	    -oGlobalKnownHostsFile=$OBJ/known_hosts-cert \
+		-F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
+	if [ $? -eq 0 ]; then
+		fail "ssh cert connect succeeded unexpectedly"
+	fi
 done
 
 # Revoked CA
diff --git a/regress/cert-userkey.sh b/regress/cert-userkey.sh
index baa6903ea268..4ea29b7cdbb4 100644
--- a/regress/cert-userkey.sh
+++ b/regress/cert-userkey.sh
@@ -1,4 +1,4 @@
-#	$OpenBSD: cert-userkey.sh,v 1.26 2021/02/25 03:27:34 djm Exp $
+#	$OpenBSD: cert-userkey.sh,v 1.28 2021/09/30 05:26:26 dtucker Exp $
 #	Placed in the Public Domain.
 
 tid="certified user keys"
@@ -60,126 +60,122 @@ done
 # Test explicitly-specified principals
 for ktype in $EXTRA_TYPES $PLAIN_TYPES ; do
 	t=$(kname $ktype)
-	for privsep in yes ; do
-		_prefix="${ktype} privsep $privsep"
+	_prefix="${ktype}"
 
-		# Setup for AuthorizedPrincipalsFile
-		rm -f $OBJ/authorized_keys_$USER
-		(
-			cat $OBJ/sshd_proxy_bak
-			echo "UsePrivilegeSeparation $privsep"
-			echo "AuthorizedPrincipalsFile " \
-			    "$OBJ/authorized_principals_%u"
-			echo "TrustedUserCAKeys $OBJ/user_ca_key.pub"
-			echo "PubkeyAcceptedAlgorithms ${t}"
-		) > $OBJ/sshd_proxy
-		(
-			cat $OBJ/ssh_proxy_bak
-			echo "PubkeyAcceptedAlgorithms ${t}"
-		) > $OBJ/ssh_proxy
+	# Setup for AuthorizedPrincipalsFile
+	rm -f $OBJ/authorized_keys_$USER
+	(
+		cat $OBJ/sshd_proxy_bak
+		echo "AuthorizedPrincipalsFile " \
+		    "$OBJ/authorized_principals_%u"
+		echo "TrustedUserCAKeys $OBJ/user_ca_key.pub"
+		echo "PubkeyAcceptedAlgorithms ${t}"
+	) > $OBJ/sshd_proxy
+	(
+		cat $OBJ/ssh_proxy_bak
+		echo "PubkeyAcceptedAlgorithms ${t}"
+	) > $OBJ/ssh_proxy
 
-		# Missing authorized_principals
-		verbose "$tid: ${_prefix} missing authorized_principals"
-		rm -f $OBJ/authorized_principals_$USER
-		${SSH} -i $OBJ/cert_user_key_${ktype} \
-		    -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
-		if [ $? -eq 0 ]; then
-			fail "ssh cert connect succeeded unexpectedly"
-		fi
+	# Missing authorized_principals
+	verbose "$tid: ${_prefix} missing authorized_principals"
+	rm -f $OBJ/authorized_principals_$USER
+	${SSH} -i $OBJ/cert_user_key_${ktype} \
+	    -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
+	if [ $? -eq 0 ]; then
+		fail "ssh cert connect succeeded unexpectedly"
+	fi
 
-		# Empty authorized_principals
-		verbose "$tid: ${_prefix} empty authorized_principals"
-		echo > $OBJ/authorized_principals_$USER
-		${SSH} -i $OBJ/cert_user_key_${ktype} \
-		    -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
-		if [ $? -eq 0 ]; then
-			fail "ssh cert connect succeeded unexpectedly"
-		fi
+	# Empty authorized_principals
+	verbose "$tid: ${_prefix} empty authorized_principals"
+	echo > $OBJ/authorized_principals_$USER
+	${SSH} -i $OBJ/cert_user_key_${ktype} \
+	    -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
+	if [ $? -eq 0 ]; then
+		fail "ssh cert connect succeeded unexpectedly"
+	fi
 
-		# Wrong authorized_principals
-		verbose "$tid: ${_prefix} wrong authorized_principals"
-		echo gregorsamsa > $OBJ/authorized_principals_$USER
-		${SSH} -i $OBJ/cert_user_key_${ktype} \
-		    -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
-		if [ $? -eq 0 ]; then
-			fail "ssh cert connect succeeded unexpectedly"
-		fi
+	# Wrong authorized_principals
+	verbose "$tid: ${_prefix} wrong authorized_principals"
+	echo gregorsamsa > $OBJ/authorized_principals_$USER
+	${SSH} -i $OBJ/cert_user_key_${ktype} \
+	    -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
+	if [ $? -eq 0 ]; then
+		fail "ssh cert connect succeeded unexpectedly"
+	fi
 
-		# Correct authorized_principals
-		verbose "$tid: ${_prefix} correct authorized_principals"
-		echo mekmitasdigoat > $OBJ/authorized_principals_$USER
-		${SSH} -i $OBJ/cert_user_key_${ktype} \
-		    -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
-		if [ $? -ne 0 ]; then
-			fail "ssh cert connect failed"
-		fi
+	# Correct authorized_principals
+	verbose "$tid: ${_prefix} correct authorized_principals"
+	echo mekmitasdigoat > $OBJ/authorized_principals_$USER
+	${SSH} -i $OBJ/cert_user_key_${ktype} \
+	    -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
+	if [ $? -ne 0 ]; then
+		fail "ssh cert connect failed"
+	fi
 
-		# authorized_principals with bad key option
-		verbose "$tid: ${_prefix} authorized_principals bad key opt"
-		echo 'blah mekmitasdigoat' > $OBJ/authorized_principals_$USER
-		${SSH} -i $OBJ/cert_user_key_${ktype} \
-		    -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
-		if [ $? -eq 0 ]; then
-			fail "ssh cert connect succeeded unexpectedly"
-		fi
+	# authorized_principals with bad key option
+	verbose "$tid: ${_prefix} authorized_principals bad key opt"
+	echo 'blah mekmitasdigoat' > $OBJ/authorized_principals_$USER
+	${SSH} -i $OBJ/cert_user_key_${ktype} \
+	    -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
+	if [ $? -eq 0 ]; then
+		fail "ssh cert connect succeeded unexpectedly"
+	fi
 
-		# authorized_principals with command=false
-		verbose "$tid: ${_prefix} authorized_principals command=false"
-		echo 'command="false" mekmitasdigoat' > \
-		    $OBJ/authorized_principals_$USER
-		${SSH} -i $OBJ/cert_user_key_${ktype} \
-		    -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
-		if [ $? -eq 0 ]; then
-			fail "ssh cert connect succeeded unexpectedly"
-		fi
+	# authorized_principals with command=false
+	verbose "$tid: ${_prefix} authorized_principals command=false"
+	echo 'command="false" mekmitasdigoat' > \
+	    $OBJ/authorized_principals_$USER
+	${SSH} -i $OBJ/cert_user_key_${ktype} \
+	    -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
+	if [ $? -eq 0 ]; then
+		fail "ssh cert connect succeeded unexpectedly"
+	fi
 
 
-		# authorized_principals with command=true
-		verbose "$tid: ${_prefix} authorized_principals command=true"
-		echo 'command="true" mekmitasdigoat' > \
-		    $OBJ/authorized_principals_$USER
-		${SSH} -i $OBJ/cert_user_key_${ktype} \
-		    -F $OBJ/ssh_proxy somehost false >/dev/null 2>&1
-		if [ $? -ne 0 ]; then
-			fail "ssh cert connect failed"
-		fi
+	# authorized_principals with command=true
+	verbose "$tid: ${_prefix} authorized_principals command=true"
+	echo 'command="true" mekmitasdigoat' > \
+	    $OBJ/authorized_principals_$USER
+	${SSH} -i $OBJ/cert_user_key_${ktype} \
+	    -F $OBJ/ssh_proxy somehost false >/dev/null 2>&1
+	if [ $? -ne 0 ]; then
+		fail "ssh cert connect failed"
+	fi
 
-		# Setup for principals= key option
-		rm -f $OBJ/authorized_principals_$USER
-		(
-			cat $OBJ/sshd_proxy_bak
-			echo "UsePrivilegeSeparation $privsep"
-			echo "PubkeyAcceptedAlgorithms ${t}"
-		) > $OBJ/sshd_proxy
-		(
-			cat $OBJ/ssh_proxy_bak
-			echo "PubkeyAcceptedAlgorithms ${t}"
-		) > $OBJ/ssh_proxy
+	# Setup for principals= key option
+	rm -f $OBJ/authorized_principals_$USER
+	(
+		cat $OBJ/sshd_proxy_bak
+		echo "PubkeyAcceptedAlgorithms ${t}"
+	) > $OBJ/sshd_proxy
+	(
+		cat $OBJ/ssh_proxy_bak
+		echo "PubkeyAcceptedAlgorithms ${t}"
+	) > $OBJ/ssh_proxy
 
-		# Wrong principals list
-		verbose "$tid: ${_prefix} wrong principals key option"
-		(
-			printf 'cert-authority,principals="gregorsamsa" '
-			cat $OBJ/user_ca_key.pub
-		) > $OBJ/authorized_keys_$USER
-		${SSH} -i $OBJ/cert_user_key_${ktype} \
-		    -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
-		if [ $? -eq 0 ]; then
-			fail "ssh cert connect succeeded unexpectedly"
-		fi
+	# Wrong principals list
+	verbose "$tid: ${_prefix} wrong principals key option"
+	(
+		printf 'cert-authority,principals="gregorsamsa" '
+		cat $OBJ/user_ca_key.pub
+	) > $OBJ/authorized_keys_$USER
+	${SSH} -i $OBJ/cert_user_key_${ktype} \
+	    -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
+	if [ $? -eq 0 ]; then
+		fail "ssh cert connect succeeded unexpectedly"
+	fi
 
-		# Correct principals list
-		verbose "$tid: ${_prefix} correct principals key option"
-		(
-			printf 'cert-authority,principals="mekmitasdigoat" '
-			cat $OBJ/user_ca_key.pub
-		) > $OBJ/authorized_keys_$USER
-		${SSH} -i $OBJ/cert_user_key_${ktype} \
-		    -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
-		if [ $? -ne 0 ]; then
-			fail "ssh cert connect failed"
-		fi
-	done
+	# Correct principals list
+	verbose "$tid: ${_prefix} correct principals key option"
+	(
+		printf 'cert-authority,principals="mekmitasdigoat" '
+		cat $OBJ/user_ca_key.pub
+	) > $OBJ/authorized_keys_$USER
+	${SSH} -i $OBJ/cert_user_key_${ktype} \
+	    -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
+	if [ $? -ne 0 ]; then
+		fail "ssh cert connect failed"
+	fi
 done
 
 basic_tests() {
@@ -197,76 +193,72 @@ basic_tests() {
 
 	for ktype in $PLAIN_TYPES ; do
 		t=$(kname $ktype)
-		for privsep in yes ; do
-			_prefix="${ktype} privsep $privsep $auth"
-			# Simple connect
-			verbose "$tid: ${_prefix} connect"
-			(
-				cat $OBJ/sshd_proxy_bak
-				echo "UsePrivilegeSeparation $privsep"
-				echo "PubkeyAcceptedAlgorithms ${t}"
-				echo "$extra_sshd"
-			) > $OBJ/sshd_proxy
-			(
-				cat $OBJ/ssh_proxy_bak
-				echo "PubkeyAcceptedAlgorithms ${t}"
-			) > $OBJ/ssh_proxy
-
-			${SSH} -i $OBJ/cert_user_key_${ktype} \
-			    -F $OBJ/ssh_proxy somehost true
-			if [ $? -ne 0 ]; then
-				fail "ssh cert connect failed"
-			fi
+		_prefix="${ktype} $auth"
+		# Simple connect
+		verbose "$tid: ${_prefix} connect"
+		(
+			cat $OBJ/sshd_proxy_bak
+			echo "PubkeyAcceptedAlgorithms ${t}"
+			echo "$extra_sshd"
+		) > $OBJ/sshd_proxy
+		(
+			cat $OBJ/ssh_proxy_bak
+			echo "PubkeyAcceptedAlgorithms ${t}"
+		) > $OBJ/ssh_proxy
 
-			# Revoked keys
-			verbose "$tid: ${_prefix} revoked key"
-			(
-				cat $OBJ/sshd_proxy_bak
-				echo "UsePrivilegeSeparation $privsep"
-				echo "RevokedKeys $OBJ/cert_user_key_revoked"
-				echo "PubkeyAcceptedAlgorithms ${t}"
-				echo "$extra_sshd"
-			) > $OBJ/sshd_proxy
-			cp $OBJ/cert_user_key_${ktype}.pub \
-			    $OBJ/cert_user_key_revoked
-			${SSH} -i $OBJ/cert_user_key_${ktype} \
-			    -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
-			if [ $? -eq 0 ]; then
-				fail "ssh cert connect succeeded unexpecedly"
-			fi
-			verbose "$tid: ${_prefix} revoked via KRL"
-			rm $OBJ/cert_user_key_revoked
-			${SSHKEYGEN} -kqf $OBJ/cert_user_key_revoked \
-			    $OBJ/cert_user_key_${ktype}.pub
-			${SSH} -i $OBJ/cert_user_key_${ktype} \
-			    -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
-			if [ $? -eq 0 ]; then
-				fail "ssh cert connect succeeded unexpecedly"
-			fi
-			verbose "$tid: ${_prefix} empty KRL"
-			${SSHKEYGEN} -kqf $OBJ/cert_user_key_revoked
-			${SSH} -i $OBJ/cert_user_key_${ktype} \
-			    -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
-			if [ $? -ne 0 ]; then
-				fail "ssh cert connect failed"
-			fi
-		done
+		${SSH} -i $OBJ/cert_user_key_${ktype} \
+		    -F $OBJ/ssh_proxy somehost true
+		if [ $? -ne 0 ]; then
+			fail "ssh cert connect failed"
+		fi
 
-		# Revoked CA
-		verbose "$tid: ${ktype} $auth revoked CA key"
+		# Revoked keys
+		verbose "$tid: ${_prefix} revoked key"
 		(
 			cat $OBJ/sshd_proxy_bak
-			echo "RevokedKeys $OBJ/user_ca_key.pub"
+			echo "RevokedKeys $OBJ/cert_user_key_revoked"
 			echo "PubkeyAcceptedAlgorithms ${t}"
 			echo "$extra_sshd"
 		) > $OBJ/sshd_proxy
-		${SSH} -i $OBJ/cert_user_key_${ktype} -F $OBJ/ssh_proxy \
-		    somehost true >/dev/null 2>&1
+		cp $OBJ/cert_user_key_${ktype}.pub \
+		    $OBJ/cert_user_key_revoked
+		${SSH} -i $OBJ/cert_user_key_${ktype} \
+		    -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
+		if [ $? -eq 0 ]; then
+			fail "ssh cert connect succeeded unexpecedly"
+		fi
+		verbose "$tid: ${_prefix} revoked via KRL"
+		rm $OBJ/cert_user_key_revoked
+		${SSHKEYGEN} -kqf $OBJ/cert_user_key_revoked \
+		    $OBJ/cert_user_key_${ktype}.pub
+		${SSH} -i $OBJ/cert_user_key_${ktype} \
+		    -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
 		if [ $? -eq 0 ]; then
 			fail "ssh cert connect succeeded unexpecedly"
 		fi
+		verbose "$tid: ${_prefix} empty KRL"
+		${SSHKEYGEN} -kqf $OBJ/cert_user_key_revoked
+		${SSH} -i $OBJ/cert_user_key_${ktype} \
+		    -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
+		if [ $? -ne 0 ]; then
+			fail "ssh cert connect failed"
+		fi
 	done
 
+	# Revoked CA
+	verbose "$tid: ${ktype} $auth revoked CA key"
+	(
+		cat $OBJ/sshd_proxy_bak
+		echo "RevokedKeys $OBJ/user_ca_key.pub"
+		echo "PubkeyAcceptedAlgorithms ${t}"
+		echo "$extra_sshd"
+	) > $OBJ/sshd_proxy
+	${SSH} -i $OBJ/cert_user_key_${ktype} -F $OBJ/ssh_proxy \
+	    somehost true >/dev/null 2>&1
+	if [ $? -eq 0 ]; then
+		fail "ssh cert connect succeeded unexpecedly"
+	fi
+
 	verbose "$tid: $auth CA does not authenticate"
 	(
 		cat $OBJ/sshd_proxy_bak
diff --git a/regress/cipher-speed.sh b/regress/cipher-speed.sh
index 5da95b3a9e70..1340bd159873 100644
--- a/regress/cipher-speed.sh
+++ b/regress/cipher-speed.sh
@@ -3,6 +3,16 @@
 
 tid="cipher speed"
 
+# Enable all supported ciphers and macs.
+ciphers=`${SSH} -Q Ciphers | tr '\n' , | sed 's/,$//'`
+macs=`${SSH} -Q MACs | tr '\n' , | sed 's/,$//'`
+cat >>$OBJ/sshd_proxy <<EOD
+Ciphers $ciphers
+MACs $macs
+EOD
+
+increase_datafile_size 10000 # 10MB
+
 getbytes ()
 {
 	sed -n -e '/transferred/s/.*secs (\(.* bytes.sec\).*/\1/p' \
diff --git a/regress/hostbased.sh b/regress/hostbased.sh
new file mode 100644
index 000000000000..04a1c1a2da45
--- /dev/null
+++ b/regress/hostbased.sh
@@ -0,0 +1,66 @@
+#	$OpenBSD: hostbased.sh,v 1.3 2022/01/08 07:55:26 dtucker Exp $
+#	Placed in the Public Domain.
+
+# This test requires external setup and thus is skipped unless
+# TEST_SSH_HOSTBASED_AUTH and SUDO are set to "yes".
+# Since ssh-keysign has key paths hard coded, unlike the other tests it
+# needs to use the real host keys. It requires:
+# - ssh-keysign must be installed and setuid.
+# - "EnableSSHKeysign yes" must be in the system ssh_config.
+# - the system's own real FQDN the system-wide shosts.equiv.
+# - the system's real public key fingerprints must me in global ssh_known_hosts.
+#
+tid="hostbased"
+
+if [ -z "${TEST_SSH_HOSTBASED_AUTH}" ]; then
+	skip "TEST_SSH_HOSTBASED_AUTH not set."
+elif [ -z "${SUDO}" ]; then
+	skip "SUDO not set"
+fi
+
+# Enable all supported hostkey algos (but no others)
+hostkeyalgos=`${SSH} -Q HostKeyAlgorithms | tr '\n' , | sed 's/,$//'`
+
+cat >>$OBJ/sshd_proxy <<EOD
+HostbasedAuthentication yes
+HostbasedAcceptedAlgorithms $hostkeyalgos
+HostbasedUsesNameFromPacketOnly yes
+HostKeyAlgorithms $hostkeyalgos
+EOD
+
+cat >>$OBJ/ssh_proxy <<EOD
+HostbasedAuthentication yes
+HostKeyAlgorithms $hostkeyalgos
+HostbasedAcceptedAlgorithms $hostkeyalgos
+PreferredAuthentications hostbased
+EOD
+
+algos=""
+for key in `${SUDO} ${SSHD} -T | awk '$1=="hostkey"{print $2}'`; do
+	case "`$SSHKEYGEN -l -f ${key}.pub`" in
+	256*ECDSA*)	algos="$algos ecdsa-sha2-nistp256" ;;
+	384*ECDSA*)	algos="$algos ecdsa-sha2-nistp384" ;;
+	521*ECDSA*)	algos="$algos ecdsa-sha2-nistp521" ;;
+	*RSA*)		algos="$algos ssh-rsa rsa-sha2-256 rsa-sha2-512" ;;
+	*ED25519*)	algos="$algos ssh-ed25519" ;;
+	*DSA*)		algos="$algos ssh-dss" ;;
+	*) verbose "unknown host key type $key" ;;
+	esac
+done
+
+for algo in $algos; do
+	trace "hostbased algo $algo"
+	opts="-F $OBJ/ssh_proxy"
+	if [ "x$algo" != "xdefault" ]; then
+		opts="$opts -oHostbasedAcceptedAlgorithms=$algo"
+	fi
+	SSH_CONNECTION=`${SSH} $opts localhost 'echo $SSH_CONNECTION'`
+	if [ $? -ne 0 ]; then
+		fail "connect failed, hostbased algo $algo"
+	elif [ "$SSH_CONNECTION" != "UNKNOWN 65535 UNKNOWN 65535" ]; then
+		fail "hostbased algo $algo bad SSH_CONNECTION" \
+		    "$SSH_CONNECTION"
+	else
+		verbose "ok hostbased algo $algo"
+	fi
+done
diff --git a/regress/hostkey-agent.sh b/regress/hostkey-agent.sh
index d6736e246501..222d424bd34f 100644
--- a/regress/hostkey-agent.sh
+++ b/regress/hostkey-agent.sh
@@ -1,9 +1,9 @@
-#	$OpenBSD: hostkey-agent.sh,v 1.11 2019/12/16 02:39:05 djm Exp $
+#	$OpenBSD: hostkey-agent.sh,v 1.13 2021/09/30 05:20:08 dtucker Exp $
 #	Placed in the Public Domain.
 
 tid="hostkey agent"
 
-rm -f $OBJ/agent-key.* $OBJ/ssh_proxy.orig $OBJ/known_hosts.orig
+rm -f $OBJ/agent-key.* $OBJ/ssh_proxy.orig $OBJ/known_hosts.orig $OBJ/agent-ca*
 
 trace "start agent"
 eval `${SSHAGENT} ${EXTRA_AGENT_ARGS} -s` > /dev/null
@@ -13,39 +13,73 @@ r=$?
 grep -vi 'hostkey' $OBJ/sshd_proxy > $OBJ/sshd_proxy.orig
 echo "HostKeyAgent $SSH_AUTH_SOCK" >> $OBJ/sshd_proxy.orig
 
+trace "make CA key"
+
+${SSHKEYGEN} -qt ed25519 -f $OBJ/agent-ca -N '' || fatal "ssh-keygen CA"
+
 trace "load hostkeys"
 for k in $SSH_KEYTYPES ; do
 	${SSHKEYGEN} -qt $k -f $OBJ/agent-key.$k -N '' || fatal "ssh-keygen $k"
-	(
-		printf 'localhost-with-alias,127.0.0.1,::1 '
-		cat $OBJ/agent-key.$k.pub
-	) >> $OBJ/known_hosts.orig
-	${SSHADD} $OBJ/agent-key.$k >/dev/null 2>&1 || \
+	${SSHKEYGEN} -s $OBJ/agent-ca -qh -n localhost-with-alias \
+		-I localhost-with-alias $OBJ/agent-key.$k.pub || \
+		fatal "sign $k"
+	${SSHADD} -k $OBJ/agent-key.$k >/dev/null 2>&1 || \
 		fatal "couldn't load key $OBJ/agent-key.$k"
-	echo "Hostkey $OBJ/agent-key.${k}" >> $OBJ/sshd_proxy.orig
 	# Remove private key so the server can't use it.
 	rm $OBJ/agent-key.$k || fatal "couldn't rm $OBJ/agent-key.$k"
 done
-cp $OBJ/known_hosts.orig $OBJ/known_hosts
+rm $OBJ/agent-ca # Don't need CA private any more either
 
 unset SSH_AUTH_SOCK
 
-for ps in yes; do
-	for k in $SSH_KEYTYPES ; do
-		verbose "key type $k privsep=$ps"
-		cp $OBJ/sshd_proxy.orig $OBJ/sshd_proxy
-		echo "UsePrivilegeSeparation $ps" >> $OBJ/sshd_proxy
-		echo "HostKeyAlgorithms $k" >> $OBJ/sshd_proxy
-		opts="-oHostKeyAlgorithms=$k -F $OBJ/ssh_proxy"
-		cp $OBJ/known_hosts.orig $OBJ/known_hosts
-		SSH_CONNECTION=`${SSH} $opts host 'echo $SSH_CONNECTION'`
-		if [ $? -ne 0 ]; then
-			fail "privsep=$ps failed"
-		fi
-		if [ "$SSH_CONNECTION" != "UNKNOWN 65535 UNKNOWN 65535" ]; then
-			fail "bad SSH_CONNECTION key type $k privsep=$ps"
-		fi
-	done
+for k in $SSH_KEYTYPES ; do
+	verbose "key type $k"
+	cp $OBJ/sshd_proxy.orig $OBJ/sshd_proxy
+	echo "HostKeyAlgorithms $k" >> $OBJ/sshd_proxy
+	echo "Hostkey $OBJ/agent-key.${k}" >> $OBJ/sshd_proxy
+	opts="-oHostKeyAlgorithms=$k -F $OBJ/ssh_proxy"
+	( printf 'localhost-with-alias,127.0.0.1,::1 ' ;
+	  cat $OBJ/agent-key.$k.pub) > $OBJ/known_hosts
+	SSH_CONNECTION=`${SSH} $opts host 'echo $SSH_CONNECTION'`
+	if [ $? -ne 0 ]; then
+		fail "keytype $k failed"
+	fi
+	if [ "$SSH_CONNECTION" != "UNKNOWN 65535 UNKNOWN 65535" ]; then
+		fail "bad SSH_CONNECTION key type $k"
+	fi
+done
+
+SSH_CERTTYPES=`ssh -Q key-sig | grep 'cert-v01@openssh.com'`
+
+# Prepare sshd_proxy for certificates.
+cp $OBJ/sshd_proxy.orig $OBJ/sshd_proxy
+HOSTKEYALGS=""
+for k in $SSH_CERTTYPES ; do
+	test -z "$HOSTKEYALGS" || HOSTKEYALGS="${HOSTKEYALGS},"
+	HOSTKEYALGS="${HOSTKEYALGS}${k}"
+done
+for k in $SSH_KEYTYPES ; do
+	echo "Hostkey $OBJ/agent-key.${k}.pub" >> $OBJ/sshd_proxy
+	echo "HostCertificate $OBJ/agent-key.${k}-cert.pub" >> $OBJ/sshd_proxy
+	test -f $OBJ/agent-key.${k}.pub || fatal "no $k key"
+	test -f $OBJ/agent-key.${k}-cert.pub || fatal "no $k cert"
+done
+echo "HostKeyAlgorithms $HOSTKEYALGS" >> $OBJ/sshd_proxy
+
+# Add only CA trust anchor to known_hosts.
+( printf '@cert-authority localhost-with-alias ' ;
+  cat $OBJ/agent-ca.pub) > $OBJ/known_hosts
+
+for k in $SSH_CERTTYPES ; do
+	verbose "cert type $k"
+	opts="-oHostKeyAlgorithms=$k -F $OBJ/ssh_proxy"
+	SSH_CONNECTION=`${SSH} $opts host 'echo $SSH_CONNECTION'`
+	if [ $? -ne 0 ]; then
+		fail "cert type $k failed"
+	fi
+	if [ "$SSH_CONNECTION" != "UNKNOWN 65535 UNKNOWN 65535" ]; then
+		fail "bad SSH_CONNECTION key type $k"
+	fi
 done
 
 trace "kill agent"
diff --git a/regress/hostkey-rotate.sh b/regress/hostkey-rotate.sh
index 0ae0c3dfcb44..5898cbd8ae4b 100644
--- a/regress/hostkey-rotate.sh
+++ b/regress/hostkey-rotate.sh
@@ -1,4 +1,4 @@
-#	$OpenBSD: hostkey-rotate.sh,v 1.9 2020/10/07 06:38:16 djm Exp $
+#	$OpenBSD: hostkey-rotate.sh,v 1.10 2022/01/05 08:25:05 djm Exp $
 #	Placed in the Public Domain.
 
 tid="hostkey rotate"
@@ -44,9 +44,14 @@ for k in $SSH_HOSTKEY_TYPES; do
 	echo "Hostkey $OBJ/hkr.${k}" >> $OBJ/sshd_proxy.orig
 	nkeys=`expr $nkeys + 1`
 	test "x$all_algs" = "x" || all_algs="${all_algs},"
-	all_algs="${all_algs}$k"
 	case "$k" in
-		ssh-rsa)	secondary="ssh-rsa" ;;
+	ssh-rsa)
+		secondary="ssh-rsa"
+		all_algs="${all_algs}rsa-sha2-256,rsa-sha2-512,$k"
+		;;
+	*)
+		all_algs="${all_algs}$k"
+		;;
 	esac
 done
 
@@ -92,8 +97,12 @@ done
 
 # Check each key type
 for k in $SSH_HOSTKEY_TYPES; do
+	case "$k" in
+	ssh-rsa) alg="rsa-sha2-256,rsa-sha2-512,ssh-rsa" ;;
+	*) alg="$k" ;;
+	esac
 	verbose "learn additional hostkeys, type=$k"
-	dossh -oStrictHostKeyChecking=yes -oHostKeyAlgorithms=$k,$all_algs
+	dossh -oStrictHostKeyChecking=yes -oHostKeyAlgorithms=$alg,$all_algs
 	expect_nkeys $nkeys "learn hostkeys $k"
 	check_key_present $k || fail "didn't learn $k correctly"
 done
diff --git a/regress/keys-command.sh b/regress/keys-command.sh
index a3acf5e4d905..5feec172b45d 100644
--- a/regress/keys-command.sh
+++ b/regress/keys-command.sh
@@ -1,12 +1,10 @@
-#	$OpenBSD: keys-command.sh,v 1.7 2021/09/01 00:50:27 dtucker Exp $
+#	$OpenBSD: keys-command.sh,v 1.8 2021/09/30 04:22:50 dtucker Exp $
 #	Placed in the Public Domain.
 
 tid="authorized keys from command"
 
 if [ -z "$SUDO" -a ! -w /var/run ]; then
-	echo "skipped (SUDO not set)"
-	echo "need SUDO to create file in /var/run, test won't work without"
-	exit 0
+	skip "need SUDO to create file in /var/run, test won't work without"
 fi
 
 rm -f $OBJ/keys-command-args
diff --git a/regress/knownhosts.sh b/regress/knownhosts.sh
new file mode 100644
index 000000000000..dfc768ac9742
--- /dev/null
+++ b/regress/knownhosts.sh
@@ -0,0 +1,17 @@
+#	$OpenBSD: knownhosts.sh,v 1.1 2021/10/01 05:20:20 dtucker Exp $
+#	Placed in the Public Domain.
+
+tid="known hosts"
+
+opts="-F $OBJ/ssh_proxy"
+
+trace "test initial connection"
+${SSH} $opts somehost true || fail "initial connection"
+
+trace "learn hashed known host"
+>$OBJ/known_hosts
+${SSH} -ohashknownhosts=yes -o stricthostkeychecking=no $opts somehost true \
+   || fail "learn hashed known_hosts"
+
+trace "test hashed known hosts"
+${SSH} $opts somehost true || fail "reconnect with hashed known hosts"
diff --git a/regress/login-timeout.sh b/regress/login-timeout.sh
index 4c2d07dc255d..1577da1590f6 100644
--- a/regress/login-timeout.sh
+++ b/regress/login-timeout.sh
@@ -1,9 +1,9 @@
-#	$OpenBSD: login-timeout.sh,v 1.9 2017/08/07 00:53:51 dtucker Exp $
+#	$OpenBSD: login-timeout.sh,v 1.10 2021/09/30 05:20:08 dtucker Exp $
 #	Placed in the Public Domain.
 
 tid="connect after login grace timeout"
 
-trace "test login grace with privsep"
+trace "test login grace time"
 cp $OBJ/sshd_config $OBJ/sshd_config.orig
 grep -vi LoginGraceTime $OBJ/sshd_config.orig > $OBJ/sshd_config
 echo "LoginGraceTime 10s" >> $OBJ/sshd_config
diff --git a/regress/misc/fuzz-harness/Makefile b/regress/misc/fuzz-harness/Makefile
index e879fcdae297..3938ac853d31 100644
--- a/regress/misc/fuzz-harness/Makefile
+++ b/regress/misc/fuzz-harness/Makefile
@@ -7,7 +7,7 @@ FUZZ_LIBS=-lFuzzer
 CXXFLAGS=-O2 -g -Wall -Wextra -Wno-unused-parameter -I ../../.. $(FUZZ_FLAGS)
 CFLAGS=$(CXXFLAGS)
 LDFLAGS=-L ../../.. -L ../../../openbsd-compat -g $(FUZZ_FLAGS)
-LIBS=-lssh -lopenbsd-compat -lcrypto -lfido2 -lcbor $(FUZZ_LIBS)
+LIBS=-lssh -lopenbsd-compat -lmd -lcrypto -lfido2 -lcbor $(FUZZ_LIBS)
 SK_NULL_OBJS=ssh-sk-null.o
 COMMON_DEPS=../../../libssh.a
 
diff --git a/regress/misc/fuzz-harness/kex_fuzz.cc b/regress/misc/fuzz-harness/kex_fuzz.cc
index 4740a7cb04c1..d38ca8597072 100644
--- a/regress/misc/fuzz-harness/kex_fuzz.cc
+++ b/regress/misc/fuzz-harness/kex_fuzz.cc
@@ -2,7 +2,6 @@
 
 
 #include <sys/types.h>
-#include <sys/param.h>
 #include <stdio.h>
 #include <stdint.h>
 #include <stdlib.h>
@@ -327,7 +326,7 @@ int main(void)
 	static struct shared_state *st;
 	struct test_state *ts;
 	const int keytypes[] = { KEY_RSA, KEY_DSA, KEY_ECDSA, KEY_ED25519, -1 };
-	const char *kextypes[] = {
+	static const char * const kextypes[] = {
 		"sntrup761x25519-sha512@openssh.com",
 		"curve25519-sha256@libssh.org",
 		"ecdh-sha2-nistp256",
diff --git a/regress/misc/fuzz-harness/ssh-sk-null.cc b/regress/misc/fuzz-harness/ssh-sk-null.cc
index 199af11217e8..948c3d933c5a 100644
--- a/regress/misc/fuzz-harness/ssh-sk-null.cc
+++ b/regress/misc/fuzz-harness/ssh-sk-null.cc
@@ -43,7 +43,8 @@ sshsk_sign(const char *provider_path, struct sshkey *key,
 
 int
 sshsk_load_resident(const char *provider_path, const char *device,
-    const char *pin, struct sshkey ***keysp, size_t *nkeysp)
+    const char *pin, u_int flags, struct sshsk_resident_key ***srksp,
+    size_t *nsrksp)
 {
 	return SSH_ERR_FEATURE_UNSUPPORTED;
 }
diff --git a/regress/misc/sk-dummy/sk-dummy.c b/regress/misc/sk-dummy/sk-dummy.c
index 4003362d7960..a10c0be281b1 100644
--- a/regress/misc/sk-dummy/sk-dummy.c
+++ b/regress/misc/sk-dummy/sk-dummy.c
@@ -24,10 +24,21 @@
 #include <stdio.h>
 #include <stddef.h>
 #include <stdarg.h>
+#ifdef HAVE_SHA2_H
+#include <sha2.h>
+#endif
 
 #include "crypto_api.h"
 #include "sk-api.h"
 
+#if defined(WITH_OPENSSL) && !defined(OPENSSL_HAS_ECC)
+# undef WITH_OPENSSL
+#endif
+
+#ifdef WITH_OPENSSL
+/* We don't use sha2 from OpenSSL and they can conflict with system sha2.h */
+#define OPENSSL_NO_SHA
+#define USE_LIBC_SHA2	/* NetBSD 9 */
 #include <openssl/opensslv.h>
 #include <openssl/crypto.h>
 #include <openssl/evp.h>
@@ -36,8 +47,6 @@
 #include <openssl/ecdsa.h>
 #include <openssl/pem.h>
 
-/* #define SK_DEBUG 1 */
-
 /* Compatibility with OpenSSH 1.0.x */
 #if (OPENSSL_VERSION_NUMBER < 0x10100000L)
 #define ECDSA_SIG_get0(sig, pr, ps) \
@@ -46,8 +55,11 @@
 		(*ps) = sig->s; \
 	} while (0)
 #endif
+#endif /* WITH_OPENSSL */
+
+/* #define SK_DEBUG 1 */
 
-#if SSH_SK_VERSION_MAJOR != 0x00070000
+#if SSH_SK_VERSION_MAJOR != 0x00090000
 # error SK API has changed, sk-dummy.c needs an update
 #endif
 
@@ -248,6 +260,7 @@ sk_enroll(uint32_t alg, const uint8_t *challenge, size_t challenge_len,
 		skdebug(__func__, "calloc response failed");
 		goto out;
 	}
+	response->flags = flags;
 	switch(alg) {
 	case SSH_SK_ECDSA:
 		if (pack_key_ecdsa(response) != 0)
@@ -313,7 +326,7 @@ sig_ecdsa(const uint8_t *message, size_t message_len,
 	BIO *bio = NULL;
 	EVP_PKEY *pk = NULL;
 	EC_KEY *ec = NULL;
-	SHA256_CTX ctx;
+	SHA2_CTX ctx;
 	uint8_t	apphash[SHA256_DIGEST_LENGTH];
 	uint8_t	sighash[SHA256_DIGEST_LENGTH];
 	uint8_t countbuf[4];
@@ -343,9 +356,9 @@ sig_ecdsa(const uint8_t *message, size_t message_len,
 	}
 	/* Prepare data to be signed */
 	dump("message", message, message_len);
-	SHA256_Init(&ctx);
-	SHA256_Update(&ctx, application, strlen(application));
-	SHA256_Final(apphash, &ctx);
+	SHA256Init(&ctx);
+	SHA256Update(&ctx, (const u_char *)application, strlen(application));
+	SHA256Final(apphash, &ctx);
 	dump("apphash", apphash, sizeof(apphash));
 	countbuf[0] = (counter >> 24) & 0xff;
 	countbuf[1] = (counter >> 16) & 0xff;
@@ -353,12 +366,12 @@ sig_ecdsa(const uint8_t *message, size_t message_len,
 	countbuf[3] = counter & 0xff;
 	dump("countbuf", countbuf, sizeof(countbuf));
 	dump("flags", &flags, sizeof(flags));
-	SHA256_Init(&ctx);
-	SHA256_Update(&ctx, apphash, sizeof(apphash));
-	SHA256_Update(&ctx, &flags, sizeof(flags));
-	SHA256_Update(&ctx, countbuf, sizeof(countbuf));
-	SHA256_Update(&ctx, message, message_len);
-	SHA256_Final(sighash, &ctx);
+	SHA256Init(&ctx);
+	SHA256Update(&ctx, apphash, sizeof(apphash));
+	SHA256Update(&ctx, &flags, sizeof(flags));
+	SHA256Update(&ctx, countbuf, sizeof(countbuf));
+	SHA256Update(&ctx, message, message_len);
+	SHA256Final(sighash, &ctx);
 	dump("sighash", sighash, sizeof(sighash));
 	/* create and encode signature */
 	if ((sig = ECDSA_do_sign(sighash, sizeof(sighash), ec)) == NULL) {
@@ -404,7 +417,7 @@ sig_ed25519(const uint8_t *message, size_t message_len,
 {
 	size_t o;
 	int ret = -1;
-	SHA256_CTX ctx;
+	SHA2_CTX ctx;
 	uint8_t	apphash[SHA256_DIGEST_LENGTH];
 	uint8_t signbuf[sizeof(apphash) + sizeof(flags) +
 	    sizeof(counter) + SHA256_DIGEST_LENGTH];
@@ -422,9 +435,9 @@ sig_ed25519(const uint8_t *message, size_t message_len,
 	}
 	/* Prepare data to be signed */
 	dump("message", message, message_len);
-	SHA256_Init(&ctx);
-	SHA256_Update(&ctx, application, strlen(application));
-	SHA256_Final(apphash, &ctx);
+	SHA256Init(&ctx);
+	SHA256Update(&ctx, (const u_char *)application, strlen(application));
+	SHA256Final(apphash, &ctx);
 	dump("apphash", apphash, sizeof(apphash));
 
 	memcpy(signbuf, apphash, sizeof(apphash));
@@ -482,7 +495,7 @@ sk_sign(uint32_t alg, const uint8_t *data, size_t datalen,
 {
 	struct sk_sign_response *response = NULL;
 	int ret = SSH_SK_ERR_GENERAL;
-	SHA256_CTX ctx;
+	SHA2_CTX ctx;
 	uint8_t message[32];
 
 	if (sign_response == NULL) {
@@ -496,9 +509,9 @@ sk_sign(uint32_t alg, const uint8_t *data, size_t datalen,
 		skdebug(__func__, "calloc response failed");
 		goto out;
 	}
-	SHA256_Init(&ctx);
-	SHA256_Update(&ctx, data, datalen);
-	SHA256_Final(message, &ctx);
+	SHA256Init(&ctx);
+	SHA256Update(&ctx, data, datalen);
+	SHA256Final(message, &ctx);
 	response->flags = flags;
 	response->counter = 0x12345678;
 	switch(alg) {
diff --git a/regress/percent.sh b/regress/percent.sh
index 7ed41845b5cf..bb81779a013d 100644
--- a/regress/percent.sh
+++ b/regress/percent.sh
@@ -1,4 +1,4 @@
-#	$OpenBSD: percent.sh,v 1.13 2021/07/25 12:13:03 dtucker Exp $
+#	$OpenBSD: percent.sh,v 1.14 2022/02/20 03:47:26 dtucker Exp $
 #	Placed in the Public Domain.
 
 tid="percent expansions"
@@ -21,7 +21,8 @@ echo "permitlocalcommand yes" >> $OBJ/ssh_proxy
 
 trial()
 {
-	opt="$1"; arg="$2"; expect="$3"
+	opt="$1"; arg="$2"
+	expect=`echo "$3" | sed 's|^//|/|'` # approximate realpath
 
 	trace "test $opt=$arg $expect"
 	rm -f $OBJ/actual
diff --git a/regress/principals-command.sh b/regress/principals-command.sh
index 5e535c133464..8278711e86f5 100644
--- a/regress/principals-command.sh
+++ b/regress/principals-command.sh
@@ -1,4 +1,4 @@
-#	$OpenBSD: principals-command.sh,v 1.11 2019/12/16 02:39:05 djm Exp $
+#	$OpenBSD: principals-command.sh,v 1.14 2021/09/30 05:26:26 dtucker Exp $
 #	Placed in the Public Domain.
 
 tid="authorized principals command"
@@ -7,9 +7,7 @@ rm -f $OBJ/user_ca_key* $OBJ/cert_user_key*
 cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak
 
 if [ -z "$SUDO" -a ! -w /var/run ]; then
-	echo "skipped (SUDO not set)"
-	echo "need SUDO to create file in /var/run, test won't work without"
-	exit 0
+	skip "need SUDO to create file in /var/run, test won't work without"
 fi
 
 case "$SSH_KEYTYPES" in
@@ -61,114 +59,110 @@ if ! $OBJ/check-perm -m keys-command $PRINCIPALS_COMMAND ; then
 	exit 0
 fi
 
-if [ -x $PRINCIPALS_COMMAND ]; then
-	# Test explicitly-specified principals
-	for privsep in yes ; do
-		_prefix="privsep $privsep"
-
-		# Setup for AuthorizedPrincipalsCommand
-		rm -f $OBJ/authorized_keys_$USER
-		(
-			cat $OBJ/sshd_proxy_bak
-			echo "UsePrivilegeSeparation $privsep"
-			echo "AuthorizedKeysFile none"
-			echo "AuthorizedPrincipalsCommand $PRINCIPALS_COMMAND" \
-			    "%u %t %T %i %s %F %f %k %K"
-			echo "AuthorizedPrincipalsCommandUser ${LOGNAME}"
-			echo "TrustedUserCAKeys $OBJ/user_ca_key.pub"
-		) > $OBJ/sshd_proxy
-
-		# XXX test missing command
-		# XXX test failing command
-
-		# Empty authorized_principals
-		verbose "$tid: ${_prefix} empty authorized_principals"
-		echo > $OBJ/authorized_principals_$USER
-		${SSH} -i $OBJ/cert_user_key \
-		    -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
-		if [ $? -eq 0 ]; then
-			fail "ssh cert connect succeeded unexpectedly"
-		fi
-
-		# Wrong authorized_principals
-		verbose "$tid: ${_prefix} wrong authorized_principals"
-		echo gregorsamsa > $OBJ/authorized_principals_$USER
-		${SSH} -i $OBJ/cert_user_key \
-		    -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
-		if [ $? -eq 0 ]; then
-			fail "ssh cert connect succeeded unexpectedly"
-		fi
-
-		# Correct authorized_principals
-		verbose "$tid: ${_prefix} correct authorized_principals"
-		echo mekmitasdigoat > $OBJ/authorized_principals_$USER
-		${SSH} -i $OBJ/cert_user_key \
-		    -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
-		if [ $? -ne 0 ]; then
-			fail "ssh cert connect failed"
-		fi
-
-		# authorized_principals with bad key option
-		verbose "$tid: ${_prefix} authorized_principals bad key opt"
-		echo 'blah mekmitasdigoat' > $OBJ/authorized_principals_$USER
-		${SSH} -i $OBJ/cert_user_key \
-		    -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
-		if [ $? -eq 0 ]; then
-			fail "ssh cert connect succeeded unexpectedly"
-		fi
-
-		# authorized_principals with command=false
-		verbose "$tid: ${_prefix} authorized_principals command=false"
-		echo 'command="false" mekmitasdigoat' > \
-		    $OBJ/authorized_principals_$USER
-		${SSH} -i $OBJ/cert_user_key \
-		    -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
-		if [ $? -eq 0 ]; then
-			fail "ssh cert connect succeeded unexpectedly"
-		fi
-
-		# authorized_principals with command=true
-		verbose "$tid: ${_prefix} authorized_principals command=true"
-		echo 'command="true" mekmitasdigoat' > \
-		    $OBJ/authorized_principals_$USER
-		${SSH} -i $OBJ/cert_user_key \
-		    -F $OBJ/ssh_proxy somehost false >/dev/null 2>&1
-		if [ $? -ne 0 ]; then
-			fail "ssh cert connect failed"
-		fi
-
-		# Setup for principals= key option
-		rm -f $OBJ/authorized_principals_$USER
-		(
-			cat $OBJ/sshd_proxy_bak
-			echo "UsePrivilegeSeparation $privsep"
-		) > $OBJ/sshd_proxy
-
-		# Wrong principals list
-		verbose "$tid: ${_prefix} wrong principals key option"
-		(
-			printf 'cert-authority,principals="gregorsamsa" '
-			cat $OBJ/user_ca_key.pub
-		) > $OBJ/authorized_keys_$USER
-		${SSH} -i $OBJ/cert_user_key \
-		    -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
-		if [ $? -eq 0 ]; then
-			fail "ssh cert connect succeeded unexpectedly"
-		fi
-
-		# Correct principals list
-		verbose "$tid: ${_prefix} correct principals key option"
-		(
-			printf 'cert-authority,principals="mekmitasdigoat" '
-			cat $OBJ/user_ca_key.pub
-		) > $OBJ/authorized_keys_$USER
-		${SSH} -i $OBJ/cert_user_key \
-		    -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
-		if [ $? -ne 0 ]; then
-			fail "ssh cert connect failed"
-		fi
-	done
-else
-	echo "SKIPPED: $PRINCIPALS_COMMAND not executable " \
+if [ ! -x $PRINCIPALS_COMMAND ]; then
+	skip "$PRINCIPALS_COMMAND not executable " \
 	    "(/var/run mounted noexec?)"
 fi
+
+# Test explicitly-specified principals
+# Setup for AuthorizedPrincipalsCommand
+rm -f $OBJ/authorized_keys_$USER
+(
+	cat $OBJ/sshd_proxy_bak
+	echo "AuthorizedKeysFile none"
+	echo "AuthorizedPrincipalsCommand $PRINCIPALS_COMMAND" \
+	    "%u %t %T %i %s %F %f %k %K"
+	echo "AuthorizedPrincipalsCommandUser ${LOGNAME}"
+	echo "TrustedUserCAKeys $OBJ/user_ca_key.pub"
+) > $OBJ/sshd_proxy
+
+# XXX test missing command
+# XXX test failing command
+
+# Empty authorized_principals
+verbose "$tid: empty authorized_principals"
+echo > $OBJ/authorized_principals_$USER
+${SSH} -i $OBJ/cert_user_key \
+    -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
+if [ $? -eq 0 ]; then
+	fail "ssh cert connect succeeded unexpectedly"
+fi
+
+# Wrong authorized_principals
+verbose "$tid: wrong authorized_principals"
+echo gregorsamsa > $OBJ/authorized_principals_$USER
+${SSH} -i $OBJ/cert_user_key \
+    -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
+if [ $? -eq 0 ]; then
+	fail "ssh cert connect succeeded unexpectedly"
+fi
+
+# Correct authorized_principals
+verbose "$tid: correct authorized_principals"
+echo mekmitasdigoat > $OBJ/authorized_principals_$USER
+${SSH} -i $OBJ/cert_user_key \
+    -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
+if [ $? -ne 0 ]; then
+	fail "ssh cert connect failed"
+fi
+
+# authorized_principals with bad key option
+verbose "$tid: authorized_principals bad key opt"
+echo 'blah mekmitasdigoat' > $OBJ/authorized_principals_$USER
+${SSH} -i $OBJ/cert_user_key \
+    -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
+if [ $? -eq 0 ]; then
+	fail "ssh cert connect succeeded unexpectedly"
+fi
+
+# authorized_principals with command=false
+verbose "$tid: authorized_principals command=false"
+echo 'command="false" mekmitasdigoat' > \
+    $OBJ/authorized_principals_$USER
+${SSH} -i $OBJ/cert_user_key \
+    -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
+if [ $? -eq 0 ]; then
+	fail "ssh cert connect succeeded unexpectedly"
+fi
+
+
+# authorized_principals with command=true
+verbose "$tid: authorized_principals command=true"
+echo 'command="true" mekmitasdigoat' > \
+    $OBJ/authorized_principals_$USER
+${SSH} -i $OBJ/cert_user_key \
+    -F $OBJ/ssh_proxy somehost false >/dev/null 2>&1
+if [ $? -ne 0 ]; then
+	fail "ssh cert connect failed"
+fi
+
+# Setup for principals= key option
+# TODO: remove?
+rm -f $OBJ/authorized_principals_$USER
+(
+	cat $OBJ/sshd_proxy_bak
+) > $OBJ/sshd_proxy
+
+# Wrong principals list
+verbose "$tid: wrong principals key option"
+(
+	printf 'cert-authority,principals="gregorsamsa" '
+	cat $OBJ/user_ca_key.pub
+) > $OBJ/authorized_keys_$USER
+${SSH} -i $OBJ/cert_user_key \
+    -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
+if [ $? -eq 0 ]; then
+	fail "ssh cert connect succeeded unexpectedly"
+fi
+
+# Correct principals list
+verbose "$tid: correct principals key option"
+(
+	printf 'cert-authority,principals="mekmitasdigoat" '
+	cat $OBJ/user_ca_key.pub
+) > $OBJ/authorized_keys_$USER
+${SSH} -i $OBJ/cert_user_key \
+    -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
+if [ $? -ne 0 ]; then
+	fail "ssh cert connect failed"
+fi
diff --git a/regress/sshd-log-wrapper.sh b/regress/sshd-log-wrapper.sh
index 29dc44aa0b53..4b3c91137990 100644
--- a/regress/sshd-log-wrapper.sh
+++ b/regress/sshd-log-wrapper.sh
@@ -1,5 +1,5 @@
 #!/bin/sh
-#       $OpenBSD: sshd-log-wrapper.sh,v 1.4 2016/11/25 02:56:49 dtucker Exp $
+#       $OpenBSD: sshd-log-wrapper.sh,v 1.5 2022/01/04 08:38:53 dtucker Exp $
 #       Placed in the Public Domain.
 #
 # simple wrapper for sshd proxy mode to catch stderr output
@@ -8,4 +8,5 @@
 log=$1
 shift
 
+echo "Executing: $@" >>$log
 exec "$@" -E$log
diff --git a/regress/sshsig.sh b/regress/sshsig.sh
index fc300a8dc3ed..d4daa5c9dbde 100644
--- a/regress/sshsig.sh
+++ b/regress/sshsig.sh
@@ -1,4 +1,4 @@
-#	$OpenBSD: sshsig.sh,v 1.7 2021/08/11 08:55:04 djm Exp $
+#	$OpenBSD: sshsig.sh,v 1.14 2022/02/01 23:37:15 djm Exp $
 #	Placed in the Public Domain.
 
 tid="sshsig"
@@ -35,6 +35,7 @@ verbose "$tid: make certificates"
 for t in $SSH_KEYTYPES ; do
 	${SSHKEYGEN} -q -s $CA_PRIV -z $$ \
 	    -I "regress signature key for $USER" \
+		-V "19840101:19860101" \
 	    -n $sig_principal $OBJ/${t} || \
 		fatal "couldn't sign ${t}"
 	SIGNKEYS="$SIGNKEYS ${t}-cert.pub"
@@ -47,15 +48,27 @@ for t in $SIGNKEYS; do
 	sigfile=${OBJ}/sshsig-${keybase}.sig
 	sigfile_agent=${OBJ}/sshsig-agent-${keybase}.sig
 	pubkey=${OBJ}/${keybase}.pub
+	cert=${OBJ}/${keybase}-cert.pub
+	sigfile_cert=${OBJ}/sshsig-${keybase}-cert.sig
 
 	${SSHKEYGEN} -vvv -Y sign -f ${OBJ}/$t -n $sig_namespace \
-		< $DATA > $sigfile 2>/dev/null || fail "sign using $t failed"
-
-	(printf "$sig_principal " ; cat $pubkey) > $OBJ/allowed_signers
-	${SSHKEYGEN} -vvv -Y verify -s $sigfile -n $sig_namespace \
-		-I $sig_principal -f $OBJ/allowed_signers \
-		< $DATA >/dev/null 2>&1 || \
-		fail "failed signature for $t key"
+	    -Ohashalg=sha1 < $DATA > $sigfile 2>/dev/null && \
+		fail "sign using $t with bad hash algorithm succeeded"
+
+	for h in default sha256 sha512 ; do
+		case "$h" in
+		default) hashalg_arg="" ;;
+		*) hashalg_arg="-Ohashalg=$h" ;;
+		esac
+		${SSHKEYGEN} -vvv -Y sign -f ${OBJ}/$t -n $sig_namespace \
+		    $hashalg_arg < $DATA > $sigfile 2>/dev/null || \
+			fail "sign using $t / $h failed"
+		(printf "$sig_principal " ; cat $pubkey) > $OBJ/allowed_signers
+		${SSHKEYGEN} -vvv -Y verify -s $sigfile -n $sig_namespace \
+		    -I $sig_principal -f $OBJ/allowed_signers \
+		    < $DATA >/dev/null 2>&1 || \
+			fail "failed signature for $t / $h key"
+	done
 
 	(printf "$sig_principal namespaces=\"$sig_namespace,whatever\" ";
 	 cat $pubkey) > $OBJ/allowed_signers
@@ -146,6 +159,26 @@ for t in $SIGNKEYS; do
 		< $DATA >/dev/null 2>&1 && \
 		fail "failed signature for $t with expired key"
 
+	# key lifespan valid
+	${SSHKEYGEN} -vvv -Y find-principals -s $sigfile \
+		-Overify-time="19850101" \
+		-f $OBJ/allowed_signers >/dev/null 2>&1 || \
+		fail "failed find-principals for $t key with valid expiry interval"
+	# key not yet valid
+	${SSHKEYGEN} -vvv -Y find-principals -s $sigfile \
+		-Overify-time="19790101" \
+		-f $OBJ/allowed_signers >/dev/null 2>&1 && \
+		fail "failed find-principals for $t not-yet-valid key"
+	# key expired
+	${SSHKEYGEN} -vvv -Y find-principals -s $sigfile \
+		-Overify-time="19990101" \
+		-f $OBJ/allowed_signers >/dev/null 2>&1 && \
+		fail "failed find-principals for $t with expired key"
+	# NB. assumes we're not running this test in the 1980s
+	${SSHKEYGEN} -vvv -Y find-principals -s $sigfile \
+		-f $OBJ/allowed_signers >/dev/null 2>&1 && \
+		fail "failed find-principals for $t with expired key"
+
 	# public key in revoked keys file
 	cat $pubkey > $OBJ/revoked_keys
 	(printf "$sig_principal namespaces=\"whatever\" " ;
@@ -175,6 +208,24 @@ for t in $SIGNKEYS; do
 		< $DATA2 >/dev/null 2>&1 && \
 		fail "succeeded checking signature for $t key with invalid data"
 
+	# find-principals with valid public key
+	(printf "$sig_principal " ; cat $pubkey) > $OBJ/allowed_signers
+	${SSHKEYGEN} -vvv -Y find-principals -s $sigfile -f $OBJ/allowed_signers >/dev/null 2>&1 || \
+		fail "failed to find valid principals in allowed_signers"
+
+	# find-principals with wrong key not in allowed_signers
+	(printf "$sig_principal " ; cat $WRONG) > $OBJ/allowed_signers
+	${SSHKEYGEN} -vvv -Y find-principals -s $sigfile -f $OBJ/allowed_signers >/dev/null 2>&1 && \
+		fail "succeeded finding principal with invalid signers file"
+
+	# find-principals with a configured namespace but none on command-line
+	(printf "$sig_principal " ;
+	 printf "namespaces=\"test1,test2\" ";
+	 cat $pubkey) > $OBJ/allowed_signers
+	${SSHKEYGEN} -vvv -Y find-principals -s $sigfile \
+	    -f $OBJ/allowed_signers >/dev/null 2>&1 || \
+		fail "failed finding principal when namespaces are configured"
+
 	# Check signing keys using ssh-agent.
 	${SSHADD} -D >/dev/null 2>&1 # Remove all previously-loaded keys.
 	${SSHADD} ${privkey} > /dev/null 2>&1 || fail "ssh-add failed"
@@ -192,21 +243,122 @@ for t in $SIGNKEYS; do
 	# Move private key back
 	mv ${privkey}.tmp ${privkey}
 
+	# Duplicate principals & keys in allowed_signers but with different validities
+	( printf "$sig_principal " ;
+	  printf "valid-after=\"19800101\",valid-before=\"19900101\" " ;
+	  cat $pubkey;
+	  printf "${sig_principal} " ;
+	  printf "valid-after=\"19850101\",valid-before=\"20000101\" " ;
+	  cat $pubkey) > $OBJ/allowed_signers
+
+	# find-principals outside of any validity lifespan
+	${SSHKEYGEN} -vvv -Y find-principals -s $sigfile \
+		-Overify-time="20100101" \
+		-f $OBJ/allowed_signers >/dev/null 2>&1 && \
+		fail "succeeded find-principals for $t verify-time outside of validity"
+	# find-principals matching only the first lifespan
+	${SSHKEYGEN} -vvv -Y find-principals -s $sigfile \
+		-Overify-time="19830101" \
+		-f $OBJ/allowed_signers >/dev/null 2>&1 || \
+		fail "failed find-principals for $t verify-time within first span"
+	# find-principals matching both lifespans
+	${SSHKEYGEN} -vvv -Y find-principals -s $sigfile \
+		-Overify-time="19880101" \
+		-f $OBJ/allowed_signers >/dev/null 2>&1 || \
+		fail "failed find-principals for $t verify-time within both spans"
+	# find-principals matching only the second lifespan
+	${SSHKEYGEN} -vvv -Y find-principals -s $sigfile \
+		-Overify-time="19950101" \
+		-f $OBJ/allowed_signers >/dev/null 2>&1 || \
+		fail "failed find-principals for $t verify-time within second span"
+
+	# verify outside of any validity lifespan
+	${SSHKEYGEN} -vvv -Y verify -s $sigfile -n $sig_namespace \
+		-Overify-time="20100101" -I $sig_principal \
+		-r $OBJ/revoked_keys -f $OBJ/allowed_signers \
+		< $DATA >/dev/null 2>&1 && \
+		fail "succeeded verify for $t verify-time outside of validity"
+	# verify matching only the first lifespan
+	${SSHKEYGEN} -vvv -Y verify -s $sigfile -n $sig_namespace \
+		-Overify-time="19830101" -I $sig_principal \
+		-r $OBJ/revoked_keys -f $OBJ/allowed_signers \
+		< $DATA >/dev/null 2>&1 || \
+		fail "failed verify for $t verify-time within first span"
+	# verify matching both lifespans
+	${SSHKEYGEN} -vvv -Y verify -s $sigfile -n $sig_namespace \
+		-Overify-time="19880101" -I $sig_principal \
+		-r $OBJ/revoked_keys -f $OBJ/allowed_signers \
+		< $DATA >/dev/null 2>&1 || \
+		fail "failed verify for $t verify-time within both spans"
+	# verify matching only the second lifespan
+	${SSHKEYGEN} -vvv -Y verify -s $sigfile -n $sig_namespace \
+		-Overify-time="19950101" -I $sig_principal \
+		-r $OBJ/revoked_keys -f $OBJ/allowed_signers \
+		< $DATA >/dev/null 2>&1 || \
+		fail "failed verify for $t verify-time within second span"
+
 	# Remaining tests are for certificates only.
 	case "$keybase" in
 		*-cert) ;;
 		*) continue ;;
 	esac
 
+	# Check key lifespan on find-principals when using the CA
+	( printf "$sig_principal " ;
+	  printf "cert-authority,valid-after=\"19800101\",valid-before=\"19900101\" ";
+	  cat $CA_PUB) > $OBJ/allowed_signers
+	# key lifespan valid
+	${SSHKEYGEN} -vvv -Y find-principals -s $sigfile \
+		-Overify-time="19850101" \
+		-f $OBJ/allowed_signers >/dev/null 2>&1 || \
+		fail "failed find-principals for $t key with valid expiry interval"
+	# key not yet valid
+	${SSHKEYGEN} -vvv -Y find-principals -s $sigfile \
+		-Overify-time="19790101" \
+		-f $OBJ/allowed_signers >/dev/null 2>&1 && \
+		fail "failed find-principals for $t not-yet-valid key"
+	# key expired
+	${SSHKEYGEN} -vvv -Y find-principals -s $sigfile \
+		-Overify-time="19990101" \
+		-f $OBJ/allowed_signers >/dev/null 2>&1 && \
+		fail "failed find-principals for $t with expired key"
+	# NB. assumes we're not running this test in the 1980s
+	${SSHKEYGEN} -vvv -Y find-principals -s $sigfile \
+		-f $OBJ/allowed_signers >/dev/null 2>&1 && \
+		fail "failed find-principals for $t with expired key"
 
 	# correct CA key
 	(printf "$sig_principal cert-authority " ;
 	 cat $CA_PUB) > $OBJ/allowed_signers
 	${SSHKEYGEN} -vvv -Y verify -s $sigfile -n $sig_namespace \
 		-I $sig_principal -f $OBJ/allowed_signers \
+		-Overify-time=19850101 \
 		< $DATA >/dev/null 2>&1 || \
 		fail "failed signature for $t cert"
 
+	# find-principals
+	${SSHKEYGEN} -vvv -Y find-principals -s $sigfile \
+		-Overify-time=19850101 \
+		-f $OBJ/allowed_signers >/dev/null 2>&1 || \
+		fail "failed find-principals for $t with ca key"
+
+	# CA with wildcard principal
+	(printf "*@example.com cert-authority " ;
+	 cat $CA_PUB) > $OBJ/allowed_signers
+	# find-principals CA with wildcard principal
+	${SSHKEYGEN} -vvv -Y find-principals -s $sigfile \
+		-Overify-time=19850101 \
+		-f $OBJ/allowed_signers 2>/dev/null | \
+		fgrep "$sig_principal" >/dev/null || \
+		fail "failed find-principals for $t with ca key using wildcard principal"
+
+	# verify CA with wildcard principal
+	${SSHKEYGEN} -vvv -Y verify -s $sigfile -n $sig_namespace \
+		-I $sig_principal -f $OBJ/allowed_signers \
+		-Overify-time=19850101 \
+		< $DATA >/dev/null 2>&1 || \
+		fail "failed signature for $t cert using wildcard principal"
+
 	# signing key listed as cert-authority
 	(printf "$sig_principal cert-authority " ;
 	 cat $pubkey) > $OBJ/allowed_signers
@@ -229,6 +381,94 @@ for t in $SIGNKEYS; do
 		-I $sig_principal -f $OBJ/allowed_signers \
 		< $DATA >/dev/null 2>&1 && \
 		fail "accepted signature for $t cert with wrong principal"
+
+	# Cert valid but CA revoked
+	cat $CA_PUB > $OBJ/revoked_keys
+	(printf "$sig_principal " ; cat $pubkey) > $OBJ/allowed_signers
+	${SSHKEYGEN} -vvv -Y verify -s $sigfile -n $sig_namespace \
+		-I $sig_principal -f $OBJ/allowed_signers \
+		-r $OBJ/revoked_keys \
+		< $DATA >/dev/null 2>&1 && \
+		fail "accepted signature for $t key, but CA key in revoked_keys"
+
+	# Set lifespan of CA key and verify signed user certs behave accordingly
+	( printf "$sig_principal " ;
+	  printf "cert-authority,valid-after=\"19800101\",valid-before=\"19900101\" " ;
+	  cat $CA_PUB) > $OBJ/allowed_signers
+
+	# CA key lifespan valid
+	${SSHKEYGEN} -vvv -Y verify -s $sigfile -n $sig_namespace \
+		-I $sig_principal -f $OBJ/allowed_signers \
+		-Overify-time=19850101 \
+		< $DATA >/dev/null 2>&1 >/dev/null 2>&1 || \
+		fail "failed signature for $t key with valid CA expiry interval"
+	# CA lifespan is valid but user key not yet valid
+	${SSHKEYGEN} -vvv -Y verify -s $sigfile -n $sig_namespace \
+		-I $sig_principal -f $OBJ/allowed_signers \
+		-Overify-time=19810101 \
+		< $DATA >/dev/null 2>&1 && \
+		fail "accepted signature for $t key with valid CA expiry interval but not yet valid cert"
+	# CA lifespan is valid but user key expired
+	${SSHKEYGEN} -vvv -Y verify -s $sigfile -n $sig_namespace \
+		-I $sig_principal -f $OBJ/allowed_signers \
+		-Overify-time=19890101 \
+		< $DATA >/dev/null 2>&1 && \
+		fail "accepted signature for $t key with valid CA expiry interval but expired cert"
+	# CA key not yet valid
+	${SSHKEYGEN} -vvv -Y verify -s $sigfile -n $sig_namespace \
+		-I $sig_principal -f $OBJ/allowed_signers \
+		-Overify-time=19790101 \
+		< $DATA >/dev/null 2>&1 && \
+		fail "accepted signature for $t not-yet-valid CA key"
+	# CA key expired
+	${SSHKEYGEN} -vvv -Y verify -s $sigfile -n $sig_namespace \
+		-I $sig_principal -f $OBJ/allowed_signers \
+		-Overify-time=19910101 \
+		< $DATA >/dev/null 2>&1 && \
+		fail "accepted signature for $t with expired CA key"
+	# NB. assumes we're not running this test in the 1980s
+	${SSHKEYGEN} -vvv -Y verify -s $sigfile -n $sig_namespace \
+		-I $sig_principal -f $OBJ/allowed_signers \
+		< $DATA >/dev/null 2>&1 && \
+		fail "accepted signature for $t with expired CA key"
+
+	# Set lifespan of CA outside of the cert validity
+	( printf "$sig_principal " ;
+	  printf "cert-authority,valid-after=\"19800101\",valid-before=\"19820101\" " ;
+	  cat $CA_PUB) > $OBJ/allowed_signers
+	# valid cert validity but expired CA
+	${SSHKEYGEN} -vvv -Y verify -s $sigfile -n $sig_namespace \
+		-I $sig_principal -f $OBJ/allowed_signers \
+		-Overify-time=19840101 \
+		< $DATA >/dev/null 2>&1 && \
+		fail "accepted signature for $t key with expired CA but valid cert"
+
+done
+
+# Test key independant match-principals
+(
+	printf "principal1 " ; cat $pubkey;
+	printf "princi* " ; cat $pubkey;
+	printf "unique " ; cat $pubkey;
+) > $OBJ/allowed_signers
+
+verbose "$tid: match principals"
+${SSHKEYGEN} -Y match-principals -f $OBJ/allowed_signers -I "unique" | \
+    fgrep "unique" >/dev/null || \
+	fail "faild to match static principal"
+
+${SSHKEYGEN} -Y match-principals -f $OBJ/allowed_signers -I "princip" | \
+    fgrep "princi*" >/dev/null || \
+	fail "faild to match wildcard principal"
+
+${SSHKEYGEN} -Y match-principals -f $OBJ/allowed_signers -I "principal1" | \
+    fgrep -e "principal1" -e "princi*" >/dev/null || \
+	fail "faild to match static and wildcard principal"
+verbose "$tid: nomatch principals"
+for x in princ prince unknown ; do
+	${SSHKEYGEN} -Y match-principals -f $OBJ/allowed_signers \
+	    -I $x >/dev/null 2>&1 && \
+		fail "succeeded to match unknown principal \"$x\""
 done
 
 trace "kill agent"
diff --git a/regress/test-exec.sh b/regress/test-exec.sh
index 415422ef5573..9fb02d1cbc8c 100644
--- a/regress/test-exec.sh
+++ b/regress/test-exec.sh
@@ -1,4 +1,4 @@
-#	$OpenBSD: test-exec.sh,v 1.87 2021/09/01 00:50:27 dtucker Exp $
+#	$OpenBSD: test-exec.sh,v 1.89 2022/01/06 22:14:25 dtucker Exp $
 #	Placed in the Public Domain.
 
 #SUDO=sudo
@@ -262,6 +262,7 @@ fi
 SSHLOGWRAP=$OBJ/ssh-log-wrapper.sh
 cat >$SSHLOGWRAP <<EOD
 #!/bin/sh
+echo "Executing: ${SSH} \$@" >>${TEST_SSH_LOGFILE}
 for i in "\$@";do shift;case "\$i" in -q):;; *) set -- "\$@" "\$i";;esac;done
 exec ${SSH} -E${TEST_SSH_LOGFILE} "\$@"
 EOD
@@ -313,6 +314,12 @@ have_prog()
 jot() {
 	awk "BEGIN { for (i = $2; i < $2 + $1; i++) { printf \"%d\n\", i } exit }"
 }
+if [ ! -x "`which rev`" ]; then
+rev()
+{
+	awk '{for (i=length; i>0; i--) printf "%s", substr($0, i, 1); print ""}'
+}
+fi
 
 # Check whether preprocessor symbols are defined in config.h.
 config_defined ()
@@ -549,7 +556,6 @@ Host *
 	UserKnownHostsFile	$OBJ/known_hosts
 	PubkeyAuthentication	yes
 	ChallengeResponseAuthentication	no
-	HostbasedAuthentication	no
 	PasswordAuthentication	no
 	BatchMode		yes
 	StrictHostKeyChecking	yes
@@ -568,6 +574,8 @@ if ! config_defined ENABLE_SK; then
 	trace skipping sk-dummy
 elif [ -f "${SRC}/misc/sk-dummy/obj/sk-dummy.so" ] ; then
 	SSH_SK_PROVIDER="${SRC}/misc/sk-dummy/obj/sk-dummy.so"
+elif [ -f "${OBJ}/misc/sk-dummy/sk-dummy.so" ] ; then
+	SSH_SK_PROVIDER="${OBJ}/misc/sk-dummy/sk-dummy.so"
 elif [ -f "${SRC}/misc/sk-dummy/sk-dummy.so" ] ; then
 	SSH_SK_PROVIDER="${SRC}/misc/sk-dummy/sk-dummy.so"
 fi
@@ -712,6 +720,24 @@ start_sshd ()
 cleanup
 
 if [ "x$USE_VALGRIND" != "x" ]; then
+	# If there is an EXIT trap handler, invoke it now.
+	# Some tests set these to clean up processes such as ssh-agent.  We
+	# need to wait for all valgrind processes to complete so we can check
+	# their logs, but since the EXIT traps are not invoked until
+	# test-exec.sh exits, waiting here will deadlock.
+	# This is not very portable but then neither is valgrind itself.
+	# As a bonus, dash (as used on the runners) has a "trap" that doesn't
+	# work in a pipeline (hence the temp file) or a subshell.
+	exithandler=""
+	trap >/tmp/trap.$$ && exithandler=$(cat /tmp/trap.$$ | \
+	    awk -F "'" '/EXIT$/{print $2}')
+	rm -f /tmp/trap.$$
+	if [ "x${exithandler}" != "x" ]; then
+		verbose invoking EXIT trap handler early: ${exithandler}
+		eval "${exithandler}"
+		trap '' EXIT
+	fi
+
 	# wait for any running process to complete
 	wait; sleep 1
 	VG_RESULTS=$(find $OBJ/valgrind-out -type f -print)
diff --git a/regress/unittests/authopt/tests.c b/regress/unittests/authopt/tests.c
index 9873c09c6545..d9e190305e76 100644
--- a/regress/unittests/authopt/tests.c
+++ b/regress/unittests/authopt/tests.c
@@ -1,4 +1,4 @@
-/* 	$OpenBSD: tests.c,v 1.2 2021/07/24 01:54:23 djm Exp $ */
+/* 	$OpenBSD: tests.c,v 1.3 2021/12/14 21:25:27 deraadt Exp $ */
 
 /*
  * Regress test for keys options functions.
@@ -9,7 +9,6 @@
 #include "includes.h"
 
 #include <sys/types.h>
-#include <sys/param.h>
 #include <stdio.h>
 #ifdef HAVE_STDINT_H
 #include <stdint.h>
diff --git a/regress/unittests/bitmap/tests.c b/regress/unittests/bitmap/tests.c
index f66a4ce46a56..576b863f4066 100644
--- a/regress/unittests/bitmap/tests.c
+++ b/regress/unittests/bitmap/tests.c
@@ -1,4 +1,4 @@
-/* 	$OpenBSD: tests.c,v 1.1 2015/01/15 07:36:28 djm Exp $ */
+/* 	$OpenBSD: tests.c,v 1.2 2021/12/14 21:25:27 deraadt Exp $ */
 /*
  * Regress test for bitmap.h bitmap API
  *
@@ -8,7 +8,6 @@
 #include "includes.h"
 
 #include <sys/types.h>
-#include <sys/param.h>
 #include <stdio.h>
 #ifdef HAVE_STDINT_H
 #include <stdint.h>
diff --git a/regress/unittests/conversion/tests.c b/regress/unittests/conversion/tests.c
index bbdc5f5a7cb1..5b526f7afa07 100644
--- a/regress/unittests/conversion/tests.c
+++ b/regress/unittests/conversion/tests.c
@@ -1,4 +1,4 @@
-/* 	$OpenBSD: tests.c,v 1.3 2021/01/18 11:43:34 dtucker Exp $ */
+/* 	$OpenBSD: tests.c,v 1.4 2021/12/14 21:25:27 deraadt Exp $ */
 /*
  * Regress test for conversions
  *
@@ -8,7 +8,6 @@
 #include "includes.h"
 
 #include <sys/types.h>
-#include <sys/param.h>
 #include <stdio.h>
 #ifdef HAVE_STDINT_H
 #include <stdint.h>
diff --git a/regress/unittests/hostkeys/test_iterate.c b/regress/unittests/hostkeys/test_iterate.c
index a5b17d7e4056..84f26b5c72f5 100644
--- a/regress/unittests/hostkeys/test_iterate.c
+++ b/regress/unittests/hostkeys/test_iterate.c
@@ -1,4 +1,4 @@
-/* 	$OpenBSD: test_iterate.c,v 1.7 2020/12/21 01:31:06 djm Exp $ */
+/* 	$OpenBSD: test_iterate.c,v 1.8 2021/12/14 21:25:27 deraadt Exp $ */
 /*
  * Regress test for hostfile.h hostkeys_foreach()
  *
@@ -8,7 +8,6 @@
 #include "includes.h"
 
 #include <sys/types.h>
-#include <sys/param.h>
 #include <stdio.h>
 #ifdef HAVE_STDINT_H
 #include <stdint.h>
diff --git a/regress/unittests/kex/test_kex.c b/regress/unittests/kex/test_kex.c
index 3bd71a9f4d56..c26761ee7c48 100644
--- a/regress/unittests/kex/test_kex.c
+++ b/regress/unittests/kex/test_kex.c
@@ -1,4 +1,4 @@
-/* 	$OpenBSD: test_kex.c,v 1.5 2020/12/29 01:02:15 djm Exp $ */
+/* 	$OpenBSD: test_kex.c,v 1.6 2021/12/14 21:25:27 deraadt Exp $ */
 /*
  * Regress test KEX
  *
@@ -8,7 +8,6 @@
 #include "includes.h"
 
 #include <sys/types.h>
-#include <sys/param.h>
 #include <stdio.h>
 #ifdef HAVE_STDINT_H
 #include <stdint.h>
diff --git a/regress/unittests/match/tests.c b/regress/unittests/match/tests.c
index 4fefaf4f3756..f00d1f9348fc 100644
--- a/regress/unittests/match/tests.c
+++ b/regress/unittests/match/tests.c
@@ -1,4 +1,4 @@
-/* 	$OpenBSD: tests.c,v 1.7 2020/07/15 06:43:16 dtucker Exp $ */
+/* 	$OpenBSD: tests.c,v 1.8 2021/12/14 21:25:27 deraadt Exp $ */
 /*
  * Regress test for matching functions
  *
@@ -8,7 +8,6 @@
 #include "includes.h"
 
 #include <sys/types.h>
-#include <sys/param.h>
 #include <stdio.h>
 #ifdef HAVE_STDINT_H
 #include <stdint.h>
diff --git a/regress/unittests/misc/test_argv.c b/regress/unittests/misc/test_argv.c
index 2cfebf2d9588..682863e73ba9 100644
--- a/regress/unittests/misc/test_argv.c
+++ b/regress/unittests/misc/test_argv.c
@@ -1,4 +1,4 @@
-/* 	$OpenBSD: test_argv.c,v 1.3 2021/06/08 07:40:12 djm Exp $ */
+/* 	$OpenBSD: test_argv.c,v 1.4 2021/12/14 21:25:27 deraadt Exp $ */
 /*
  * Regress test for misc argv handling functions.
  *
@@ -8,7 +8,6 @@
 #include "includes.h"
 
 #include <sys/types.h>
-#include <sys/param.h>
 #include <stdio.h>
 #ifdef HAVE_STDINT_H
 #include <stdint.h>
diff --git a/regress/unittests/misc/test_convtime.c b/regress/unittests/misc/test_convtime.c
index 8f9be89ff900..ef6fd77deda5 100644
--- a/regress/unittests/misc/test_convtime.c
+++ b/regress/unittests/misc/test_convtime.c
@@ -1,4 +1,4 @@
-/* 	$OpenBSD: test_convtime.c,v 1.1 2021/03/19 03:25:01 djm Exp $ */
+/* 	$OpenBSD: test_convtime.c,v 1.2 2021/12/14 21:25:27 deraadt Exp $ */
 /*
  * Regress test for misc time conversion functions.
  *
@@ -8,7 +8,7 @@
 #include "includes.h"
 
 #include <sys/types.h>
-#include <sys/param.h>
+#include <limits.h>
 #include <stdio.h>
 #ifdef HAVE_STDINT_H
 #include <stdint.h>
diff --git a/regress/unittests/misc/test_expand.c b/regress/unittests/misc/test_expand.c
index 513c69bce4e2..6f2cd8adbedd 100644
--- a/regress/unittests/misc/test_expand.c
+++ b/regress/unittests/misc/test_expand.c
@@ -1,4 +1,4 @@
-/* 	$OpenBSD: test_expand.c,v 1.2 2021/04/06 09:07:33 dtucker Exp $ */
+/* 	$OpenBSD: test_expand.c,v 1.3 2021/12/14 21:25:27 deraadt Exp $ */
 /*
  * Regress test for misc string expansion functions.
  *
@@ -8,7 +8,6 @@
 #include "includes.h"
 
 #include <sys/types.h>
-#include <sys/param.h>
 #include <stdio.h>
 #ifdef HAVE_STDINT_H
 #include <stdint.h>
diff --git a/regress/unittests/misc/test_hpdelim.c b/regress/unittests/misc/test_hpdelim.c
new file mode 100644
index 000000000000..d423023dc3d2
--- /dev/null
+++ b/regress/unittests/misc/test_hpdelim.c
@@ -0,0 +1,82 @@
+/* 	$OpenBSD: test_hpdelim.c,v 1.2 2022/02/06 22:58:33 dtucker Exp $ */
+/*
+ * Regress test for misc hpdelim() and co
+ *
+ * Placed in the public domain.
+ */
+
+#include "includes.h"
+
+#include <sys/types.h>
+#include <stdio.h>
+#ifdef HAVE_STDINT_H
+#include <stdint.h>
+#endif
+#include <stdlib.h>
+#include <string.h>
+
+#include "../test_helper/test_helper.h"
+
+#include "log.h"
+#include "misc.h"
+#include "xmalloc.h"
+
+void test_hpdelim(void);
+
+void
+test_hpdelim(void)
+{
+	char *orig, *str, *cp, *port;
+
+#define START_STRING(x)	orig = str = xstrdup(x)
+#define DONE_STRING()	free(orig)
+
+	TEST_START("hpdelim host only");
+	START_STRING("host");
+	cp = hpdelim(&str);
+	ASSERT_STRING_EQ(cp, "host");
+	ASSERT_PTR_EQ(str, NULL);
+	DONE_STRING();
+	TEST_DONE();
+
+	TEST_START("hpdelim :port");
+	START_STRING(":1234");
+	cp = hpdelim(&str);
+	ASSERT_STRING_EQ(cp, "");
+	ASSERT_PTR_NE(str, NULL);
+	port = hpdelim(&str);
+	ASSERT_STRING_EQ(port, "1234");
+	ASSERT_PTR_EQ(str, NULL);
+	DONE_STRING();
+	TEST_DONE();
+
+	TEST_START("hpdelim host:port");
+	START_STRING("host:1234");
+	cp = hpdelim(&str);
+	ASSERT_STRING_EQ(cp, "host");
+	ASSERT_PTR_NE(str, NULL);
+	port = hpdelim(&str);
+	ASSERT_STRING_EQ(port, "1234");
+	ASSERT_PTR_EQ(str, NULL);
+	DONE_STRING();
+	TEST_DONE();
+
+	TEST_START("hpdelim [host]:port");
+	START_STRING("[::1]:1234");
+	cp = hpdelim(&str);
+	ASSERT_STRING_EQ(cp, "[::1]");
+	ASSERT_PTR_NE(str, NULL);
+	port = hpdelim(&str);
+	ASSERT_STRING_EQ(port, "1234");
+	ASSERT_PTR_EQ(str, NULL);
+	DONE_STRING();
+	TEST_DONE();
+
+	TEST_START("hpdelim missing ] error");
+	START_STRING("[::1:1234");
+	cp = hpdelim(&str);
+	ASSERT_PTR_EQ(cp, NULL);
+	DONE_STRING();
+	TEST_DONE();
+
+}
diff --git a/regress/unittests/misc/test_parse.c b/regress/unittests/misc/test_parse.c
index 727ff3dea9d7..1f1ea31d149c 100644
--- a/regress/unittests/misc/test_parse.c
+++ b/regress/unittests/misc/test_parse.c
@@ -1,4 +1,4 @@
-/* 	$OpenBSD: test_parse.c,v 1.1 2021/03/19 03:25:01 djm Exp $ */
+/* 	$OpenBSD: test_parse.c,v 1.2 2021/12/14 21:25:27 deraadt Exp $ */
 /*
  * Regress test for misc user/host/URI parsing functions.
  *
@@ -8,7 +8,6 @@
 #include "includes.h"
 
 #include <sys/types.h>
-#include <sys/param.h>
 #include <stdio.h>
 #ifdef HAVE_STDINT_H
 #include <stdint.h>
diff --git a/regress/unittests/misc/test_strdelim.c b/regress/unittests/misc/test_strdelim.c
index 1d9133d4b31b..f7bea4bfe8f7 100644
--- a/regress/unittests/misc/test_strdelim.c
+++ b/regress/unittests/misc/test_strdelim.c
@@ -1,4 +1,4 @@
-/* 	$OpenBSD: test_strdelim.c,v 1.2 2021/05/21 03:59:01 djm Exp $ */
+/* 	$OpenBSD: test_strdelim.c,v 1.3 2021/12/14 21:25:27 deraadt Exp $ */
 /*
  * Regress test for misc strdelim() and co
  *
@@ -8,7 +8,6 @@
 #include "includes.h"
 
 #include <sys/types.h>
-#include <sys/param.h>
 #include <stdio.h>
 #ifdef HAVE_STDINT_H
 #include <stdint.h>
diff --git a/regress/unittests/misc/tests.c b/regress/unittests/misc/tests.c
index b0b7cd4332e3..d52490e3b3ce 100644
--- a/regress/unittests/misc/tests.c
+++ b/regress/unittests/misc/tests.c
@@ -1,4 +1,4 @@
-/* 	$OpenBSD: tests.c,v 1.7 2021/05/21 03:48:07 djm Exp $ */
+/* 	$OpenBSD: tests.c,v 1.9 2022/02/04 07:53:44 dtucker Exp $ */
 /*
  * Regress test for misc helper functions.
  *
@@ -8,7 +8,6 @@
 #include "includes.h"
 
 #include <sys/types.h>
-#include <sys/param.h>
 #include <stdio.h>
 #ifdef HAVE_STDINT_H
 #include <stdint.h>
@@ -26,6 +25,7 @@ void test_convtime(void);
 void test_expand(void);
 void test_argv(void);
 void test_strdelim(void);
+void test_hpdelim(void);
 
 void
 tests(void)
@@ -35,4 +35,5 @@ tests(void)
 	test_expand();
 	test_argv();
 	test_strdelim();
+	test_hpdelim();
 }
diff --git a/regress/unittests/sshbuf/test_sshbuf.c b/regress/unittests/sshbuf/test_sshbuf.c
index ee77d6934a4d..e22b390fe33d 100644
--- a/regress/unittests/sshbuf/test_sshbuf.c
+++ b/regress/unittests/sshbuf/test_sshbuf.c
@@ -1,4 +1,4 @@
-/* 	$OpenBSD: test_sshbuf.c,v 1.1 2014/04/30 05:32:00 djm Exp $ */
+/* 	$OpenBSD: test_sshbuf.c,v 1.2 2021/12/14 21:25:27 deraadt Exp $ */
 /*
  * Regress test for sshbuf.h buffer API
  *
@@ -9,7 +9,6 @@
 #include "includes.h"
 
 #include <sys/types.h>
-#include <sys/param.h>
 #include <stdio.h>
 #ifdef HAVE_STDINT_H
 # include <stdint.h>
@@ -24,6 +23,10 @@
 
 void sshbuf_tests(void);
 
+#ifndef roundup
+#define roundup(x, y)   ((((x)+((y)-1))/(y))*(y))
+#endif
+
 void
 sshbuf_tests(void)
 {
diff --git a/regress/unittests/sshbuf/test_sshbuf_fixed.c b/regress/unittests/sshbuf/test_sshbuf_fixed.c
index df4925f7c6f6..dff77f042152 100644
--- a/regress/unittests/sshbuf/test_sshbuf_fixed.c
+++ b/regress/unittests/sshbuf/test_sshbuf_fixed.c
@@ -1,4 +1,4 @@
-/* 	$OpenBSD: test_sshbuf_fixed.c,v 1.1 2014/04/30 05:32:00 djm Exp $ */
+/* 	$OpenBSD: test_sshbuf_fixed.c,v 1.2 2021/12/14 21:25:27 deraadt Exp $ */
 /*
  * Regress test for sshbuf.h buffer API
  *
@@ -9,7 +9,6 @@
 #include "includes.h"
 
 #include <sys/types.h>
-#include <sys/param.h>
 #include <stdio.h>
 #ifdef HAVE_STDINT_H
 # include <stdint.h>
diff --git a/regress/unittests/sshbuf/test_sshbuf_fuzz.c b/regress/unittests/sshbuf/test_sshbuf_fuzz.c
index e236c82f96fc..c0b809dcde1b 100644
--- a/regress/unittests/sshbuf/test_sshbuf_fuzz.c
+++ b/regress/unittests/sshbuf/test_sshbuf_fuzz.c
@@ -1,4 +1,4 @@
-/* 	$OpenBSD: test_sshbuf_fuzz.c,v 1.2 2018/10/17 23:28:05 djm Exp $ */
+/* 	$OpenBSD: test_sshbuf_fuzz.c,v 1.4 2021/12/18 06:53:59 anton Exp $ */
 /*
  * Regress test for sshbuf.h buffer API
  *
@@ -8,7 +8,6 @@
 #include "includes.h"
 
 #include <sys/types.h>
-#include <sys/param.h>
 #include <stdio.h>
 #ifdef HAVE_STDINT_H
 # include <stdint.h>
@@ -46,7 +45,7 @@ sshbuf_fuzz_tests(void)
 	ASSERT_PTR_NE(p1, NULL);
 	ASSERT_PTR_NE(sshbuf_ptr(p1), NULL);
 	ASSERT_MEM_ZERO_NE(sshbuf_ptr(p1), sshbuf_len(p1));
-	for (i = 0; i < NUM_FUZZ_TESTS; i++) {
+	for (i = 0; i < ntests; i++) {
 		r = arc4random_uniform(10);
 		if (r == 0) {
 			/* 10% chance: small reserve */
diff --git a/regress/unittests/sshbuf/test_sshbuf_getput_basic.c b/regress/unittests/sshbuf/test_sshbuf_getput_basic.c
index bea89881a463..3da413edd35c 100644
--- a/regress/unittests/sshbuf/test_sshbuf_getput_basic.c
+++ b/regress/unittests/sshbuf/test_sshbuf_getput_basic.c
@@ -1,4 +1,4 @@
-/* 	$OpenBSD: test_sshbuf_getput_basic.c,v 1.2 2019/07/14 23:33:19 djm Exp $ */
+/* 	$OpenBSD: test_sshbuf_getput_basic.c,v 1.3 2021/12/14 21:25:27 deraadt Exp $ */
 /*
  * Regress test for sshbuf.h buffer API
  *
@@ -8,7 +8,6 @@
 #include "includes.h"
 
 #include <sys/types.h>
-#include <sys/param.h>
 #include <stdio.h>
 #ifdef HAVE_STDINT_H
 # include <stdint.h>
diff --git a/regress/unittests/sshbuf/test_sshbuf_getput_crypto.c b/regress/unittests/sshbuf/test_sshbuf_getput_crypto.c
index 492b3bdf0627..e3620e97fe99 100644
--- a/regress/unittests/sshbuf/test_sshbuf_getput_crypto.c
+++ b/regress/unittests/sshbuf/test_sshbuf_getput_crypto.c
@@ -1,4 +1,4 @@
-/* 	$OpenBSD: test_sshbuf_getput_crypto.c,v 1.2 2019/01/21 12:29:35 djm Exp $ */
+/* 	$OpenBSD: test_sshbuf_getput_crypto.c,v 1.3 2021/12/14 21:25:27 deraadt Exp $ */
 /*
  * Regress test for sshbuf.h buffer API
  *
@@ -10,7 +10,6 @@
 #ifdef WITH_OPENSSL
 
 #include <sys/types.h>
-#include <sys/param.h>
 #include <stdio.h>
 #ifdef HAVE_STDINT_H
 # include <stdint.h>
diff --git a/regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c b/regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c
index 1ca30be973ce..3b4895895ef1 100644
--- a/regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c
+++ b/regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c
@@ -1,4 +1,4 @@
-/* 	$OpenBSD: test_sshbuf_getput_fuzz.c,v 1.4 2019/01/21 12:29:35 djm Exp $ */
+/* 	$OpenBSD: test_sshbuf_getput_fuzz.c,v 1.5 2021/12/14 21:25:27 deraadt Exp $ */
 /*
  * Regress test for sshbuf.h buffer API
  *
@@ -8,7 +8,6 @@
 #include "includes.h"
 
 #include <sys/types.h>
-#include <sys/param.h>
 #include <stdio.h>
 #ifdef HAVE_STDINT_H
 # include <stdint.h>
@@ -16,11 +15,13 @@
 #include <stdlib.h>
 #include <string.h>
 
+#ifdef WITH_OPENSSL
 #include <openssl/bn.h>
 #include <openssl/objects.h>
 #ifdef OPENSSL_HAS_NISTP256
 # include <openssl/ec.h>
 #endif
+#endif
 
 #include "../test_helper/test_helper.h"
 #include "ssherr.h"
diff --git a/regress/unittests/sshbuf/test_sshbuf_misc.c b/regress/unittests/sshbuf/test_sshbuf_misc.c
index c53db937f2f1..249ecf235764 100644
--- a/regress/unittests/sshbuf/test_sshbuf_misc.c
+++ b/regress/unittests/sshbuf/test_sshbuf_misc.c
@@ -1,4 +1,4 @@
-/* 	$OpenBSD: test_sshbuf_misc.c,v 1.4 2019/07/16 22:16:49 djm Exp $ */
+/* 	$OpenBSD: test_sshbuf_misc.c,v 1.5 2021/12/14 21:25:27 deraadt Exp $ */
 /*
  * Regress test for sshbuf.h buffer API
  *
@@ -8,7 +8,6 @@
 #include "includes.h"
 
 #include <sys/types.h>
-#include <sys/param.h>
 #include <stdio.h>
 #ifdef HAVE_STDINT_H
 # include <stdint.h>
diff --git a/regress/unittests/sshkey/common.c b/regress/unittests/sshkey/common.c
index effea578c094..51b0d92e1d07 100644
--- a/regress/unittests/sshkey/common.c
+++ b/regress/unittests/sshkey/common.c
@@ -1,4 +1,4 @@
-/* 	$OpenBSD: common.c,v 1.4 2020/01/26 00:09:50 djm Exp $ */
+/* 	$OpenBSD: common.c,v 1.5 2021/12/14 21:25:27 deraadt Exp $ */
 /*
  * Helpers for key API tests
  *
@@ -8,7 +8,6 @@
 #include "includes.h"
 
 #include <sys/types.h>
-#include <sys/param.h>
 #include <sys/stat.h>
 #include <fcntl.h>
 #include <stdio.h>
diff --git a/regress/unittests/sshkey/test_file.c b/regress/unittests/sshkey/test_file.c
index 7d767336ef47..497ab6dded1d 100644
--- a/regress/unittests/sshkey/test_file.c
+++ b/regress/unittests/sshkey/test_file.c
@@ -1,4 +1,4 @@
-/* 	$OpenBSD: test_file.c,v 1.9 2020/06/19 03:48:49 djm Exp $ */
+/* 	$OpenBSD: test_file.c,v 1.10 2021/12/14 21:25:27 deraadt Exp $ */
 /*
  * Regress test for sshkey.h key management API
  *
@@ -8,7 +8,6 @@
 #include "includes.h"
 
 #include <sys/types.h>
-#include <sys/param.h>
 #include <sys/stat.h>
 #include <fcntl.h>
 #include <stdio.h>
@@ -422,6 +421,7 @@ sshkey_file_tests(void)
 
 	sshkey_free(k1);
 
+#ifdef ENABLE_SK
 #if defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC)
 	TEST_START("parse ECDSA-SK from private");
 	buf = load_file("ecdsa_sk1");
@@ -552,6 +552,7 @@ sshkey_file_tests(void)
 	TEST_DONE();
 
 	sshkey_free(k1);
+#endif /* ENABLE_SK */
 
 	sshbuf_free(pw);
 
diff --git a/regress/unittests/sshkey/test_fuzz.c b/regress/unittests/sshkey/test_fuzz.c
index f111446a9398..2fae19dcfe08 100644
--- a/regress/unittests/sshkey/test_fuzz.c
+++ b/regress/unittests/sshkey/test_fuzz.c
@@ -1,4 +1,4 @@
-/* 	$OpenBSD: test_fuzz.c,v 1.12 2020/08/27 03:55:22 djm Exp $ */
+/* 	$OpenBSD: test_fuzz.c,v 1.13 2021/12/14 21:25:27 deraadt Exp $ */
 /*
  * Fuzz tests for key parsing
  *
@@ -8,7 +8,6 @@
 #include "includes.h"
 
 #include <sys/types.h>
-#include <sys/param.h>
 #include <sys/stat.h>
 #include <fcntl.h>
 #include <stdio.h>
@@ -19,6 +18,7 @@
 #include <string.h>
 #include <unistd.h>
 
+#ifdef WITH_OPENSSL
 #include <openssl/bn.h>
 #include <openssl/rsa.h>
 #include <openssl/dsa.h>
@@ -26,6 +26,7 @@
 #ifdef OPENSSL_HAS_NISTP256
 # include <openssl/ec.h>
 #endif
+#endif
 
 #include "../test_helper/test_helper.h"
 
diff --git a/regress/unittests/sshkey/test_sshkey.c b/regress/unittests/sshkey/test_sshkey.c
index 7dc20cc857a5..982907ce7f0c 100644
--- a/regress/unittests/sshkey/test_sshkey.c
+++ b/regress/unittests/sshkey/test_sshkey.c
@@ -1,4 +1,4 @@
-/* 	$OpenBSD: test_sshkey.c,v 1.21 2020/08/27 03:55:22 djm Exp $ */
+/* 	$OpenBSD: test_sshkey.c,v 1.22 2021/12/14 21:25:27 deraadt Exp $ */
 /*
  * Regress test for sshkey.h key management API
  *
@@ -8,7 +8,6 @@
 #include "includes.h"
 
 #include <sys/types.h>
-#include <sys/param.h>
 #include <stdio.h>
 #ifdef HAVE_STDINT_H
 #include <stdint.h>
@@ -16,12 +15,14 @@
 #include <stdlib.h>
 #include <string.h>
 
+#ifdef WITH_OPENSSL
 #include <openssl/bn.h>
 #include <openssl/rsa.h>
 #include <openssl/dsa.h>
 #if defined(OPENSSL_HAS_ECC) && defined(OPENSSL_HAS_NISTP256)
 # include <openssl/ec.h>
 #endif
+#endif
 
 #include "../test_helper/test_helper.h"
 
diff --git a/regress/unittests/sshsig/tests.c b/regress/unittests/sshsig/tests.c
index bf59d58d157e..fdc3baeb7634 100644
--- a/regress/unittests/sshsig/tests.c
+++ b/regress/unittests/sshsig/tests.c
@@ -1,4 +1,4 @@
-/* 	$OpenBSD: tests.c,v 1.2 2020/06/22 06:00:06 djm Exp $ */
+/* 	$OpenBSD: tests.c,v 1.3 2021/12/14 21:25:27 deraadt Exp $ */
 /*
  * Regress test for sshbuf.h buffer API
  *
@@ -8,7 +8,6 @@
 #include "includes.h"
 
 #include <sys/types.h>
-#include <sys/param.h>
 #include <sys/stat.h>
 #include <fcntl.h>
 #include <stdio.h>
@@ -19,8 +18,10 @@
 #include <string.h>
 #include <unistd.h>
 
+#ifdef WITH_OPENSSL
 #include <openssl/evp.h>
 #include <openssl/crypto.h>
+#endif
 
 #include "ssherr.h"
 #include "authfile.h"
@@ -117,6 +118,7 @@ tests(void)
 	check_sig("ed25519.pub", "ed25519.sig", msg, namespace);
 	TEST_DONE();
 
+#ifdef ENABLE_SK
 #if defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC)
 	TEST_START("check ECDSA-SK signature");
 	check_sig("ecdsa_sk.pub", "ecdsa_sk.sig", msg, namespace);
@@ -133,6 +135,7 @@ tests(void)
 	    msg, namespace);
  	TEST_DONE();
 #endif
+#endif /* ENABLE_SK */
 
 	sshbuf_free(msg);
 	free(namespace);
diff --git a/regress/unittests/sshsig/webauthn.html b/regress/unittests/sshsig/webauthn.html
index 1869c8b373cf..5c9a32e9e47f 100644
--- a/regress/unittests/sshsig/webauthn.html
+++ b/regress/unittests/sshsig/webauthn.html
@@ -372,8 +372,8 @@ function enrollStart(username) {
 	let pkopts = {
 		challenge: challenge,
 		rp: {
-			name: "mindrot.org",
-			id: "mindrot.org",
+			name: window.location.host,
+			id: window.location.host,
 		},
 		user: {
 			id: userid,
@@ -590,7 +590,7 @@ async function assertform_submit(event) {
 function assertStart(message) {
 	let assertReqOpts = {
 		challenge: message,
-		rpId: "mindrot.org",
+		rpId: window.location.host,
 		allowCredentials: [{
 			type: 'public-key',
 			id: window.enrollResult.rawId,
diff --git a/regress/unittests/test_helper/test_helper.c b/regress/unittests/test_helper/test_helper.c
index 9014ce8e4d02..6461d7ffc642 100644
--- a/regress/unittests/test_helper/test_helper.c
+++ b/regress/unittests/test_helper/test_helper.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: test_helper.c,v 1.12 2019/08/02 01:41:24 djm Exp $	*/
+/*	$OpenBSD: test_helper.c,v 1.13 2021/12/14 21:25:27 deraadt Exp $	*/
 /*
  * Copyright (c) 2011 Damien Miller <djm@mindrot.org>
  *
@@ -20,7 +20,6 @@
 #include "includes.h"
 
 #include <sys/types.h>
-#include <sys/param.h>
 #include <sys/uio.h>
 
 #include <stdarg.h>
@@ -44,6 +43,8 @@
 # include <vis.h>
 #endif
 
+#define MINIMUM(a, b)    (((a) < (b)) ? (a) : (b))
+
 #include "entropy.h"
 #include "test_helper.h"
 #include "atomicio.h"
@@ -415,8 +416,8 @@ assert_mem(const char *file, int line, const char *a1, const char *a2,
 	r = memcmp(aa1, aa2, l);
 	TEST_CHECK_INT(r, pred);
 	test_header(file, line, a1, a2, "STRING", pred);
-	aa1_tohex = tohex(aa1, MIN(l, 256));
-	aa2_tohex = tohex(aa2, MIN(l, 256));
+	aa1_tohex = tohex(aa1, MINIMUM(l, 256));
+	aa2_tohex = tohex(aa2, MINIMUM(l, 256));
 	fprintf(stderr, "%12s = %s (len %zu)\n", a1, aa1_tohex, l);
 	fprintf(stderr, "%12s = %s (len %zu)\n", a2, aa2_tohex, l);
 	free(aa1_tohex);
@@ -455,7 +456,7 @@ assert_mem_filled(const char *file, int line, const char *a1,
 	r = memvalcmp(aa1, v, l, &where);
 	TEST_CHECK_INT(r, pred);
 	test_header(file, line, a1, NULL, "MEM_ZERO", pred);
-	aa1_tohex = tohex(aa1, MIN(l, 20));
+	aa1_tohex = tohex(aa1, MINIMUM(l, 20));
 	fprintf(stderr, "%20s = %s%s (len %zu)\n", a1,
 	    aa1_tohex, l > 20 ? "..." : "", l);
 	free(aa1_tohex);
diff --git a/rijndael.h b/rijndael.h
index 53e74e0a8126..e04324b61292 100644
--- a/rijndael.h
+++ b/rijndael.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: rijndael.h,v 1.14 2014/04/29 15:42:07 markus Exp $ */
+/*	$OpenBSD: rijndael.h,v 1.15 2021/09/28 11:14:50 dtucker Exp $ */
 
 /**
  * rijndael-alg-fst.h
@@ -38,8 +38,7 @@ typedef unsigned short	u16;
 typedef unsigned int	u32;
 
 int	rijndaelKeySetupEnc(unsigned int [], const unsigned char [], int);
-void	rijndaelEncrypt(const unsigned int [], int, const unsigned char [],
-	    unsigned char []);
+void	rijndaelEncrypt(const unsigned int [], int, const u8 [16], u8 [16]);
 
 /*  The structure for key information */
 typedef struct {
diff --git a/sandbox-capsicum.c b/sandbox-capsicum.c
index e10bad7e83df..883be185815a 100644
--- a/sandbox-capsicum.c
+++ b/sandbox-capsicum.c
@@ -19,7 +19,6 @@
 #ifdef SANDBOX_CAPSICUM
 
 #include <sys/types.h>
-#include <sys/param.h>
 #include <sys/time.h>
 #include <sys/resource.h>
 #include <sys/capsicum.h>
diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c
index 798b24bd878f..2e065ba3edb6 100644
--- a/sandbox-seccomp-filter.c
+++ b/sandbox-seccomp-filter.c
@@ -228,6 +228,9 @@ static const struct sock_filter preauth_insns[] = {
 #ifdef __NR_getrandom
 	SC_ALLOW(__NR_getrandom),
 #endif
+#ifdef __NR_gettid
+	SC_ALLOW(__NR_gettid),
+#endif
 #ifdef __NR_gettimeofday
 	SC_ALLOW(__NR_gettimeofday),
 #endif
@@ -270,6 +273,9 @@ static const struct sock_filter preauth_insns[] = {
 #ifdef __NR__newselect
 	SC_ALLOW(__NR__newselect),
 #endif
+#ifdef __NR_ppoll
+	SC_ALLOW(__NR_ppoll),
+#endif
 #ifdef __NR_poll
 	SC_ALLOW(__NR_poll),
 #endif
@@ -391,7 +397,7 @@ ssh_sandbox_child_debugging(void)
 void
 ssh_sandbox_child(struct ssh_sandbox *box)
 {
-	struct rlimit rl_zero;
+	struct rlimit rl_zero, rl_one = {.rlim_cur = 1, .rlim_max = 1};
 	int nnp_failed = 0;
 
 	/* Set rlimits for completeness if possible. */
@@ -399,7 +405,11 @@ ssh_sandbox_child(struct ssh_sandbox *box)
 	if (setrlimit(RLIMIT_FSIZE, &rl_zero) == -1)
 		fatal("%s: setrlimit(RLIMIT_FSIZE, { 0, 0 }): %s",
 			__func__, strerror(errno));
-	if (setrlimit(RLIMIT_NOFILE, &rl_zero) == -1)
+	/*
+	 * Cannot use zero for nfds, because poll(2) will fail with
+	 * errno=EINVAL if npfds>RLIMIT_NOFILE.
+	 */
+	if (setrlimit(RLIMIT_NOFILE, &rl_one) == -1)
 		fatal("%s: setrlimit(RLIMIT_NOFILE, { 0, 0 }): %s",
 			__func__, strerror(errno));
 	if (setrlimit(RLIMIT_NPROC, &rl_zero) == -1)
diff --git a/scp.0 b/scp.0
index 830e66e34e17..ed7b126cfa90 100644
--- a/scp.0
+++ b/scp.0
@@ -213,4 +213,4 @@ CAVEATS
      careful quoting of any characters that have special meaning to the remote
      shell, such as quote characters.
 
-OpenBSD 6.9                   September 20, 2021                   OpenBSD 6.9
+OpenBSD 7.0                    February 10, 2022                   OpenBSD 7.0
diff --git a/scp.1 b/scp.1
index 10cd4efb912a..c433f7168e07 100644
--- a/scp.1
+++ b/scp.1
@@ -8,9 +8,9 @@
 .\"
 .\" Created: Sun May  7 00:14:37 1995 ylo
 .\"
-.\" $OpenBSD: scp.1,v 1.105 2021/09/20 06:53:56 djm Exp $
+.\" $OpenBSD: scp.1,v 1.107 2022/02/10 04:12:38 djm Exp $
 .\"
-.Dd $Mdocdate: September 20 2021 $
+.Dd $Mdocdate: February 10 2022 $
 .Dt SCP 1
 .Os
 .Sh NAME
diff --git a/scp.c b/scp.c
index 73ce8554d788..519bffa1be1e 100644
--- a/scp.c
+++ b/scp.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: scp.c,v 1.239 2021/09/20 06:53:56 djm Exp $ */
+/* $OpenBSD: scp.c,v 1.245 2022/02/10 04:12:38 djm Exp $ */
 /*
  * scp - secure remote copy.  This is basically patched BSD rcp which
  * uses ssh to do the data transfer (instead of using rcmd).
@@ -130,6 +130,7 @@
 #include "misc.h"
 #include "progressmeter.h"
 #include "utf8.h"
+#include "sftp.h"
 
 #include "sftp-common.h"
 #include "sftp-client.h"
@@ -1250,13 +1251,18 @@ tolocal(int argc, char **argv, enum scp_mode_e mode, char *sftp_direct)
 static char *
 prepare_remote_path(struct sftp_conn *conn, const char *path)
 {
+	size_t nslash;
+
 	/* Handle ~ prefixed paths */
-	if (*path != '~')
-		return xstrdup(path);
 	if (*path == '\0' || strcmp(path, "~") == 0)
 		return xstrdup(".");
-	if (strncmp(path, "~/", 2) == 0)
-		return xstrdup(path + 2);
+	if (*path != '~')
+		return xstrdup(path);
+	if (strncmp(path, "~/", 2) == 0) {
+		if ((nslash = strspn(path + 2, "/")) == strlen(path + 2))
+			return xstrdup(".");
+		return xstrdup(path + 2 + nslash);
+	}
 	if (can_expand_path(conn))
 		return do_expand_path(conn, path);
 	/* No protocol extension */
@@ -1269,10 +1275,16 @@ void
 source_sftp(int argc, char *src, char *targ, struct sftp_conn *conn)
 {
 	char *target = NULL, *filename = NULL, *abs_dst = NULL;
-	int target_is_dir;
-
+	int src_is_dir, target_is_dir;
+	Attrib a;
+	struct stat st;
+
+	memset(&a, '\0', sizeof(a));
+	if (stat(src, &st) != 0)
+		fatal("stat local \"%s\": %s", src, strerror(errno));
+	src_is_dir = S_ISDIR(st.st_mode);
 	if ((filename = basename(src)) == NULL)
-		fatal("basename %s: %s", src, strerror(errno));
+		fatal("basename \"%s\": %s", src, strerror(errno));
 
 	/*
 	 * No need to glob here - the local shell already took care of
@@ -1282,8 +1294,12 @@ source_sftp(int argc, char *src, char *targ, struct sftp_conn *conn)
 		cleanup_exit(255);
 	target_is_dir = remote_is_dir(conn, target);
 	if (targetshouldbedirectory && !target_is_dir) {
-		fatal("Target is not a directory, but more files selected "
-		    "for upload");
+		debug("target directory \"%s\" does not exist", target);
+		a.flags = SSH2_FILEXFER_ATTR_PERMISSIONS;
+		a.perm = st.st_mode | 0700; /* ensure writable */
+		if (do_mkdir(conn, target, &a, 1) != 0)
+			cleanup_exit(255); /* error already logged */
+		target_is_dir = 1;
 	}
 	if (target_is_dir)
 		abs_dst = path_append(target, filename);
@@ -1293,15 +1309,14 @@ source_sftp(int argc, char *src, char *targ, struct sftp_conn *conn)
 	}
 	debug3_f("copying local %s to remote %s", src, abs_dst);
 
-	if (local_is_dir(src) && iamrecursive) {
+	if (src_is_dir && iamrecursive) {
 		if (upload_dir(conn, src, abs_dst, pflag,
 		    SFTP_PROGRESS_ONLY, 0, 0, 1) != 0) {
-			error("failed to upload directory %s to %s",
-				src, abs_dst);
+			error("failed to upload directory %s to %s", src, targ);
 			errs = 1;
 		}
 	} else if (do_upload(conn, src, abs_dst, pflag, 0, 0) != 0) {
-		error("failed to upload file %s to %s", src, abs_dst);
+		error("failed to upload file %s to %s", src, targ);
 		errs = 1;
 	}
 
@@ -1327,7 +1342,7 @@ source(int argc, char **argv)
 		len = strlen(name);
 		while (len > 1 && name[len-1] == '/')
 			name[--len] = '\0';
-		if ((fd = open(name, O_RDONLY|O_NONBLOCK, 0)) == -1)
+		if ((fd = open(name, O_RDONLY|O_NONBLOCK)) == -1)
 			goto syserr;
 		if (strchr(name, '\n') != NULL) {
 			strnvis(encname, name, sizeof(encname), VIS_NL);
@@ -1477,14 +1492,15 @@ sink_sftp(int argc, char *dst, const char *src, struct sftp_conn *conn)
 	char *abs_dst = NULL;
 	glob_t g;
 	char *filename, *tmp = NULL;
-	int i, r, err = 0;
+	int i, r, err = 0, dst_is_dir;
+	struct stat st;
 
 	memset(&g, 0, sizeof(g));
+
 	/*
 	 * Here, we need remote glob as SFTP can not depend on remote shell
 	 * expansions
 	 */
-
 	if ((abs_src = prepare_remote_path(conn, src)) == NULL) {
 		err = -1;
 		goto out;
@@ -1493,18 +1509,31 @@ sink_sftp(int argc, char *dst, const char *src, struct sftp_conn *conn)
 	debug3_f("copying remote %s to local %s", abs_src, dst);
 	if ((r = remote_glob(conn, abs_src, GLOB_MARK, NULL, &g)) != 0) {
 		if (r == GLOB_NOSPACE)
-			error("%s: too many glob matches", abs_src);
+			error("%s: too many glob matches", src);
 		else
-			error("%s: %s", abs_src, strerror(ENOENT));
+			error("%s: %s", src, strerror(ENOENT));
 		err = -1;
 		goto out;
 	}
 
-	if (g.gl_matchc > 1 && !local_is_dir(dst)) {
-		error("Multiple files match pattern, but destination "
-		    "\"%s\" is not a directory", dst);
-		err = -1;
-		goto out;
+	if ((r = stat(dst, &st)) != 0)
+		debug2_f("stat local \"%s\": %s", dst, strerror(errno));
+	dst_is_dir = r == 0 && S_ISDIR(st.st_mode);
+
+	if (g.gl_matchc > 1 && !dst_is_dir) {
+		if (r == 0) {
+			error("Multiple files match pattern, but destination "
+			    "\"%s\" is not a directory", dst);
+			err = -1;
+			goto out;
+		}
+		debug2_f("creating destination \"%s\"", dst);
+		if (mkdir(dst, 0777) != 0) {
+			error("local mkdir \"%s\": %s", dst, strerror(errno));
+			err = -1;
+			goto out;
+		}
+		dst_is_dir = 1;
 	}
 
 	for (i = 0; g.gl_pathv[i] && !interrupted; i++) {
@@ -1515,7 +1544,7 @@ sink_sftp(int argc, char *dst, const char *src, struct sftp_conn *conn)
 			goto out;
 		}
 
-		if (local_is_dir(dst))
+		if (dst_is_dir)
 			abs_dst = path_append(dst, filename);
 		else
 			abs_dst = xstrdup(dst);
@@ -1889,7 +1918,7 @@ throughlocal_sftp(struct sftp_conn *from, struct sftp_conn *to,
 
 	targetisdir = remote_is_dir(to, target);
 	if (!targetisdir && targetshouldbedirectory) {
-		error("%s: destination is not a directory", target);
+		error("%s: destination is not a directory", targ);
 		err = -1;
 		goto out;
 	}
@@ -1897,9 +1926,9 @@ throughlocal_sftp(struct sftp_conn *from, struct sftp_conn *to,
 	debug3_f("copying remote %s to remote %s", abs_src, target);
 	if ((r = remote_glob(from, abs_src, GLOB_MARK, NULL, &g)) != 0) {
 		if (r == GLOB_NOSPACE)
-			error("%s: too many glob matches", abs_src);
+			error("%s: too many glob matches", src);
 		else
-			error("%s: %s", abs_src, strerror(ENOENT));
+			error("%s: %s", src, strerror(ENOENT));
 		err = -1;
 		goto out;
 	}
diff --git a/servconf.c b/servconf.c
index b2fbf0b2a3b6..9031696216af 100644
--- a/servconf.c
+++ b/servconf.c
@@ -1,5 +1,5 @@
 
-/* $OpenBSD: servconf.c,v 1.382 2021/09/06 00:36:01 millert Exp $ */
+/* $OpenBSD: servconf.c,v 1.383 2022/02/08 08:59:12 dtucker Exp $ */
 /*
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
  *                    All rights reserved
@@ -895,7 +895,7 @@ process_permitopen_list(struct ssh *ssh, ServerOpCodes opcode,
 {
 	u_int i;
 	int port;
-	char *host, *arg, *oarg, ch;
+	char *host, *arg, *oarg;
 	int where = opcode == sPermitOpen ? FORWARD_LOCAL : FORWARD_REMOTE;
 	const char *what = lookup_opcode_name(opcode);
 
@@ -913,9 +913,8 @@ process_permitopen_list(struct ssh *ssh, ServerOpCodes opcode,
 	/* Otherwise treat it as a list of permitted host:port */
 	for (i = 0; i < num_opens; i++) {
 		oarg = arg = xstrdup(opens[i]);
-		ch = '\0';
-		host = hpdelim2(&arg, &ch);
-		if (host == NULL || ch == '/')
+		host = hpdelim(&arg);
+		if (host == NULL)
 			fatal_f("missing host in %s", what);
 		host = cleanhostname(host);
 		if (arg == NULL || ((port = permitopen_port(arg)) < 0))
@@ -1261,7 +1260,7 @@ process_server_config_line_depth(ServerOptions *options, char *line,
     struct connection_info *connectinfo, int *inc_flags, int depth,
     struct include_list *includes)
 {
-	char ch, *str, ***chararrayptr, **charptr, *arg, *arg2, *p, *keyword;
+	char *str, ***chararrayptr, **charptr, *arg, *arg2, *p, *keyword;
 	int cmdline = 0, *intptr, value, value2, n, port, oactive, r, found;
 	SyslogFacility *log_facility_ptr;
 	LogLevel *log_level_ptr;
@@ -1380,9 +1379,8 @@ process_server_config_line_depth(ServerOptions *options, char *line,
 			p = arg;
 		} else {
 			arg2 = NULL;
-			ch = '\0';
-			p = hpdelim2(&arg, &ch);
-			if (p == NULL || ch == '/')
+			p = hpdelim(&arg);
+			if (p == NULL)
 				fatal("%s line %d: bad address:port usage",
 				    filename, linenum);
 			p = cleanhostname(p);
@@ -2211,9 +2209,8 @@ process_server_config_line_depth(ServerOptions *options, char *line,
 				xasprintf(&arg2, "*:%s", arg);
 			} else {
 				arg2 = xstrdup(arg);
-				ch = '\0';
-				p = hpdelim2(&arg, &ch);
-				if (p == NULL || ch == '/') {
+				p = hpdelim(&arg);
+				if (p == NULL) {
 					fatal("%s line %d: %s missing host",
 					    filename, linenum, keyword);
 				}
diff --git a/serverloop.c b/serverloop.c
index e8cfb9205a48..0541f028a650 100644
--- a/serverloop.c
+++ b/serverloop.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: serverloop.c,v 1.228 2021/07/16 09:00:23 djm Exp $ */
+/* $OpenBSD: serverloop.c,v 1.231 2022/01/22 00:49:34 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -50,6 +50,9 @@
 #include <fcntl.h>
 #include <pwd.h>
 #include <limits.h>
+#ifdef HAVE_POLL_H
+#include <poll.h>
+#endif
 #include <signal.h>
 #include <string.h>
 #include <termios.h>
@@ -158,27 +161,31 @@ client_alive_check(struct ssh *ssh)
 }
 
 /*
- * Sleep in pselect() until we can do something.  This will initialize the
- * pselect masks.  Upon return, the masks will indicate which descriptors
- * have data or can accept data.  Optionally, a maximum time can be specified
- * for the duration of the wait (0 = infinite).
+ * Sleep in ppoll() until we can do something.
+ * Optionally, a maximum time can be specified for the duration of
+ * the wait (0 = infinite).
  */
 static void
 wait_until_can_do_something(struct ssh *ssh,
-    int connection_in, int connection_out,
-    fd_set **readsetp, fd_set **writesetp, int *maxfdp,
-    u_int *nallocp, u_int64_t max_time_ms, sigset_t *sigsetp)
+    int connection_in, int connection_out, struct pollfd **pfdp,
+    u_int *npfd_allocp, u_int *npfd_activep, u_int64_t max_time_ms,
+    sigset_t *sigsetp, int *conn_in_readyp, int *conn_out_readyp)
 {
 	struct timespec ts, *tsp;
 	int ret;
 	time_t minwait_secs = 0;
 	int client_alive_scheduled = 0;
+	u_int p;
 	/* time we last heard from the client OR sent a keepalive */
 	static time_t last_client_time;
 
-	/* Allocate and update pselect() masks for channel descriptors. */
-	channel_prepare_select(ssh, readsetp, writesetp, maxfdp,
-	    nallocp, &minwait_secs);
+	*conn_in_readyp = *conn_out_readyp = 0;
+
+	/* Prepare channel poll. First two pollfd entries are reserved */
+	channel_prepare_poll(ssh, pfdp, npfd_allocp, npfd_activep,
+	    2, &minwait_secs);
+	if (*npfd_activep < 2)
+		fatal_f("bad npfd %u", *npfd_activep); /* shouldn't happen */
 
 	/* XXX need proper deadline system for rekey/client alive */
 	if (minwait_secs != 0)
@@ -208,14 +215,11 @@ wait_until_can_do_something(struct ssh *ssh,
 	/* wrong: bad condition XXX */
 	if (channel_not_very_much_buffered_data())
 #endif
-	FD_SET(connection_in, *readsetp);
-
-	/*
-	 * If we have buffered packet data going to the client, mark that
-	 * descriptor.
-	 */
-	if (ssh_packet_have_data_to_write(ssh))
-		FD_SET(connection_out, *writesetp);
+	/* Monitor client connection on reserved pollfd entries */
+	(*pfdp)[0].fd = connection_in;
+	(*pfdp)[0].events = POLLIN;
+	(*pfdp)[1].fd = connection_out;
+	(*pfdp)[1].events = ssh_packet_have_data_to_write(ssh) ? POLLOUT : 0;
 
 	/*
 	 * If child has terminated and there is enough buffer space to read
@@ -234,27 +238,32 @@ wait_until_can_do_something(struct ssh *ssh,
 	}
 
 	/* Wait for something to happen, or the timeout to expire. */
-	ret = pselect((*maxfdp)+1, *readsetp, *writesetp, NULL, tsp, sigsetp);
+	ret = ppoll(*pfdp, *npfd_activep, tsp, sigsetp);
 
 	if (ret == -1) {
-		memset(*readsetp, 0, *nallocp);
-		memset(*writesetp, 0, *nallocp);
+		for (p = 0; p < *npfd_activep; p++)
+			(*pfdp)[p].revents = 0;
 		if (errno != EINTR)
-			error("pselect: %.100s", strerror(errno));
-	} else if (client_alive_scheduled) {
+			fatal_f("ppoll: %.100s", strerror(errno));
+		return;
+	}
+
+	*conn_in_readyp = (*pfdp)[0].revents != 0;
+	*conn_out_readyp = (*pfdp)[1].revents != 0;
+
+	if (client_alive_scheduled) {
 		time_t now = monotime();
 
 		/*
-		 * If the pselect timed out, or returned for some other reason
+		 * If the ppoll timed out, or returned for some other reason
 		 * but we haven't heard from the client in time, send keepalive.
 		 */
 		if (ret == 0 || (last_client_time != 0 && last_client_time +
 		    options.client_alive_interval <= now)) {
 			client_alive_check(ssh);
 			last_client_time = now;
-		} else if (FD_ISSET(connection_in, *readsetp)) {
+		} else if (*conn_in_readyp)
 			last_client_time = now;
-		}
 	}
 }
 
@@ -263,48 +272,40 @@ wait_until_can_do_something(struct ssh *ssh,
  * in buffers and processed later.
  */
 static int
-process_input(struct ssh *ssh, fd_set *readset, int connection_in)
+process_input(struct ssh *ssh, int connection_in)
 {
-	int r, len;
-	char buf[16384];
+	int r;
 
-	/* Read and buffer any input data from the client. */
-	if (FD_ISSET(connection_in, readset)) {
-		len = read(connection_in, buf, sizeof(buf));
-		if (len == 0) {
+	if ((r = ssh_packet_process_read(ssh, connection_in)) == 0)
+		return 0; /* success */
+	if (r == SSH_ERR_SYSTEM_ERROR) {
+		if (errno == EAGAIN || errno == EINTR || errno == EWOULDBLOCK)
+			return 0;
+		if (errno == EPIPE) {
 			verbose("Connection closed by %.100s port %d",
 			    ssh_remote_ipaddr(ssh), ssh_remote_port(ssh));
 			return -1;
-		} else if (len == -1) {
-			if (errno == EINTR || errno == EAGAIN ||
-			    errno == EWOULDBLOCK)
-				return 0;
-			verbose("Read error from remote host %s port %d: %s",
-			    ssh_remote_ipaddr(ssh), ssh_remote_port(ssh),
-			    strerror(errno));
-			cleanup_exit(255);
 		}
-		/* Buffer any received data. */
-		if ((r = ssh_packet_process_incoming(ssh, buf, len)) != 0)
-			fatal_fr(r, "ssh_packet_process_incoming");
+		verbose("Read error from remote host %s port %d: %s",
+		    ssh_remote_ipaddr(ssh), ssh_remote_port(ssh),
+		    strerror(errno));
+		cleanup_exit(255);
 	}
-	return 0;
+	return -1;
 }
 
 /*
  * Sends data from internal buffers to client program stdin.
  */
 static void
-process_output(struct ssh *ssh, fd_set *writeset, int connection_out)
+process_output(struct ssh *ssh, int connection_out)
 {
 	int r;
 
 	/* Send any buffered packet data to the client. */
-	if (FD_ISSET(connection_out, writeset)) {
-		if ((r = ssh_packet_write_poll(ssh)) != 0) {
-			sshpkt_fatal(ssh, r, "%s: ssh_packet_write_poll",
-			    __func__);
-		}
+	if ((r = ssh_packet_write_poll(ssh)) != 0) {
+		sshpkt_fatal(ssh, r, "%s: ssh_packet_write_poll",
+		    __func__);
 	}
 }
 
@@ -333,9 +334,10 @@ collect_children(struct ssh *ssh)
 void
 server_loop2(struct ssh *ssh, Authctxt *authctxt)
 {
-	fd_set *readset = NULL, *writeset = NULL;
-	int r, max_fd;
-	u_int nalloc = 0, connection_in, connection_out;
+	struct pollfd *pfd = NULL;
+	u_int npfd_alloc = 0, npfd_active = 0;
+	int r, conn_in_ready, conn_out_ready;
+	u_int connection_in, connection_out;
 	u_int64_t rekey_timeout_ms = 0;
 	sigset_t bsigset, osigset;
 
@@ -354,8 +356,6 @@ server_loop2(struct ssh *ssh, Authctxt *authctxt)
 		ssh_signal(SIGQUIT, sigterm_handler);
 	}
 
-	max_fd = MAXIMUM(connection_in, connection_out);
-
 	server_init_dispatch(ssh);
 
 	for (;;) {
@@ -374,15 +374,15 @@ server_loop2(struct ssh *ssh, Authctxt *authctxt)
 
 		/*
 		 * Block SIGCHLD while we check for dead children, then pass
-		 * the old signal mask through to pselect() so that it'll wake
+		 * the old signal mask through to ppoll() so that it'll wake
 		 * up immediately if a child exits after we've called waitpid().
 		 */
 		if (sigprocmask(SIG_BLOCK, &bsigset, &osigset) == -1)
 			error_f("bsigset sigprocmask: %s", strerror(errno));
 		collect_children(ssh);
 		wait_until_can_do_something(ssh, connection_in, connection_out,
-		    &readset, &writeset, &max_fd, &nalloc, rekey_timeout_ms,
-		    &osigset);
+		    &pfd, &npfd_alloc, &npfd_active, rekey_timeout_ms, &osigset,
+		    &conn_in_ready, &conn_out_ready);
 		if (sigprocmask(SIG_UNBLOCK, &bsigset, &osigset) == -1)
 			error_f("osigset sigprocmask: %s", strerror(errno));
 
@@ -393,18 +393,18 @@ server_loop2(struct ssh *ssh, Authctxt *authctxt)
 		}
 
 		if (!ssh_packet_is_rekeying(ssh))
-			channel_after_select(ssh, readset, writeset);
-		if (process_input(ssh, readset, connection_in) < 0)
+			channel_after_poll(ssh, pfd, npfd_active);
+		if (conn_in_ready &&
+		    process_input(ssh, connection_in) < 0)
 			break;
 		/* A timeout may have triggered rekeying */
 		if ((r = ssh_packet_check_rekey(ssh)) != 0)
 			fatal_fr(r, "cannot start rekeying");
-		process_output(ssh, writeset, connection_out);
+		if (conn_out_ready)
+			process_output(ssh, connection_out);
 	}
 	collect_children(ssh);
-
-	free(readset);
-	free(writeset);
+	free(pfd);
 
 	/* free all channels, no more reads and writes */
 	channel_free_all(ssh);
@@ -684,16 +684,17 @@ server_input_hostkeys_prove(struct ssh *ssh, struct sshbuf **respp)
 	struct sshbuf *resp = NULL;
 	struct sshbuf *sigbuf = NULL;
 	struct sshkey *key = NULL, *key_pub = NULL, *key_prv = NULL;
-	int r, ndx, kexsigtype, use_kexsigtype, success = 0;
+	int r, ndx, success = 0;
 	const u_char *blob;
+	const char *sigalg, *kex_rsa_sigalg = NULL;
 	u_char *sig = 0;
 	size_t blen, slen;
 
 	if ((resp = sshbuf_new()) == NULL || (sigbuf = sshbuf_new()) == NULL)
 		fatal_f("sshbuf_new");
-
-	kexsigtype = sshkey_type_plain(
-	    sshkey_type_from_name(ssh->kex->hostkey_alg));
+	if (sshkey_type_plain(sshkey_type_from_name(
+	    ssh->kex->hostkey_alg)) == KEY_RSA)
+		kex_rsa_sigalg = ssh->kex->hostkey_alg;
 	while (ssh_packet_remaining(ssh) > 0) {
 		sshkey_free(key);
 		key = NULL;
@@ -726,16 +727,24 @@ server_input_hostkeys_prove(struct ssh *ssh, struct sshbuf **respp)
 		 * For RSA keys, prefer to use the signature type negotiated
 		 * during KEX to the default (SHA1).
 		 */
-		use_kexsigtype = kexsigtype == KEY_RSA &&
-		    sshkey_type_plain(key->type) == KEY_RSA;
+		sigalg = NULL;
+		if (sshkey_type_plain(key->type) == KEY_RSA) {
+			if (kex_rsa_sigalg != NULL)
+				sigalg = kex_rsa_sigalg;
+			else if (ssh->kex->flags & KEX_RSA_SHA2_512_SUPPORTED)
+				sigalg = "rsa-sha2-512";
+			else if (ssh->kex->flags & KEX_RSA_SHA2_256_SUPPORTED)
+				sigalg = "rsa-sha2-256";
+		}
+		debug3_f("sign %s key (index %d) using sigalg %s",
+		    sshkey_type(key), ndx, sigalg == NULL ? "default" : sigalg);
 		if ((r = sshbuf_put_cstring(sigbuf,
 		    "hostkeys-prove-00@openssh.com")) != 0 ||
 		    (r = sshbuf_put_stringb(sigbuf,
 		    ssh->kex->session_id)) != 0 ||
 		    (r = sshkey_puts(key, sigbuf)) != 0 ||
 		    (r = ssh->kex->sign(ssh, key_prv, key_pub, &sig, &slen,
-		    sshbuf_ptr(sigbuf), sshbuf_len(sigbuf),
-		    use_kexsigtype ? ssh->kex->hostkey_alg : NULL)) != 0 ||
+		    sshbuf_ptr(sigbuf), sshbuf_len(sigbuf), sigalg)) != 0 ||
 		    (r = sshbuf_put_string(resp, sig, slen)) != 0) {
 			error_fr(r, "assemble signature");
 			goto out;
diff --git a/session.c b/session.c
index 5f423f9f6c50..e67d24d23c99 100644
--- a/session.c
+++ b/session.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: session.c,v 1.329 2021/08/11 05:20:17 djm Exp $ */
+/* $OpenBSD: session.c,v 1.330 2022/02/08 08:59:12 dtucker Exp $ */
 /*
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
  *                    All rights reserved
@@ -36,7 +36,6 @@
 #include "includes.h"
 
 #include <sys/types.h>
-#include <sys/param.h>
 #ifdef HAVE_SYS_STAT_H
 # include <sys/stat.h>
 #endif
@@ -304,7 +303,7 @@ set_fwdpermit_from_authopts(struct ssh *ssh, const struct sshauthopt *opts)
 		for (i = 0; i < auth_opts->npermitopen; i++) {
 			tmp = cp = xstrdup(auth_opts->permitopen[i]);
 			/* This shouldn't fail as it has already been checked */
-			if ((host = hpdelim(&cp)) == NULL)
+			if ((host = hpdelim2(&cp, NULL)) == NULL)
 				fatal_f("internal error: hpdelim");
 			host = cleanhostname(host);
 			if (cp == NULL || (port = permitopen_port(cp)) < 0)
diff --git a/sftp-client.c b/sftp-client.c
index 9de9afa20f68..c75657553790 100644
--- a/sftp-client.c
+++ b/sftp-client.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sftp-client.c,v 1.155 2021/09/03 05:12:25 dtucker Exp $ */
+/* $OpenBSD: sftp-client.c,v 1.161 2022/01/17 21:41:04 djm Exp $ */
 /*
  * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org>
  *
@@ -341,7 +341,7 @@ get_handle(struct sftp_conn *conn, u_int expected_id, size_t *len,
 	return handle;
 }
 
-/* XXX returing &static is error-prone. Refactor to fill *Attrib argument */
+/* XXX returning &static is error-prone. Refactor to fill *Attrib argument */
 static Attrib *
 get_decode_stat(struct sftp_conn *conn, u_int expected_id, int quiet)
 {
@@ -367,9 +367,9 @@ get_decode_stat(struct sftp_conn *conn, u_int expected_id, int quiet)
 		if ((r = sshbuf_get_u32(msg, &status)) != 0)
 			fatal_fr(r, "parse status");
 		if (quiet)
-			debug("Couldn't stat remote file: %s", fx2txt(status));
+			debug("stat remote: %s", fx2txt(status));
 		else
-			error("Couldn't stat remote file: %s", fx2txt(status));
+			error("stat remote: %s", fx2txt(status));
 		sshbuf_free(msg);
 		return(NULL);
 	} else if (type != SSH2_FXP_ATTRS) {
@@ -381,7 +381,7 @@ get_decode_stat(struct sftp_conn *conn, u_int expected_id, int quiet)
 		sshbuf_free(msg);
 		return NULL;
 	}
-	debug3("Recevied stat reply T:%u I:%u F:0x%04x M:%05o",
+	debug3("Received stat reply T:%u I:%u F:0x%04x M:%05o",
 	    type, id, a.flags, a.perm);
 	sshbuf_free(msg);
 
@@ -415,9 +415,9 @@ get_decode_statvfs(struct sftp_conn *conn, struct sftp_statvfs *st,
 		if ((r = sshbuf_get_u32(msg, &status)) != 0)
 			fatal_fr(r, "parse status");
 		if (quiet)
-			debug("Couldn't statvfs: %s", fx2txt(status));
+			debug("remote statvfs: %s", fx2txt(status));
 		else
-			error("Couldn't statvfs: %s", fx2txt(status));
+			error("remote statvfs: %s", fx2txt(status));
 		sshbuf_free(msg);
 		return -1;
 	} else if (type != SSH2_FXP_EXTENDED_REPLY) {
@@ -668,7 +668,7 @@ do_close(struct sftp_conn *conn, const u_char *handle, u_int handle_len)
 
 	status = get_status(conn, id);
 	if (status != SSH2_FX_OK)
-		error("Couldn't close file: %s", fx2txt(status));
+		error("close remote: %s", fx2txt(status));
 
 	sshbuf_free(msg);
 
@@ -850,7 +850,7 @@ do_rm(struct sftp_conn *conn, const char *path)
 	send_string_request(conn, id, SSH2_FXP_REMOVE, path, strlen(path));
 	status = get_status(conn, id);
 	if (status != SSH2_FX_OK)
-		error("Couldn't delete file: %s", fx2txt(status));
+		error("remote delete %s: %s", path, fx2txt(status));
 	return status == SSH2_FX_OK ? 0 : -1;
 }
 
@@ -859,13 +859,15 @@ do_mkdir(struct sftp_conn *conn, const char *path, Attrib *a, int print_flag)
 {
 	u_int status, id;
 
+	debug2("Sending SSH2_FXP_MKDIR \"%s\"", path);
+
 	id = conn->msg_id++;
 	send_string_attrs_request(conn, id, SSH2_FXP_MKDIR, path,
 	    strlen(path), a);
 
 	status = get_status(conn, id);
 	if (status != SSH2_FX_OK && print_flag)
-		error("Couldn't create directory: %s", fx2txt(status));
+		error("remote mkdir \"%s\": %s", path, fx2txt(status));
 
 	return status == SSH2_FX_OK ? 0 : -1;
 }
@@ -875,13 +877,15 @@ do_rmdir(struct sftp_conn *conn, const char *path)
 {
 	u_int status, id;
 
+	debug2("Sending SSH2_FXP_RMDIR \"%s\"", path);
+
 	id = conn->msg_id++;
 	send_string_request(conn, id, SSH2_FXP_RMDIR, path,
 	    strlen(path));
 
 	status = get_status(conn, id);
 	if (status != SSH2_FX_OK)
-		error("Couldn't remove directory: %s", fx2txt(status));
+		error("remote rmdir \"%s\": %s", path, fx2txt(status));
 
 	return status == SSH2_FX_OK ? 0 : -1;
 }
@@ -891,6 +895,8 @@ do_stat(struct sftp_conn *conn, const char *path, int quiet)
 {
 	u_int id;
 
+	debug2("Sending SSH2_FXP_STAT \"%s\"", path);
+
 	id = conn->msg_id++;
 
 	send_string_request(conn, id,
@@ -927,6 +933,8 @@ do_fstat(struct sftp_conn *conn, const u_char *handle, u_int handle_len,
 {
 	u_int id;
 
+	debug2("Sending SSH2_FXP_FSTAT \"%s\"");
+
 	id = conn->msg_id++;
 	send_string_request(conn, id, SSH2_FXP_FSTAT, handle,
 	    handle_len);
@@ -940,14 +948,15 @@ do_setstat(struct sftp_conn *conn, const char *path, Attrib *a)
 {
 	u_int status, id;
 
+	debug2("Sending SSH2_FXP_SETSTAT \"%s\"", path);
+
 	id = conn->msg_id++;
 	send_string_attrs_request(conn, id, SSH2_FXP_SETSTAT, path,
 	    strlen(path), a);
 
 	status = get_status(conn, id);
 	if (status != SSH2_FX_OK)
-		error("Couldn't setstat on \"%s\": %s", path,
-		    fx2txt(status));
+		error("remote setstat \"%s\": %s", path, fx2txt(status));
 
 	return status == SSH2_FX_OK ? 0 : -1;
 }
@@ -958,13 +967,15 @@ do_fsetstat(struct sftp_conn *conn, const u_char *handle, u_int handle_len,
 {
 	u_int status, id;
 
+	debug2("Sending SSH2_FXP_FSETSTAT");
+
 	id = conn->msg_id++;
 	send_string_attrs_request(conn, id, SSH2_FXP_FSETSTAT, handle,
 	    handle_len, a);
 
 	status = get_status(conn, id);
 	if (status != SSH2_FX_OK)
-		error("Couldn't fsetstat: %s", fx2txt(status));
+		error("remote fsetstat: %s", fx2txt(status));
 
 	return status == SSH2_FX_OK ? 0 : -1;
 }
@@ -988,6 +999,8 @@ do_realpath_expand(struct sftp_conn *conn, const char *path, int expand)
 
 	expected_id = id = conn->msg_id++;
 	if (expand) {
+		debug2("Sending SSH2_FXP_EXTENDED(expand-path@openssh.com) "
+		    "\"%s\"", path);
 		if ((r = sshbuf_put_u8(msg, SSH2_FXP_EXTENDED)) != 0 ||
 		    (r = sshbuf_put_u32(msg, id)) != 0 ||
 		    (r = sshbuf_put_cstring(msg,
@@ -996,6 +1009,7 @@ do_realpath_expand(struct sftp_conn *conn, const char *path, int expand)
 			fatal_fr(r, "compose %s", what);
 		send_msg(conn, msg);
 	} else {
+		debug2("Sending SSH2_FXP_REALPATH \"%s\"", path);
 		send_string_request(conn, id, SSH2_FXP_REALPATH,
 		    path, strlen(path));
 	}
@@ -1009,10 +1023,14 @@ do_realpath_expand(struct sftp_conn *conn, const char *path, int expand)
 
 	if (type == SSH2_FXP_STATUS) {
 		u_int status;
+		char *errmsg;
 
-		if ((r = sshbuf_get_u32(msg, &status)) != 0)
+		if ((r = sshbuf_get_u32(msg, &status)) != 0 ||
+		    (r = sshbuf_get_cstring(msg, &errmsg, NULL)) != 0)
 			fatal_fr(r, "parse status");
-		error("Couldn't canonicalize: %s", fx2txt(status));
+		error("%s %s: %s", expand ? "expand" : "realpath",
+		    path, *errmsg == '\0' ? fx2txt(status) : errmsg);
+		free(errmsg);
 		sshbuf_free(msg);
 		return NULL;
 	} else if (type != SSH2_FXP_NAME)
@@ -1074,12 +1092,16 @@ do_rename(struct sftp_conn *conn, const char *oldpath, const char *newpath,
 	/* Send rename request */
 	id = conn->msg_id++;
 	if (use_ext) {
+		debug2("Sending SSH2_FXP_EXTENDED(posix-rename@openssh.com) "
+		    "\"%s\" to \"%s\"", oldpath, newpath);
 		if ((r = sshbuf_put_u8(msg, SSH2_FXP_EXTENDED)) != 0 ||
 		    (r = sshbuf_put_u32(msg, id)) != 0 ||
 		    (r = sshbuf_put_cstring(msg,
 		    "posix-rename@openssh.com")) != 0)
 			fatal_fr(r, "compose posix-rename");
 	} else {
+		debug2("Sending SSH2_FXP_RENAME \"%s\" to \"%s\"",
+		    oldpath, newpath);
 		if ((r = sshbuf_put_u8(msg, SSH2_FXP_RENAME)) != 0 ||
 		    (r = sshbuf_put_u32(msg, id)) != 0)
 			fatal_fr(r, "compose rename");
@@ -1095,7 +1117,7 @@ do_rename(struct sftp_conn *conn, const char *oldpath, const char *newpath,
 
 	status = get_status(conn, id);
 	if (status != SSH2_FX_OK)
-		error("Couldn't rename file \"%s\" to \"%s\": %s", oldpath,
+		error("remote rename \"%s\" to \"%s\": %s", oldpath,
 		    newpath, fx2txt(status));
 
 	return status == SSH2_FX_OK ? 0 : -1;
@@ -1112,6 +1134,8 @@ do_hardlink(struct sftp_conn *conn, const char *oldpath, const char *newpath)
 		error("Server does not support hardlink@openssh.com extension");
 		return -1;
 	}
+	debug2("Sending SSH2_FXP_EXTENDED(hardlink@openssh.com) "
+	    "\"%s\" to \"%s\"", oldpath, newpath);
 
 	if ((msg = sshbuf_new()) == NULL)
 		fatal_f("sshbuf_new failed");
@@ -1131,7 +1155,7 @@ do_hardlink(struct sftp_conn *conn, const char *oldpath, const char *newpath)
 
 	status = get_status(conn, id);
 	if (status != SSH2_FX_OK)
-		error("Couldn't link file \"%s\" to \"%s\": %s", oldpath,
+		error("remote link \"%s\" to \"%s\": %s", oldpath,
 		    newpath, fx2txt(status));
 
 	return status == SSH2_FX_OK ? 0 : -1;
@@ -1148,6 +1172,7 @@ do_symlink(struct sftp_conn *conn, const char *oldpath, const char *newpath)
 		error("This server does not support the symlink operation");
 		return(SSH2_FX_OP_UNSUPPORTED);
 	}
+	debug2("Sending SSH2_FXP_SYMLINK \"%s\" to \"%s\"", oldpath, newpath);
 
 	if ((msg = sshbuf_new()) == NULL)
 		fatal_f("sshbuf_new failed");
@@ -1166,7 +1191,7 @@ do_symlink(struct sftp_conn *conn, const char *oldpath, const char *newpath)
 
 	status = get_status(conn, id);
 	if (status != SSH2_FX_OK)
-		error("Couldn't symlink file \"%s\" to \"%s\": %s", oldpath,
+		error("remote symlink file \"%s\" to \"%s\": %s", oldpath,
 		    newpath, fx2txt(status));
 
 	return status == SSH2_FX_OK ? 0 : -1;
@@ -1182,6 +1207,7 @@ do_fsync(struct sftp_conn *conn, u_char *handle, u_int handle_len)
 	/* Silently return if the extension is not supported */
 	if ((conn->exts & SFTP_EXT_FSYNC) == 0)
 		return -1;
+	debug2("Sending SSH2_FXP_EXTENDED(fsync@openssh.com)");
 
 	/* Send fsync request */
 	if ((msg = sshbuf_new()) == NULL)
@@ -1198,7 +1224,7 @@ do_fsync(struct sftp_conn *conn, u_char *handle, u_int handle_len)
 
 	status = get_status(conn, id);
 	if (status != SSH2_FX_OK)
-		error("Couldn't sync file: %s", fx2txt(status));
+		error("remote fsync: %s", fx2txt(status));
 
 	return status == SSH2_FX_OK ? 0 : -1;
 }
@@ -1214,6 +1240,8 @@ do_readlink(struct sftp_conn *conn, const char *path)
 	u_char type;
 	int r;
 
+	debug2("Sending SSH2_FXP_READLINK \"%s\"", path);
+
 	expected_id = id = conn->msg_id++;
 	send_string_request(conn, id, SSH2_FXP_READLINK, path, strlen(path));
 
@@ -1273,6 +1301,8 @@ do_statvfs(struct sftp_conn *conn, const char *path, struct sftp_statvfs *st,
 		return -1;
 	}
 
+	debug2("Sending SSH2_FXP_EXTENDED(statvfs@openssh.com) \"%s\"", path);
+
 	id = conn->msg_id++;
 
 	if ((msg = sshbuf_new()) == NULL)
@@ -1301,6 +1331,8 @@ do_fstatvfs(struct sftp_conn *conn, const u_char *handle, u_int handle_len,
 		return -1;
 	}
 
+	debug2("Sending SSH2_FXP_EXTENDED(fstatvfs@openssh.com)");
+
 	id = conn->msg_id++;
 
 	if ((msg = sshbuf_new()) == NULL)
@@ -1329,6 +1361,8 @@ do_lsetstat(struct sftp_conn *conn, const char *path, Attrib *a)
 		return -1;
 	}
 
+	debug2("Sending SSH2_FXP_EXTENDED(lsetstat@openssh.com) \"%s\"", path);
+
 	id = conn->msg_id++;
 	if ((msg = sshbuf_new()) == NULL)
 		fatal_f("sshbuf_new failed");
@@ -1343,8 +1377,7 @@ do_lsetstat(struct sftp_conn *conn, const char *path, Attrib *a)
 
 	status = get_status(conn, id);
 	if (status != SSH2_FX_OK)
-		error("Couldn't setstat on \"%s\": %s", path,
-		    fx2txt(status));
+		error("remote lsetstat \"%s\": %s", path, fx2txt(status));
 
 	return status == SSH2_FX_OK ? 0 : -1;
 }
@@ -1379,6 +1412,8 @@ send_open(struct sftp_conn *conn, const char *path, const char *tag,
 	int r;
 	u_int id;
 
+	debug2("Sending SSH2_FXP_OPEN \"%s\"", path);
+
 	*handlep = NULL;
 	*handle_lenp = 0;
 
@@ -1401,7 +1436,7 @@ send_open(struct sftp_conn *conn, const char *path, const char *tag,
 	debug3("Sent %s message SSH2_FXP_OPEN I:%u P:%s M:0x%04x",
 	    tag, id, path, openmode);
 	if ((handle = get_handle(conn, id, &handle_len,
-	    "%s open(\"%s\")", tag, path)) == NULL)
+	    "%s open \"%s\"", tag, path)) == NULL)
 		return -1;
 	/* success */
 	*handlep = handle;
@@ -1440,6 +1475,9 @@ do_download(struct sftp_conn *conn, const char *remote_path,
 	struct request *req;
 	u_char type;
 
+	debug2_f("download remote \"%s\" to local \"%s\"",
+	    remote_path, local_path);
+
 	TAILQ_INIT(&requests);
 
 	if (a == NULL && (a = do_stat(conn, remote_path, 0)) == NULL)
@@ -1453,7 +1491,7 @@ do_download(struct sftp_conn *conn, const char *remote_path,
 
 	if ((a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) &&
 	    (!S_ISREG(a->perm))) {
-		error("Cannot download non-regular file: %s", remote_path);
+		error("download %s: not a regular file", remote_path);
 		return(-1);
 	}
 
@@ -1472,14 +1510,13 @@ do_download(struct sftp_conn *conn, const char *remote_path,
 	local_fd = open(local_path,
 	    O_WRONLY | O_CREAT | (resume_flag ? 0 : O_TRUNC), mode | S_IWUSR);
 	if (local_fd == -1) {
-		error("Couldn't open local file \"%s\" for writing: %s",
-		    local_path, strerror(errno));
+		error("open local \"%s\": %s", local_path, strerror(errno));
 		goto fail;
 	}
 	offset = highwater = 0;
 	if (resume_flag) {
 		if (fstat(local_fd, &st) == -1) {
-			error("Unable to stat local file \"%s\": %s",
+			error("stat local \"%s\": %s",
 			    local_path, strerror(errno));
 			goto fail;
 		}
@@ -1640,16 +1677,15 @@ do_download(struct sftp_conn *conn, const char *remote_path,
 		}
 		debug("truncating at %llu", (unsigned long long)highwater);
 		if (ftruncate(local_fd, highwater) == -1)
-			error("ftruncate \"%s\": %s", local_path,
+			error("local ftruncate \"%s\": %s", local_path,
 			    strerror(errno));
 	}
 	if (read_error) {
-		error("Couldn't read from remote file \"%s\" : %s",
-		    remote_path, fx2txt(status));
+		error("read remote \"%s\" : %s", remote_path, fx2txt(status));
 		status = -1;
 		do_close(conn, handle, handle_len);
 	} else if (write_error) {
-		error("Couldn't write to \"%s\": %s", local_path,
+		error("write local \"%s\": %s", local_path,
 		    strerror(write_errno));
 		status = SSH2_FX_FAILURE;
 		do_close(conn, handle, handle_len);
@@ -1664,7 +1700,7 @@ do_download(struct sftp_conn *conn, const char *remote_path,
 #else
 		if (preserve_flag && chmod(local_path, mode) == -1)
 #endif /* HAVE_FCHMOD */
-			error("Couldn't set mode on \"%s\": %s", local_path,
+			error("local chmod \"%s\": %s", local_path,
 			    strerror(errno));
 		if (preserve_flag &&
 		    (a->flags & SSH2_FILEXFER_ATTR_ACMODTIME)) {
@@ -1673,7 +1709,7 @@ do_download(struct sftp_conn *conn, const char *remote_path,
 			tv[1].tv_sec = a->mtime;
 			tv[0].tv_usec = tv[1].tv_usec = 0;
 			if (utimes(local_path, tv) == -1)
-				error("Can't set times on \"%s\": %s",
+				error("local set times \"%s\": %s",
 				    local_path, strerror(errno));
 		}
 		if (resume_flag && !lmodified)
@@ -1681,7 +1717,7 @@ do_download(struct sftp_conn *conn, const char *remote_path,
 		else if (fsync_flag) {
 			debug("syncing \"%s\"", local_path);
 			if (fsync(local_fd) == -1)
-				error("Couldn't sync file \"%s\": %s",
+				error("local sync \"%s\": %s",
 				    local_path, strerror(errno));
 		}
 	}
@@ -1707,9 +1743,11 @@ download_dir_internal(struct sftp_conn *conn, const char *src, const char *dst,
 		return -1;
 	}
 
+	debug2_f("download dir remote \"%s\" to local \"%s\"", src, dst);
+
 	if (dirattrib == NULL &&
 	    (dirattrib = do_stat(conn, src, 1)) == NULL) {
-		error("Unable to stat remote directory \"%s\"", src);
+		error("stat remote \"%s\" directory failed", src);
 		return -1;
 	}
 	if (!S_ISDIR(dirattrib->perm)) {
@@ -1723,8 +1761,8 @@ download_dir_internal(struct sftp_conn *conn, const char *src, const char *dst,
 		mode = dirattrib->perm & 01777;
 		tmpmode = mode | (S_IWUSR|S_IXUSR);
 	} else {
-		debug("Server did not send permissions for "
-		    "directory \"%s\"", dst);
+		debug("download remote \"%s\": server "
+		    "did not send permissions", dst);
 	}
 
 	if (mkdir(dst, tmpmode) == -1 && errno != EEXIST) {
@@ -1733,7 +1771,7 @@ download_dir_internal(struct sftp_conn *conn, const char *src, const char *dst,
 	}
 
 	if (do_readdir(conn, src, &dir_entries) == -1) {
-		error("%s: Failed to get directory contents", src);
+		error("remote readdir \"%s\" failed", src);
 		return -1;
 	}
 
@@ -1770,7 +1808,7 @@ download_dir_internal(struct sftp_conn *conn, const char *src, const char *dst,
 				ret = -1;
 			}
 		} else
-			logit("%s: not a regular file\n", new_src);
+			logit("download \"%s\": not a regular file", new_src);
 
 	}
 	free(new_dst);
@@ -1783,7 +1821,7 @@ download_dir_internal(struct sftp_conn *conn, const char *src, const char *dst,
 			tv[1].tv_sec = dirattrib->mtime;
 			tv[0].tv_usec = tv[1].tv_usec = 0;
 			if (utimes(dst, tv) == -1)
-				error("Can't set times on \"%s\": %s",
+				error("local set times on \"%s\": %s",
 				    dst, strerror(errno));
 		} else
 			debug("Server did not send times for directory "
@@ -1791,7 +1829,7 @@ download_dir_internal(struct sftp_conn *conn, const char *src, const char *dst,
 	}
 
 	if (mode != tmpmode && chmod(dst, mode) == -1)
-		error("Can't set final mode on \"%s\": %s", dst,
+		error("local chmod directory \"%s\": %s", dst,
 		    strerror(errno));
 
 	free_sftp_dirents(dir_entries);
@@ -1808,7 +1846,7 @@ download_dir(struct sftp_conn *conn, const char *src, const char *dst,
 	int ret;
 
 	if ((src_canon = do_realpath(conn, src)) == NULL) {
-		error("Unable to canonicalize path \"%s\"", src);
+		error("download \"%s\": path canonicalization failed", src);
 		return -1;
 	}
 
@@ -1838,21 +1876,22 @@ do_upload(struct sftp_conn *conn, const char *local_path,
 	struct requests acks;
 	size_t handle_len;
 
+	debug2_f("upload local \"%s\" to remote \"%s\"",
+	    local_path, remote_path);
+
 	TAILQ_INIT(&acks);
 
-	if ((local_fd = open(local_path, O_RDONLY, 0)) == -1) {
-		error("Couldn't open local file \"%s\" for reading: %s",
-		    local_path, strerror(errno));
+	if ((local_fd = open(local_path, O_RDONLY)) == -1) {
+		error("open local \"%s\": %s", local_path, strerror(errno));
 		return(-1);
 	}
 	if (fstat(local_fd, &sb) == -1) {
-		error("Couldn't fstat local file \"%s\": %s",
-		    local_path, strerror(errno));
+		error("fstat local \"%s\": %s", local_path, strerror(errno));
 		close(local_fd);
 		return(-1);
 	}
 	if (!S_ISREG(sb.st_mode)) {
-		error("%s is not a regular file", local_path);
+		error("local \"%s\" is not a regular file", local_path);
 		close(local_fd);
 		return(-1);
 	}
@@ -1872,8 +1911,8 @@ do_upload(struct sftp_conn *conn, const char *local_path,
 		}
 
 		if ((off_t)c->size >= sb.st_size) {
-			error("destination file bigger or same size as "
-			    "source file");
+			error("resume \"%s\": destination file "
+			    "same size or larger", local_path);
 			close(local_fd);
 			return -1;
 		}
@@ -1921,11 +1960,10 @@ do_upload(struct sftp_conn *conn, const char *local_path,
 		while ((len == -1) &&
 		    (errno == EINTR || errno == EAGAIN || errno == EWOULDBLOCK));
 
-		if (len == -1)
-			fatal("Couldn't read from \"%s\": %s", local_path,
-			    strerror(errno));
-
-		if (len != 0) {
+		if (len == -1) {
+			fatal("read local \"%s\": %s",
+			    local_path, strerror(errno));
+		} else if (len != 0) {
 			ack = request_enqueue(&acks, ++id, len, offset);
 			sshbuf_reset(msg);
 			if ((r = sshbuf_put_u8(msg, SSH2_FXP_WRITE)) != 0 ||
@@ -1983,14 +2021,12 @@ do_upload(struct sftp_conn *conn, const char *local_path,
 	free(data);
 
 	if (status != SSH2_FX_OK) {
-		error("Couldn't write to remote file \"%s\": %s",
-		    remote_path, fx2txt(status));
+		error("write remote \"%s\": %s", remote_path, fx2txt(status));
 		status = SSH2_FX_FAILURE;
 	}
 
 	if (close(local_fd) == -1) {
-		error("Couldn't close local file \"%s\": %s", local_path,
-		    strerror(errno));
+		error("close local \"%s\": %s", local_path, strerror(errno));
 		status = SSH2_FX_FAILURE;
 	}
 
@@ -2022,14 +2058,15 @@ upload_dir_internal(struct sftp_conn *conn, const char *src, const char *dst,
 	Attrib a, *dirattrib;
 	u_int32_t saved_perm;
 
+	debug2_f("upload local dir \"%s\" to remote \"%s\"", src, dst);
+
 	if (depth >= MAX_DIR_DEPTH) {
 		error("Maximum directory depth exceeded: %d levels", depth);
 		return -1;
 	}
 
 	if (stat(src, &sb) == -1) {
-		error("Couldn't stat directory \"%s\": %s",
-		    src, strerror(errno));
+		error("stat local \"%s\": %s", src, strerror(errno));
 		return -1;
 	}
 	if (!S_ISDIR(sb.st_mode)) {
@@ -2065,7 +2102,7 @@ upload_dir_internal(struct sftp_conn *conn, const char *src, const char *dst,
 	a.perm = saved_perm;
 
 	if ((dirp = opendir(src)) == NULL) {
-		error("Failed to open dir \"%s\": %s", src, strerror(errno));
+		error("local opendir \"%s\": %s", src, strerror(errno));
 		return -1;
 	}
 
@@ -2079,7 +2116,7 @@ upload_dir_internal(struct sftp_conn *conn, const char *src, const char *dst,
 		new_src = path_append(src, filename);
 
 		if (lstat(new_src, &sb) == -1) {
-			logit("%s: lstat failed: %s", filename,
+			logit("local lstat \"%s\": %s", filename,
 			    strerror(errno));
 			ret = -1;
 		} else if (S_ISDIR(sb.st_mode)) {
@@ -2095,12 +2132,12 @@ upload_dir_internal(struct sftp_conn *conn, const char *src, const char *dst,
 		    (follow_link_flag && S_ISLNK(sb.st_mode))) {
 			if (do_upload(conn, new_src, new_dst,
 			    preserve_flag, resume, fsync_flag) == -1) {
-				error("Uploading of file %s to %s failed!",
+				error("upload \"%s\" to \"%s\" failed",
 				    new_src, new_dst);
 				ret = -1;
 			}
 		} else
-			logit("%s: not a regular file\n", filename);
+			logit("%s: not a regular file", filename);
 	}
 	free(new_dst);
 	free(new_src);
@@ -2120,7 +2157,7 @@ upload_dir(struct sftp_conn *conn, const char *src, const char *dst,
 	int ret;
 
 	if ((dst_canon = do_realpath(conn, dst)) == NULL) {
-		error("Unable to canonicalize path \"%s\"", dst);
+		error("upload \"%s\": path canonicalization failed", dst);
 		return -1;
 	}
 
@@ -2195,6 +2232,7 @@ handle_dest_replies(struct sftp_conn *to, const char *to_path, int synchronous,
 		(*nreqsp)--;
 	}
 	debug3_f("done: %u outstanding replies", *nreqsp);
+	sshbuf_free(msg);
 }
 
 int
@@ -2214,6 +2252,8 @@ do_crossload(struct sftp_conn *from, struct sftp_conn *to,
 	struct request *req;
 	u_char type;
 
+	debug2_f("crossload src \"%s\" to dst \"%s\"", from_path, to_path);
+
 	TAILQ_INIT(&requests);
 
 	if (a == NULL && (a = do_stat(from, from_path, 0)) == NULL)
@@ -2221,7 +2261,7 @@ do_crossload(struct sftp_conn *from, struct sftp_conn *to,
 
 	if ((a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) &&
 	    (!S_ISREG(a->perm))) {
-		error("Cannot download non-regular file: %s", from_path);
+		error("download \"%s\": not a regular file", from_path);
 		return(-1);
 	}
 	if (a->flags & SSH2_FILEXFER_ATTR_SIZE)
@@ -2402,20 +2442,18 @@ do_crossload(struct sftp_conn *from, struct sftp_conn *to,
 		if (send_open(to, to_path, "dest",
 		    SSH2_FXF_WRITE|SSH2_FXF_CREAT|SSH2_FXF_TRUNC, a,
 		    &to_handle, &to_handle_len) != 0) {
-			error("truncation failed for \"%s\"", to_path);
+			error("dest truncate \"%s\" failed", to_path);
 			to_handle = NULL;
 		}
 	}
 	if (read_error) {
-		error("Couldn't read from origin file \"%s\" : %s",
-		    from_path, fx2txt(status));
+		error("read origin \"%s\": %s", from_path, fx2txt(status));
 		status = -1;
 		do_close(from, from_handle, from_handle_len);
 		if (to_handle != NULL)
 			do_close(to, to_handle, to_handle_len);
 	} else if (write_error) {
-		error("Couldn't write to \"%s\": %s",
-		    to_path, fx2txt(write_error));
+		error("write dest \"%s\": %s", to_path, fx2txt(write_error));
 		status = SSH2_FX_FAILURE;
 		do_close(from, from_handle, from_handle_len);
 		if (to_handle != NULL)
@@ -2452,6 +2490,8 @@ crossload_dir_internal(struct sftp_conn *from, struct sftp_conn *to,
 	mode_t mode = 0777;
 	Attrib curdir;
 
+	debug2_f("crossload dir src \"%s\" to dst \"%s\"", from_path, to_path);
+
 	if (depth >= MAX_DIR_DEPTH) {
 		error("Maximum directory depth exceeded: %d levels", depth);
 		return -1;
@@ -2459,7 +2499,7 @@ crossload_dir_internal(struct sftp_conn *from, struct sftp_conn *to,
 
 	if (dirattrib == NULL &&
 	    (dirattrib = do_stat(from, from_path, 1)) == NULL) {
-		error("Unable to stat remote directory \"%s\"", from_path);
+		error("stat remote \"%s\" failed", from_path);
 		return -1;
 	}
 	if (!S_ISDIR(dirattrib->perm)) {
@@ -2499,7 +2539,7 @@ crossload_dir_internal(struct sftp_conn *from, struct sftp_conn *to,
 	curdir.perm = mode;
 
 	if (do_readdir(from, from_path, &dir_entries) == -1) {
-		error("%s: Failed to get directory contents", from_path);
+		error("origin readdir \"%s\" failed", from_path);
 		return -1;
 	}
 
@@ -2530,13 +2570,14 @@ crossload_dir_internal(struct sftp_conn *from, struct sftp_conn *to,
 			if (do_crossload(from, to, new_from_path, new_to_path,
 			    S_ISLNK(dir_entries[i]->a.perm) ? NULL :
 			    &(dir_entries[i]->a), preserve_flag) == -1) {
-				error("Transfer of file %s to %s failed",
+				error("crossload \"%s\" to \"%s\" failed",
 				    new_from_path, new_to_path);
 				ret = -1;
 			}
-		} else
-			logit("%s: not a regular file\n", new_from_path);
-
+		} else {
+			logit("origin \"%s\": not a regular file",
+			    new_from_path);
+		}
 	}
 	free(new_to_path);
 	free(new_from_path);
@@ -2557,7 +2598,8 @@ crossload_dir(struct sftp_conn *from, struct sftp_conn *to,
 	int ret;
 
 	if ((from_path_canon = do_realpath(from, from_path)) == NULL) {
-		error("Unable to canonicalize path \"%s\"", from_path);
+		error("crossload \"%s\": path canonicalization failed",
+		    from_path);
 		return -1;
 	}
 
diff --git a/sftp-client.h b/sftp-client.h
index 7d0bd12ae5a3..8851b23b89b5 100644
--- a/sftp-client.h
+++ b/sftp-client.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: sftp-client.h,v 1.34 2021/08/09 23:47:44 djm Exp $ */
+/* $OpenBSD: sftp-client.h,v 1.35 2022/01/01 01:55:30 jsg Exp $ */
 
 /*
  * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org>
@@ -183,7 +183,7 @@ int crossload_dir(struct sftp_conn *from, struct sftp_conn *to,
 char *path_append(const char *, const char *);
 
 /* Make absolute path if relative path and CWD is given. Does not modify
- * original if the the path is already absolute. */
+ * original if the path is already absolute. */
 char *make_absolute(char *, const char *);
 
 /* Check if remote path is directory */
diff --git a/sftp-server.0 b/sftp-server.0
index 341f48df41c2..d362040d8ae7 100644
--- a/sftp-server.0
+++ b/sftp-server.0
@@ -95,4 +95,4 @@ HISTORY
 AUTHORS
      Markus Friedl <markus@openbsd.org>
 
-OpenBSD 6.9                      July 27, 2021                     OpenBSD 6.9
+OpenBSD 7.0                      July 27, 2021                     OpenBSD 7.0
diff --git a/sftp-server.c b/sftp-server.c
index 18d194911257..d4c6a3b4c39a 100644
--- a/sftp-server.c
+++ b/sftp-server.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sftp-server.c,v 1.129 2021/08/09 23:47:44 djm Exp $ */
+/* $OpenBSD: sftp-server.c,v 1.139 2022/02/01 23:32:51 djm Exp $ */
 /*
  * Copyright (c) 2000-2004 Markus Friedl.  All rights reserved.
  *
@@ -33,6 +33,9 @@
 #include <dirent.h>
 #include <errno.h>
 #include <fcntl.h>
+#ifdef HAVE_POLL_H
+#include <poll.h>
+#endif
 #include <pwd.h>
 #include <stdlib.h>
 #include <stdio.h>
@@ -517,7 +520,7 @@ send_msg(struct sshbuf *m)
 static const char *
 status_to_message(u_int32_t status)
 {
-	const char *status_messages[] = {
+	static const char * const status_messages[] = {
 		"Success",			/* SSH_FX_OK */
 		"End of file",			/* SSH_FX_EOF */
 		"No such file",			/* SSH_FX_NO_SUCH_FILE */
@@ -533,7 +536,7 @@ status_to_message(u_int32_t status)
 }
 
 static void
-send_status(u_int32_t id, u_int32_t status)
+send_status_errmsg(u_int32_t id, u_int32_t status, const char *errmsg)
 {
 	struct sshbuf *msg;
 	int r;
@@ -549,14 +552,21 @@ send_status(u_int32_t id, u_int32_t status)
 	    (r = sshbuf_put_u32(msg, status)) != 0)
 		fatal_fr(r, "compose");
 	if (version >= 3) {
-		if ((r = sshbuf_put_cstring(msg,
-		    status_to_message(status))) != 0 ||
+		if ((r = sshbuf_put_cstring(msg, errmsg == NULL ?
+		    status_to_message(status) : errmsg)) != 0 ||
 		    (r = sshbuf_put_cstring(msg, "")) != 0)
 			fatal_fr(r, "compose message");
 	}
 	send_msg(msg);
 	sshbuf_free(msg);
 }
+
+static void
+send_status(u_int32_t id, u_int32_t status)
+{
+	send_status_errmsg(id, status, NULL);
+}
+
 static void
 send_data_or_handle(char type, u_int32_t id, const u_char *data, int dlen)
 {
@@ -664,7 +674,7 @@ send_statvfs(u_int32_t id, struct statvfs *st)
 
 /*
  * Prepare SSH2_FXP_VERSION extension advertisement for a single extension.
- * The extension is checked for permission prior to advertisment.
+ * The extension is checked for permission prior to advertisement.
  */
 static int
 compose_extension(struct sshbuf *msg, const char *name, const char *ver)
@@ -701,7 +711,7 @@ process_init(void)
 	    (r = sshbuf_put_u32(msg, SSH2_FILEXFER_VERSION)) != 0)
 		fatal_fr(r, "compose");
 
-	 /* extension advertisments */
+	 /* extension advertisements */
 	compose_extension(msg, "posix-rename@openssh.com", "1");
 	compose_extension(msg, "statvfs@openssh.com", "2");
 	compose_extension(msg, "fstatvfs@openssh.com", "2");
@@ -1553,10 +1563,12 @@ process_extended_expand(u_int32_t id)
 			npath = xstrdup(path + 2);
 			free(path);
 			xasprintf(&path, "%s/%s", cwd, npath);
+			free(npath);
 		} else {
 			/* ~user expansions */
 			if (tilde_expand(path, pw->pw_uid, &npath) != 0) {
-				send_status(id, errno_to_portable(EINVAL));
+				send_status_errmsg(id,
+				    errno_to_portable(ENOENT), "no such user");
 				goto out;
 			}
 			free(path);
@@ -1707,9 +1719,8 @@ sftp_server_usage(void)
 int
 sftp_server_main(int argc, char **argv, struct passwd *user_pw)
 {
-	fd_set *rset, *wset;
-	int i, r, in, out, max, ch, skipargs = 0, log_stderr = 0;
-	ssize_t len, olen, set_size;
+	int i, r, in, out, ch, skipargs = 0, log_stderr = 0;
+	ssize_t len, olen;
 	SyslogFacility log_facility = SYSLOG_FACILITY_AUTH;
 	char *cp, *homedir = NULL, uidstr[32], buf[4*4096];
 	long mask;
@@ -1826,20 +1837,11 @@ sftp_server_main(int argc, char **argv, struct passwd *user_pw)
 	setmode(out, O_BINARY);
 #endif
 
-	max = 0;
-	if (in > max)
-		max = in;
-	if (out > max)
-		max = out;
-
 	if ((iqueue = sshbuf_new()) == NULL)
 		fatal_f("sshbuf_new failed");
 	if ((oqueue = sshbuf_new()) == NULL)
 		fatal_f("sshbuf_new failed");
 
-	rset = xcalloc(howmany(max + 1, NFDBITS), sizeof(fd_mask));
-	wset = xcalloc(howmany(max + 1, NFDBITS), sizeof(fd_mask));
-
 	if (homedir != NULL) {
 		if (chdir(homedir) != 0) {
 			error("chdir to \"%s\" failed: %s", homedir,
@@ -1847,10 +1849,11 @@ sftp_server_main(int argc, char **argv, struct passwd *user_pw)
 		}
 	}
 
-	set_size = howmany(max + 1, NFDBITS) * sizeof(fd_mask);
 	for (;;) {
-		memset(rset, 0, set_size);
-		memset(wset, 0, set_size);
+		struct pollfd pfd[2];
+
+		memset(pfd, 0, sizeof pfd);
+		pfd[0].fd = pfd[1].fd = -1;
 
 		/*
 		 * Ensure that we can read a full buffer and handle
@@ -1859,40 +1862,52 @@ sftp_server_main(int argc, char **argv, struct passwd *user_pw)
 		 */
 		if ((r = sshbuf_check_reserve(iqueue, sizeof(buf))) == 0 &&
 		    (r = sshbuf_check_reserve(oqueue,
-		    SFTP_MAX_MSG_LENGTH)) == 0)
-			FD_SET(in, rset);
+		    SFTP_MAX_MSG_LENGTH)) == 0) {
+			pfd[0].fd = in;
+			pfd[0].events = POLLIN;
+		}
 		else if (r != SSH_ERR_NO_BUFFER_SPACE)
 			fatal_fr(r, "reserve");
 
 		olen = sshbuf_len(oqueue);
-		if (olen > 0)
-			FD_SET(out, wset);
+		if (olen > 0) {
+			pfd[1].fd = out;
+			pfd[1].events = POLLOUT;
+		}
 
-		if (select(max+1, rset, wset, NULL, NULL) == -1) {
+		if (poll(pfd, 2, -1) == -1) {
 			if (errno == EINTR)
 				continue;
-			error("select: %s", strerror(errno));
+			error("poll: %s", strerror(errno));
 			sftp_server_cleanup_exit(2);
 		}
 
 		/* copy stdin to iqueue */
-		if (FD_ISSET(in, rset)) {
+		if (pfd[0].revents & (POLLIN|POLLHUP)) {
 			len = read(in, buf, sizeof buf);
 			if (len == 0) {
 				debug("read eof");
 				sftp_server_cleanup_exit(0);
 			} else if (len == -1) {
-				error("read: %s", strerror(errno));
-				sftp_server_cleanup_exit(1);
+				if (errno != EAGAIN && errno != EINTR) {
+					error("read: %s", strerror(errno));
+					sftp_server_cleanup_exit(1);
+				}
 			} else if ((r = sshbuf_put(iqueue, buf, len)) != 0)
 				fatal_fr(r, "sshbuf_put");
 		}
 		/* send oqueue to stdout */
-		if (FD_ISSET(out, wset)) {
+		if (pfd[1].revents & (POLLOUT|POLLHUP)) {
 			len = write(out, sshbuf_ptr(oqueue), olen);
-			if (len == -1) {
-				error("write: %s", strerror(errno));
+			if (len == 0 || (len == -1 && errno == EPIPE)) {
+				debug("write eof");
+				sftp_server_cleanup_exit(0);
+			} else if (len == -1) {
 				sftp_server_cleanup_exit(1);
+				if (errno != EAGAIN && errno != EINTR) {
+					error("write: %s", strerror(errno));
+					sftp_server_cleanup_exit(1);
+				}
 			} else if ((r = sshbuf_consume(oqueue, len)) != 0)
 				fatal_fr(r, "consume");
 		}
diff --git a/sftp.0 b/sftp.0
index 3a340f68d961..0b21e19f455e 100644
--- a/sftp.0
+++ b/sftp.0
@@ -408,4 +408,4 @@ SEE ALSO
      T. Ylonen and S. Lehtinen, SSH File Transfer Protocol, draft-ietf-secsh-
      filexfer-00.txt, January 2001, work in progress material.
 
-OpenBSD 6.9                      July 2, 2021                      OpenBSD 6.9
+OpenBSD 7.0                      July 2, 2021                      OpenBSD 7.0
diff --git a/sftp.c b/sftp.c
index 418f312f7bc6..8cb5917a91f1 100644
--- a/sftp.c
+++ b/sftp.c
@@ -22,7 +22,6 @@
 #ifdef HAVE_SYS_STAT_H
 # include <sys/stat.h>
 #endif
-#include <sys/param.h>
 #include <sys/socket.h>
 #include <sys/wait.h>
 #ifdef HAVE_SYS_STATVFS_H
diff --git a/sk-api.h b/sk-api.h
index 74921d4c3b99..34e110b4e320 100644
--- a/sk-api.h
+++ b/sk-api.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: sk-api.h,v 1.12 2021/02/18 02:15:07 djm Exp $ */
+/* $OpenBSD: sk-api.h,v 1.14 2021/11/02 22:56:40 djm Exp $ */
 /*
  * Copyright (c) 2019 Google LLC
  *
@@ -39,6 +39,7 @@
 #define SSH_SK_ERR_DEVICE_NOT_FOUND	-4
 
 struct sk_enroll_response {
+	uint8_t flags;
 	uint8_t *public_key;
 	size_t public_key_len;
 	uint8_t *key_handle;
@@ -66,6 +67,8 @@ struct sk_resident_key {
 	char *application;
 	struct sk_enroll_response key;
 	uint8_t flags;
+	uint8_t *user_id;
+	size_t user_id_len;
 };
 
 struct sk_option {
@@ -74,7 +77,7 @@ struct sk_option {
 	uint8_t required;
 };
 
-#define SSH_SK_VERSION_MAJOR		0x00070000 /* current API version */
+#define SSH_SK_VERSION_MAJOR		0x00090000 /* current API version */
 #define SSH_SK_VERSION_MAJOR_MASK	0xffff0000
 
 /* Return the version of the middleware API */
diff --git a/sk-usbhid.c b/sk-usbhid.c
index 438980889cb2..2d36ac337ffa 100644
--- a/sk-usbhid.c
+++ b/sk-usbhid.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sk-usbhid.c,v 1.30 2021/05/31 06:48:42 djm Exp $ */
+/* $OpenBSD: sk-usbhid.c,v 1.38 2022/02/07 01:25:12 djm Exp $ */
 /*
  * Copyright (c) 2019 Markus Friedl
  * Copyright (c) 2020 Pedro Martelletto
@@ -31,6 +31,15 @@
 #include <sha2.h>
 #endif
 
+/*
+ * Almost every use of OpenSSL in this file is for ECDSA-NISTP256.
+ * This is strictly a larger hammer than necessary, but it reduces changes
+ * with upstream.
+ */
+#ifndef OPENSSL_HAS_ECC
+# undef WITH_OPENSSL
+#endif
+
 #ifdef WITH_OPENSSL
 #include <openssl/opensslv.h>
 #include <openssl/crypto.h>
@@ -103,6 +112,9 @@
 		(*ps) = sig->s; \
 	} while (0)
 #endif
+#ifndef FIDO_ERR_OPERATION_DENIED
+#define FIDO_ERR_OPERATION_DENIED 0x27
+#endif
 
 struct sk_usbhid {
 	fido_dev_t *dev;
@@ -300,12 +312,16 @@ sk_touch_poll(struct sk_usbhid **skv, size_t nsk, int *touch, size_t *idx)
 	return 0;
 }
 
+#if !defined(HAVE_FIDO_ASSERT_SET_CLIENTDATA) || \
+    !defined(HAVE_FIDO_CRED_SET_CLIENTDATA)
 /* Calculate SHA256(m) */
 static int
 sha256_mem(const void *m, size_t mlen, u_char *d, size_t dlen)
 {
 #ifdef WITH_OPENSSL
 	u_int mdlen;
+#else
+	SHA2_CTX ctx;
 #endif
 
 	if (dlen != 32)
@@ -315,10 +331,55 @@ sha256_mem(const void *m, size_t mlen, u_char *d, size_t dlen)
 	if (!EVP_Digest(m, mlen, d, &mdlen, EVP_sha256(), NULL))
 		return -1;
 #else
-	SHA256Data(m, mlen, d);
+	SHA256Init(&ctx);
+	SHA256Update(&ctx, (const uint8_t *)m, mlen);
+	SHA256Final(d, &ctx);
 #endif
 	return 0;
 }
+#endif /* !HAVE_FIDO_ASSERT_SET_CLIENTDATA || !HAVE_FIDO_CRED_SET_CLIENTDATA */
+
+#ifndef HAVE_FIDO_CRED_SET_CLIENTDATA
+static int
+fido_cred_set_clientdata(fido_cred_t *cred, const u_char *ptr, size_t len)
+{
+	uint8_t d[32];
+	int r;
+
+	if (sha256_mem(ptr, len, d, sizeof(d)) != 0) {
+		skdebug(__func__, "hash challenge failed");
+		return FIDO_ERR_INTERNAL;
+	}
+	r = fido_cred_set_clientdata_hash(cred, d, sizeof(d));
+	explicit_bzero(d, sizeof(d));
+	if (r != FIDO_OK) {
+		skdebug(__func__, "fido_cred_set_clientdata_hash failed: %s",
+		    fido_strerr(r));
+	}
+	return r;
+}
+#endif /* HAVE_FIDO_CRED_SET_CLIENTDATA */
+
+#ifndef HAVE_FIDO_ASSERT_SET_CLIENTDATA
+static int
+fido_assert_set_clientdata(fido_assert_t *assert, const u_char *ptr, size_t len)
+{
+	uint8_t d[32];
+	int r;
+
+	if (sha256_mem(ptr, len, d, sizeof(d)) != 0) {
+		skdebug(__func__, "hash challenge failed");
+		return FIDO_ERR_INTERNAL;
+	}
+	r = fido_assert_set_clientdata_hash(assert, d, sizeof(d));
+	explicit_bzero(d, sizeof(d));
+	if (r != FIDO_OK) {
+		skdebug(__func__, "fido_assert_set_clientdata_hash failed: %s",
+		    fido_strerr(r));
+	}
+	return r;
+}
+#endif /* HAVE_FIDO_ASSERT_SET_CLIENTDATA */
 
 /* Check if the specified key handle exists on a given sk. */
 static int
@@ -326,20 +387,16 @@ sk_try(const struct sk_usbhid *sk, const char *application,
     const uint8_t *key_handle, size_t key_handle_len)
 {
 	fido_assert_t *assert = NULL;
-	/* generate an invalid signature on FIDO2 tokens */
-	const char *data = "";
-	uint8_t message[32];
 	int r = FIDO_ERR_INTERNAL;
+	uint8_t message[32];
 
-	if (sha256_mem(data, strlen(data), message, sizeof(message)) != 0) {
-		skdebug(__func__, "hash message failed");
-		goto out;
-	}
+	memset(message, '\0', sizeof(message));
 	if ((assert = fido_assert_new()) == NULL) {
 		skdebug(__func__, "fido_assert_new failed");
 		goto out;
 	}
-	if ((r = fido_assert_set_clientdata_hash(assert, message,
+	/* generate an invalid signature on FIDO2 tokens */
+	if ((r = fido_assert_set_clientdata(assert, message,
 	    sizeof(message))) != FIDO_OK) {
 		skdebug(__func__, "fido_assert_set_clientdata_hash: %s",
 		    fido_strerr(r));
@@ -370,18 +427,62 @@ sk_try(const struct sk_usbhid *sk, const char *application,
 	return r != FIDO_OK ? -1 : 0;
 }
 
+static int
+check_sk_options(fido_dev_t *dev, const char *opt, int *ret)
+{
+	fido_cbor_info_t *info;
+	char * const *name;
+	const bool *value;
+	size_t len, i;
+	int r;
+
+	*ret = -1;
+
+	if (!fido_dev_is_fido2(dev)) {
+		skdebug(__func__, "device is not fido2");
+		return 0;
+	}
+	if ((info = fido_cbor_info_new()) == NULL) {
+		skdebug(__func__, "fido_cbor_info_new failed");
+		return -1;
+	}
+	if ((r = fido_dev_get_cbor_info(dev, info)) != FIDO_OK) {
+		skdebug(__func__, "fido_dev_get_cbor_info: %s", fido_strerr(r));
+		fido_cbor_info_free(&info);
+		return -1;
+	}
+	name = fido_cbor_info_options_name_ptr(info);
+	value = fido_cbor_info_options_value_ptr(info);
+	len = fido_cbor_info_options_len(info);
+	for (i = 0; i < len; i++) {
+		if (!strcmp(name[i], opt)) {
+			*ret = value[i];
+			break;
+		}
+	}
+	fido_cbor_info_free(&info);
+	if (*ret == -1)
+		skdebug(__func__, "option %s is unknown", opt);
+	else
+		skdebug(__func__, "option %s is %s", opt, *ret ? "on" : "off");
+
+	return 0;
+}
+
 static struct sk_usbhid *
 sk_select_by_cred(const fido_dev_info_t *devlist, size_t ndevs,
     const char *application, const uint8_t *key_handle, size_t key_handle_len)
 {
 	struct sk_usbhid **skv, *sk;
 	size_t skvcnt, i;
+	int internal_uv;
 
 	if ((skv = sk_openv(devlist, ndevs, &skvcnt)) == NULL) {
 		skdebug(__func__, "sk_openv failed");
 		return NULL;
 	}
-	if (skvcnt == 1) {
+	if (skvcnt == 1 && check_sk_options(skv[0]->dev, "uv",
+	    &internal_uv) == 0 && internal_uv != -1) {
 		sk = skv[0];
 		skv[0] = NULL;
 		goto out;
@@ -621,6 +722,7 @@ fidoerr_to_skerr(int fidoerr)
 		return SSH_SK_ERR_UNSUPPORTED;
 	case FIDO_ERR_PIN_REQUIRED:
 	case FIDO_ERR_PIN_INVALID:
+	case FIDO_ERR_OPERATION_DENIED:
 		return SSH_SK_ERR_PIN_REQUIRED;
 	default:
 		return -1;
@@ -669,11 +771,12 @@ sk_enroll(uint32_t alg, const uint8_t *challenge, size_t challenge_len,
 {
 	fido_cred_t *cred = NULL;
 	const uint8_t *ptr;
-	uint8_t user_id[32], chall_hash[32];
+	uint8_t user_id[32];
 	struct sk_usbhid *sk = NULL;
 	struct sk_enroll_response *response = NULL;
 	size_t len;
 	int credprot;
+	int internal_uv;
 	int cose_alg;
 	int ret = SSH_SK_ERR_GENERAL;
 	int r;
@@ -709,6 +812,7 @@ sk_enroll(uint32_t alg, const uint8_t *challenge, size_t challenge_len,
 	else
 		sk = sk_probe(NULL, NULL, 0);
 	if (sk == NULL) {
+		ret = SSH_SK_ERR_DEVICE_NOT_FOUND;
 		skdebug(__func__, "failed to find sk");
 		goto out;
 	}
@@ -721,14 +825,9 @@ sk_enroll(uint32_t alg, const uint8_t *challenge, size_t challenge_len,
 		skdebug(__func__, "fido_cred_set_type: %s", fido_strerr(r));
 		goto out;
 	}
-	if (sha256_mem(challenge, challenge_len,
-	    chall_hash, sizeof(chall_hash)) != 0) {
-		skdebug(__func__, "hash challenge failed");
-		goto out;
-	}
-	if ((r = fido_cred_set_clientdata_hash(cred, chall_hash,
-	    sizeof(chall_hash))) != FIDO_OK) {
-		skdebug(__func__, "fido_cred_set_clientdata_hash: %s",
+	if ((r = fido_cred_set_clientdata(cred,
+	    challenge, challenge_len)) != FIDO_OK) {
+		skdebug(__func__, "fido_cred_set_clientdata: %s",
 		    fido_strerr(r));
 		goto out;
 	}
@@ -796,6 +895,14 @@ sk_enroll(uint32_t alg, const uint8_t *challenge, size_t challenge_len,
 		skdebug(__func__, "calloc response failed");
 		goto out;
 	}
+	response->flags = flags;
+	if ((flags & SSH_SK_USER_VERIFICATION_REQD)) {
+		if (check_sk_options(sk->dev, "uv", &internal_uv) == 0 &&
+		    internal_uv != -1) {
+			/* user verification handled by token */
+			response->flags &= ~SSH_SK_USER_VERIFICATION_REQD;
+		}
+	}
 	if (pack_public_key(alg, cred, response) != 0) {
 		skdebug(__func__, "pack_public_key failed");
 		goto out;
@@ -977,8 +1084,7 @@ sk_sign(uint32_t alg, const uint8_t *data, size_t datalen,
 	char *device = NULL;
 	struct sk_usbhid *sk = NULL;
 	struct sk_sign_response *response = NULL;
-	uint8_t message[32];
-	int ret = SSH_SK_ERR_GENERAL;
+	int ret = SSH_SK_ERR_GENERAL, internal_uv;
 	int r;
 
 	fido_init(SSH_FIDO_INIT_ARG);
@@ -990,11 +1096,6 @@ sk_sign(uint32_t alg, const uint8_t *data, size_t datalen,
 	*sign_response = NULL;
 	if (check_sign_load_resident_options(options, &device) != 0)
 		goto out; /* error already logged */
-	/* hash data to be signed before it goes to the security key */
-	if ((r = sha256_mem(data, datalen, message, sizeof(message))) != 0) {
-		skdebug(__func__, "hash message failed");
-		goto out;
-	}
 	if (device != NULL)
 		sk = sk_open(device);
 	else if (pin != NULL || (flags & SSH_SK_USER_VERIFICATION_REQD))
@@ -1002,6 +1103,7 @@ sk_sign(uint32_t alg, const uint8_t *data, size_t datalen,
 	else
 		sk = sk_probe(application, key_handle, key_handle_len);
 	if (sk == NULL) {
+		ret = SSH_SK_ERR_DEVICE_NOT_FOUND;
 		skdebug(__func__, "failed to find sk");
 		goto out;
 	}
@@ -1009,9 +1111,9 @@ sk_sign(uint32_t alg, const uint8_t *data, size_t datalen,
 		skdebug(__func__, "fido_assert_new failed");
 		goto out;
 	}
-	if ((r = fido_assert_set_clientdata_hash(assert, message,
-	    sizeof(message))) != FIDO_OK) {
-		skdebug(__func__, "fido_assert_set_clientdata_hash: %s",
+	if ((r = fido_assert_set_clientdata(assert,
+	    data, datalen)) != FIDO_OK)  {
+		skdebug(__func__, "fido_assert_set_clientdata: %s",
 		    fido_strerr(r));
 		goto out;
 	}
@@ -1030,11 +1132,20 @@ sk_sign(uint32_t alg, const uint8_t *data, size_t datalen,
 		skdebug(__func__, "fido_assert_set_up: %s", fido_strerr(r));
 		goto out;
 	}
-	if (pin == NULL && (flags & SSH_SK_USER_VERIFICATION_REQD) &&
-	    (r = fido_assert_set_uv(assert, FIDO_OPT_TRUE)) != FIDO_OK) {
-		skdebug(__func__, "fido_assert_set_uv: %s", fido_strerr(r));
-		ret = FIDO_ERR_PIN_REQUIRED;
-		goto out;
+	if (pin == NULL && (flags & SSH_SK_USER_VERIFICATION_REQD)) {
+		if (check_sk_options(sk->dev, "uv", &internal_uv) < 0 ||
+		    internal_uv != 1) {
+			skdebug(__func__, "check_sk_options uv");
+			ret = SSH_SK_ERR_PIN_REQUIRED;
+			goto out;
+		}
+		if ((r = fido_assert_set_uv(assert,
+		    FIDO_OPT_TRUE)) != FIDO_OK) {
+			skdebug(__func__, "fido_assert_set_uv: %s",
+			    fido_strerr(r));
+			ret = fidoerr_to_skerr(r);
+			goto out;
+		}
 	}
 	if ((r = fido_dev_get_assert(sk->dev, assert, pin)) != FIDO_OK) {
 		skdebug(__func__, "fido_dev_get_assert: %s", fido_strerr(r));
@@ -1055,7 +1166,6 @@ sk_sign(uint32_t alg, const uint8_t *data, size_t datalen,
 	response = NULL;
 	ret = 0;
  out:
-	explicit_bzero(message, sizeof(message));
 	free(device);
 	if (response != NULL) {
 		free(response->sig_r);
@@ -1071,13 +1181,15 @@ static int
 read_rks(struct sk_usbhid *sk, const char *pin,
     struct sk_resident_key ***rksp, size_t *nrksp)
 {
-	int ret = SSH_SK_ERR_GENERAL, r = -1;
+	int ret = SSH_SK_ERR_GENERAL, r = -1, internal_uv;
 	fido_credman_metadata_t *metadata = NULL;
 	fido_credman_rp_t *rp = NULL;
 	fido_credman_rk_t *rk = NULL;
-	size_t i, j, nrp, nrk;
+	size_t i, j, nrp, nrk, user_id_len;
 	const fido_cred_t *cred;
+	const char *rp_id, *rp_name, *user_name;
 	struct sk_resident_key *srk = NULL, **tmp;
+	const u_char *user_id;
 
 	if (pin == NULL) {
 		skdebug(__func__, "no PIN specified");
@@ -1088,6 +1200,10 @@ read_rks(struct sk_usbhid *sk, const char *pin,
 		skdebug(__func__, "alloc failed");
 		goto out;
 	}
+	if (check_sk_options(sk->dev, "uv", &internal_uv) != 0) {
+		skdebug(__func__, "check_sk_options failed");
+		goto out;
+	}
 
 	if ((r = fido_credman_get_dev_metadata(sk->dev, metadata, pin)) != 0) {
 		if (r == FIDO_ERR_INVALID_COMMAND) {
@@ -1119,12 +1235,16 @@ read_rks(struct sk_usbhid *sk, const char *pin,
 
 	/* Iterate over RP IDs that have resident keys */
 	for (i = 0; i < nrp; i++) {
+		rp_id = fido_credman_rp_id(rp, i);
+		rp_name = fido_credman_rp_name(rp, i);
 		skdebug(__func__, "rp %zu: name=\"%s\" id=\"%s\" hashlen=%zu",
-		    i, fido_credman_rp_name(rp, i), fido_credman_rp_id(rp, i),
+		    i, rp_name == NULL ? "(none)" : rp_name,
+		    rp_id == NULL ? "(none)" : rp_id,
 		    fido_credman_rp_id_hash_len(rp, i));
 
 		/* Skip non-SSH RP IDs */
-		if (strncasecmp(fido_credman_rp_id(rp, i), "ssh:", 4) != 0)
+		if (rp_id == NULL ||
+		    strncasecmp(fido_credman_rp_id(rp, i), "ssh:", 4) != 0)
 			continue;
 
 		fido_credman_rk_free(&rk);
@@ -1148,17 +1268,23 @@ read_rks(struct sk_usbhid *sk, const char *pin,
 				skdebug(__func__, "no RK in slot %zu", j);
 				continue;
 			}
-			skdebug(__func__, "Device %s RP \"%s\" slot %zu: "
-			    "type %d flags 0x%02x prot 0x%02x", sk->path,
-			    fido_credman_rp_id(rp, i), j, fido_cred_type(cred),
+			if ((user_name = fido_cred_user_name(cred)) == NULL)
+				user_name = "";
+			user_id = fido_cred_user_id_ptr(cred);
+			user_id_len = fido_cred_user_id_len(cred);
+			skdebug(__func__, "Device %s RP \"%s\" user \"%s\" "
+			    "uidlen %zu slot %zu: type %d flags 0x%02x "
+			    "prot 0x%02x", sk->path, rp_id, user_name,
+			    user_id_len, j, fido_cred_type(cred),
 			    fido_cred_flags(cred), fido_cred_prot(cred));
 
 			/* build response entry */
 			if ((srk = calloc(1, sizeof(*srk))) == NULL ||
 			    (srk->key.key_handle = calloc(1,
 			    fido_cred_id_len(cred))) == NULL ||
-			    (srk->application = strdup(fido_credman_rp_id(rp,
-			    i))) == NULL) {
+			    (srk->application = strdup(rp_id)) == NULL ||
+			    (user_id_len > 0 &&
+			     (srk->user_id = calloc(1, user_id_len)) == NULL)) {
 				skdebug(__func__, "alloc sk_resident_key");
 				goto out;
 			}
@@ -1166,6 +1292,9 @@ read_rks(struct sk_usbhid *sk, const char *pin,
 			srk->key.key_handle_len = fido_cred_id_len(cred);
 			memcpy(srk->key.key_handle, fido_cred_id_ptr(cred),
 			    srk->key.key_handle_len);
+			srk->user_id_len = user_id_len;
+			if (srk->user_id_len != 0)
+				memcpy(srk->user_id, user_id, srk->user_id_len);
 
 			switch (fido_cred_type(cred)) {
 			case COSE_ES256:
@@ -1180,7 +1309,8 @@ read_rks(struct sk_usbhid *sk, const char *pin,
 				goto out; /* XXX free rk and continue */
 			}
 
-			if (fido_cred_prot(cred) == FIDO_CRED_PROT_UV_REQUIRED)
+			if (fido_cred_prot(cred) == FIDO_CRED_PROT_UV_REQUIRED
+			    && internal_uv == -1)
 				srk->flags |=  SSH_SK_USER_VERIFICATION_REQD;
 
 			if ((r = pack_public_key(srk->alg, cred,
@@ -1206,6 +1336,7 @@ read_rks(struct sk_usbhid *sk, const char *pin,
 		free(srk->application);
 		freezero(srk->key.public_key, srk->key.public_key_len);
 		freezero(srk->key.key_handle, srk->key.key_handle_len);
+		freezero(srk->user_id, srk->user_id_len);
 		freezero(srk, sizeof(*srk));
 	}
 	fido_credman_rp_free(&rp);
@@ -1236,6 +1367,7 @@ sk_load_resident_keys(const char *pin, struct sk_option **options,
 	else
 		sk = sk_probe(NULL, NULL, 0);
 	if (sk == NULL) {
+		ret = SSH_SK_ERR_DEVICE_NOT_FOUND;
 		skdebug(__func__, "failed to find sk");
 		goto out;
 	}
@@ -1258,6 +1390,7 @@ sk_load_resident_keys(const char *pin, struct sk_option **options,
 		free(rks[i]->application);
 		freezero(rks[i]->key.public_key, rks[i]->key.public_key_len);
 		freezero(rks[i]->key.key_handle, rks[i]->key.key_handle_len);
+		freezero(rks[i]->user_id, rks[i]->user_id_len);
 		freezero(rks[i], sizeof(*rks[i]));
 	}
 	free(rks);
diff --git a/ssh-add.0 b/ssh-add.0
index d955d3237127..fc2836b93d0c 100644
--- a/ssh-add.0
+++ b/ssh-add.0
@@ -4,8 +4,8 @@ NAME
      ssh-add M-bM-^@M-^S adds private key identities to the OpenSSH authentication agent
 
 SYNOPSIS
-     ssh-add [-cDdKkLlqvXx] [-E fingerprint_hash] [-S provider] [-t life]
-             [file ...]
+     ssh-add [-cDdKkLlqvXx] [-E fingerprint_hash] [-H hostkey_file]
+             [-h destination_constraint] [-S provider] [-t life] [file ...]
      ssh-add -s pkcs11
      ssh-add -e pkcs11
      ssh-add -T pubkey ...
@@ -13,11 +13,11 @@ SYNOPSIS
 DESCRIPTION
      ssh-add adds private key identities to the authentication agent,
      ssh-agent(1).  When run without arguments, it adds the files
-     ~/.ssh/id_rsa, ~/.ssh/id_dsa, ~/.ssh/id_ecdsa, ~/.ssh/id_ecdsa_sk,
-     ~/.ssh/id_ed25519, and ~/.ssh/id_ed25519_sk.  After loading a private
-     key, ssh-add will try to load corresponding certificate information from
-     the filename obtained by appending -cert.pub to the name of the private
-     key file.  Alternative file names can be given on the command line.
+     ~/.ssh/id_rsa, ~/.ssh/id_ecdsa, ~/.ssh/id_ecdsa_sk, ~/.ssh/id_ed25519,
+     ~/.ssh/id_ed25519_sk, and ~/.ssh/id_dsa.  After loading a private key,
+     ssh-add will try to load corresponding certificate information from the
+     filename obtained by appending -cert.pub to the name of the private key
+     file.  Alternative file names can be given on the command line.
 
      If any file requires a passphrase, ssh-add asks for the passphrase from
      the user.  The passphrase is read from the user's tty.  ssh-add retries
@@ -55,6 +55,57 @@ DESCRIPTION
      -e pkcs11
              Remove keys provided by the PKCS#11 shared library pkcs11.
 
+     -H hostkey_file
+             Specifies a known hosts file to look up hostkeys when using
+             destination-constrained keys via the -h flag.  This option may be
+             specified multiple times to allow multiple files to be searched.
+             If no files are specified, ssh-add will use the default
+             ssh_config(5) known hosts files: ~/.ssh/known_hosts,
+             ~/.ssh/known_hosts2, /etc/ssh/ssh_known_hosts, and
+             /etc/ssh/ssh_known_hosts2.
+
+     -h destination_constraint
+             When adding keys, constrain them to be usable only through
+             specific hosts or to specific destinations.
+
+             Destination constraints of the form M-bM-^@M-^X[user@]dest-hostnameM-bM-^@M-^Y permit
+             use of the key only from the origin host (the one running
+             ssh-agent(1)) to the listed destination host, with optional user
+             name.
+
+             Constraints of the form M-bM-^@M-^Xsrc-hostname>[user@]dst-hostnameM-bM-^@M-^Y allow
+             a key available on a forwarded ssh-agent(1) to be used through a
+             particular host (as specified by M-bM-^@M-^Xsrc-hostnameM-bM-^@M-^Y) to authenticate
+             to a further host, specified by M-bM-^@M-^Xdst-hostnameM-bM-^@M-^Y.
+
+             Multiple destination constraints may be added when loading keys.
+             When attempting authentication with a key that has destination
+             constraints, the whole connection path, including ssh-agent(1)
+             forwarding, is tested against those constraints and each hop must
+             be permitted for the attempt to succeed.  For example, if key is
+             forwarded to a remote host, M-bM-^@M-^Xhost-bM-bM-^@M-^Y, and is attempting
+             authentication to another host, M-bM-^@M-^Xhost-cM-bM-^@M-^Y, then the operation will
+             be successful only if M-bM-^@M-^Xhost-bM-bM-^@M-^Y was permitted from the origin host
+             and the subsequent M-bM-^@M-^Xhost-b>host-cM-bM-^@M-^Y hop is also permitted by
+             destination constraints.
+
+             Hosts are identified by their host keys, and are looked up from
+             known hosts files by ssh-add.  Wildcards patterns may be used for
+             hostnames and certificate host keys are supported.  By default,
+             keys added by ssh-add are not destination constrained.
+
+             Destination constraints were added in OpenSSH release 8.9.
+             Support in both the remote SSH client and server is required when
+             using destination-constrained keys over a forwarded ssh-agent(1)
+             channel.
+
+             It is also important to note that destination constraints can
+             only be enforced by ssh-agent(1) when a key is used, or when it
+             is forwarded by a cooperating ssh(1).  Specifically, it does not
+             prevent an attacker with access to a remote SSH_AUTH_SOCK from
+             forwarding it again and using it on a different host (but only to
+             a permitted destination).
+
      -K      Load resident keys from a FIDO authenticator.
 
      -k      When loading keys into or deleting keys from the agent, process
@@ -149,4 +200,4 @@ AUTHORS
      created OpenSSH.  Markus Friedl contributed the support for SSH protocol
      versions 1.5 and 2.0.
 
-OpenBSD 6.9                      July 14, 2020                     OpenBSD 6.9
+OpenBSD 7.0                    February 4, 2022                    OpenBSD 7.0
diff --git a/ssh-add.1 b/ssh-add.1
index 2786df514178..4601f5981cd3 100644
--- a/ssh-add.1
+++ b/ssh-add.1
@@ -1,4 +1,4 @@
-.\"	$OpenBSD: ssh-add.1,v 1.81 2020/07/14 23:57:01 djm Exp $
+.\"	$OpenBSD: ssh-add.1,v 1.84 2022/02/04 02:49:17 dtucker Exp $
 .\"
 .\" Author: Tatu Ylonen <ylo@cs.hut.fi>
 .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -35,7 +35,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: July 14 2020 $
+.Dd $Mdocdate: February 4 2022 $
 .Dt SSH-ADD 1
 .Os
 .Sh NAME
@@ -45,6 +45,8 @@
 .Nm ssh-add
 .Op Fl cDdKkLlqvXx
 .Op Fl E Ar fingerprint_hash
+.Op Fl H Ar hostkey_file
+.Op Fl h Ar destination_constraint
 .Op Fl S Ar provider
 .Op Fl t Ar life
 .Op Ar
@@ -61,12 +63,12 @@ adds private key identities to the authentication agent,
 .Xr ssh-agent 1 .
 When run without arguments, it adds the files
 .Pa ~/.ssh/id_rsa ,
-.Pa ~/.ssh/id_dsa ,
 .Pa ~/.ssh/id_ecdsa ,
 .Pa ~/.ssh/id_ecdsa_sk ,
 .Pa ~/.ssh/id_ed25519 ,
+.Pa ~/.ssh/id_ed25519_sk ,
 and
-.Pa ~/.ssh/id_ed25519_sk .
+.Pa ~/.ssh/id_dsa .
 After loading a private key,
 .Nm
 will try to load corresponding certificate information from the
@@ -129,6 +131,84 @@ The default is
 .It Fl e Ar pkcs11
 Remove keys provided by the PKCS#11 shared library
 .Ar pkcs11 .
+.It Fl H Ar hostkey_file
+Specifies a known hosts file to look up hostkeys when using
+destination-constrained keys via the
+.Fl h
+flag.
+This option may be specified multiple times to allow multiple files to be
+searched.
+If no files are specified,
+.Nm
+will use the default
+.Xr ssh_config 5
+known hosts files:
+.Pa ~/.ssh/known_hosts ,
+.Pa ~/.ssh/known_hosts2 ,
+.Pa /etc/ssh/ssh_known_hosts ,
+and
+.Pa /etc/ssh/ssh_known_hosts2 .
+.It Fl h Ar destination_constraint
+When adding keys, constrain them to be usable only through specific hosts or to
+specific destinations.
+.Pp
+Destination constraints of the form
+.Sq [user@]dest-hostname
+permit use of the key only from the origin host (the one running
+.Xr ssh-agent 1 )
+to the listed destination host, with optional user name.
+.Pp
+Constraints of the form
+.Sq src-hostname>[user@]dst-hostname
+allow a key available on a forwarded
+.Xr ssh-agent 1
+to be used through a particular host (as specified by
+.Sq src-hostname )
+to authenticate to a further host,
+specified by
+.Sq dst-hostname .
+.Pp
+Multiple destination constraints may be added when loading keys.
+When attempting authentication with a key that has destination constraints,
+the whole connection path, including
+.Xr ssh-agent 1
+forwarding, is tested against those constraints and each
+hop must be permitted for the attempt to succeed.
+For example, if key is forwarded to a remote host,
+.Sq host-b ,
+and is attempting authentication to another host,
+.Sq host-c ,
+then the operation will be successful only if
+.Sq host-b
+was permitted from the origin host and the subsequent
+.Sq host-b>host-c
+hop is also permitted by destination constraints.
+.Pp
+Hosts are identified by their host keys, and are looked up from known hosts
+files by
+.Nm .
+Wildcards patterns may be used for hostnames and certificate host
+keys are supported.
+By default, keys added by
+.Nm
+are not destination constrained.
+.Pp
+Destination constraints were added in OpenSSH release 8.9.
+Support in both the remote SSH client and server is required when using
+destination-constrained keys over a forwarded
+.Xr ssh-agent 1
+channel.
+.Pp
+It is also important to note that destination constraints can only be
+enforced by
+.Xr ssh-agent 1
+when a key is used, or when it is forwarded by a
+.Sy cooperating
+.Xr ssh 1 .
+Specifically, it does not prevent an attacker with access to a remote
+.Ev SSH_AUTH_SOCK
+from forwarding it again and using it on a different host (but only to
+a permitted destination).
 .It Fl K
 Load resident keys from a FIDO authenticator.
 .It Fl k
diff --git a/ssh-add.c b/ssh-add.c
index 92192fcfa23c..755547748276 100644
--- a/ssh-add.c
+++ b/ssh-add.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-add.c,v 1.160 2021/04/03 06:18:41 djm Exp $ */
+/* $OpenBSD: ssh-add.c,v 1.165 2022/02/04 02:49:17 dtucker Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -68,6 +68,7 @@
 #include "digest.h"
 #include "ssh-sk.h"
 #include "sk-api.h"
+#include "hostfile.h"
 
 /* argv0 */
 extern char *__progname;
@@ -76,7 +77,6 @@ extern char *__progname;
 static char *default_files[] = {
 #ifdef WITH_OPENSSL
 	_PATH_SSH_CLIENT_ID_RSA,
-	_PATH_SSH_CLIENT_ID_DSA,
 #ifdef OPENSSL_HAS_ECC
 	_PATH_SSH_CLIENT_ID_ECDSA,
 	_PATH_SSH_CLIENT_ID_ECDSA_SK,
@@ -85,6 +85,7 @@ static char *default_files[] = {
 	_PATH_SSH_CLIENT_ID_ED25519,
 	_PATH_SSH_CLIENT_ID_ED25519_SK,
 	_PATH_SSH_CLIENT_ID_XMSS,
+	_PATH_SSH_CLIENT_ID_DSA,
 	NULL
 };
 
@@ -231,7 +232,8 @@ delete_all(int agent_fd, int qflag)
 
 static int
 add_file(int agent_fd, const char *filename, int key_only, int qflag,
-    const char *skprovider)
+    const char *skprovider, struct dest_constraint **dest_constraints,
+    size_t ndest_constraints)
 {
 	struct sshkey *private, *cert;
 	char *comment = NULL;
@@ -354,18 +356,14 @@ add_file(int agent_fd, const char *filename, int key_only, int qflag,
 			    "without provider\n", filename);
 			goto out;
 		}
-		if ((private->sk_flags & SSH_SK_USER_VERIFICATION_REQD) != 0) {
-			fprintf(stderr, "FIDO verify-required key %s is not "
-			    "currently supported by ssh-agent\n", filename);
-			goto out;
-		}
 	} else {
 		/* Don't send provider constraint for other keys */
 		skprovider = NULL;
 	}
 
 	if ((r = ssh_add_identity_constrained(agent_fd, private, comment,
-	    lifetime, confirm, maxsign, skprovider)) == 0) {
+	    lifetime, confirm, maxsign, skprovider,
+	    dest_constraints, ndest_constraints)) == 0) {
 		ret = 0;
 		if (!qflag) {
 			fprintf(stderr, "Identity added: %s (%s)\n",
@@ -417,7 +415,8 @@ add_file(int agent_fd, const char *filename, int key_only, int qflag,
 	sshkey_free(cert);
 
 	if ((r = ssh_add_identity_constrained(agent_fd, private, comment,
-	    lifetime, confirm, maxsign, skprovider)) != 0) {
+	    lifetime, confirm, maxsign, skprovider,
+	    dest_constraints, ndest_constraints)) != 0) {
 		error_r(r, "Certificate %s (%s) add failed", certpath,
 		    private->cert->key_id);
 		goto out;
@@ -445,7 +444,8 @@ add_file(int agent_fd, const char *filename, int key_only, int qflag,
 }
 
 static int
-update_card(int agent_fd, int add, const char *id, int qflag)
+update_card(int agent_fd, int add, const char *id, int qflag,
+    struct dest_constraint **dest_constraints, size_t ndest_constraints)
 {
 	char *pin = NULL;
 	int r, ret = -1;
@@ -457,7 +457,7 @@ update_card(int agent_fd, int add, const char *id, int qflag)
 	}
 
 	if ((r = ssh_update_card(agent_fd, add, id, pin == NULL ? "" : pin,
-	    lifetime, confirm)) == 0) {
+	    lifetime, confirm, dest_constraints, ndest_constraints)) == 0) {
 		ret = 0;
 		if (!qflag) {
 			fprintf(stderr, "Card %s: %s\n",
@@ -578,27 +578,31 @@ lock_agent(int agent_fd, int lock)
 }
 
 static int
-load_resident_keys(int agent_fd, const char *skprovider, int qflag)
+load_resident_keys(int agent_fd, const char *skprovider, int qflag,
+    struct dest_constraint **dest_constraints, size_t ndest_constraints)
 {
-	struct sshkey **keys;
-	size_t nkeys, i;
+	struct sshsk_resident_key **srks;
+	size_t nsrks, i;
+	struct sshkey *key;
 	int r, ok = 0;
 	char *fp;
 
 	pass = read_passphrase("Enter PIN for authenticator: ", RP_ALLOW_STDIN);
-	if ((r = sshsk_load_resident(skprovider, NULL, pass,
-	    &keys, &nkeys)) != 0) {
+	if ((r = sshsk_load_resident(skprovider, NULL, pass, 0,
+	    &srks, &nsrks)) != 0) {
 		error_r(r, "Unable to load resident keys");
 		return r;
 	}
-	for (i = 0; i < nkeys; i++) {
-		if ((fp = sshkey_fingerprint(keys[i],
+	for (i = 0; i < nsrks; i++) {
+		key = srks[i]->key;
+		if ((fp = sshkey_fingerprint(key,
 		    fingerprint_hash, SSH_FP_DEFAULT)) == NULL)
 			fatal_f("sshkey_fingerprint failed");
-		if ((r = ssh_add_identity_constrained(agent_fd, keys[i], "",
-		    lifetime, confirm, maxsign, skprovider)) != 0) {
+		if ((r = ssh_add_identity_constrained(agent_fd, key, "",
+		    lifetime, confirm, maxsign, skprovider,
+		    dest_constraints, ndest_constraints)) != 0) {
 			error("Unable to add key %s %s",
-			    sshkey_type(keys[i]), fp);
+			    sshkey_type(key), fp);
 			free(fp);
 			ok = r;
 			continue;
@@ -607,7 +611,7 @@ load_resident_keys(int agent_fd, const char *skprovider, int qflag)
 			ok = 1;
 		if (!qflag) {
 			fprintf(stderr, "Resident identity added: %s %s\n",
-			    sshkey_type(keys[i]), fp);
+			    sshkey_type(key), fp);
 			if (lifetime != 0) {
 				fprintf(stderr,
 				    "Lifetime set to %d seconds\n", lifetime);
@@ -618,33 +622,153 @@ load_resident_keys(int agent_fd, const char *skprovider, int qflag)
 			}
 		}
 		free(fp);
-		sshkey_free(keys[i]);
 	}
-	free(keys);
-	if (nkeys == 0)
+	sshsk_free_resident_keys(srks, nsrks);
+	if (nsrks == 0)
 		return SSH_ERR_KEY_NOT_FOUND;
 	return ok == 1 ? 0 : ok;
 }
 
 static int
 do_file(int agent_fd, int deleting, int key_only, char *file, int qflag,
-    const char *skprovider)
+    const char *skprovider, struct dest_constraint **dest_constraints,
+    size_t ndest_constraints)
 {
 	if (deleting) {
 		if (delete_file(agent_fd, file, key_only, qflag) == -1)
 			return -1;
 	} else {
-		if (add_file(agent_fd, file, key_only, qflag, skprovider) == -1)
+		if (add_file(agent_fd, file, key_only, qflag, skprovider,
+		    dest_constraints, ndest_constraints) == -1)
 			return -1;
 	}
 	return 0;
 }
 
+/* Append string 's' to a NULL-terminated array of strings */
+static void
+stringlist_append(char ***listp, const char *s)
+{
+	size_t i = 0;
+
+	if (*listp == NULL)
+		*listp = xcalloc(2, sizeof(**listp));
+	else {
+		for (i = 0; (*listp)[i] != NULL; i++)
+			; /* count */
+		*listp = xrecallocarray(*listp, i + 1, i + 2, sizeof(**listp));
+	}
+	(*listp)[i] = xstrdup(s);
+}
+
+static void
+parse_dest_constraint_hop(const char *s, struct dest_constraint_hop *dch,
+    char **hostkey_files)
+{
+	char *user = NULL, *host, *os, *path;
+	size_t i;
+	struct hostkeys *hostkeys;
+	const struct hostkey_entry *hke;
+	int r, want_ca;
+
+	memset(dch, '\0', sizeof(*dch));
+	os = xstrdup(s);
+	if ((host = strchr(os, '@')) == NULL)
+		host = os;
+	else {
+		*host++ = '\0';
+		user = os;
+	}
+	cleanhostname(host);
+	/* Trivial case: username@ (all hosts) */
+	if (*host == '\0') {
+		if (user == NULL) {
+			fatal("Invalid key destination constraint \"%s\": "
+			    "does not specify user or host", s);
+		}
+		dch->user = xstrdup(user);
+		/* other fields left blank */
+		free(os);
+		return;
+	}
+	if (hostkey_files == NULL)
+		fatal_f("no hostkey files");
+	/* Otherwise we need to look up the keys for this hostname */
+	hostkeys = init_hostkeys();
+	for (i = 0; hostkey_files[i]; i++) {
+		path = tilde_expand_filename(hostkey_files[i], getuid());
+		debug2_f("looking up host keys for \"%s\" in %s", host, path);
+                load_hostkeys(hostkeys, host, path, 0);
+		free(path);
+	}
+	dch->user = user == NULL ? NULL : xstrdup(user);
+	dch->hostname = xstrdup(host);
+	for (i = 0; i < hostkeys->num_entries; i++) {
+		hke = hostkeys->entries + i;
+		want_ca = hke->marker == MRK_CA;
+		if (hke->marker != MRK_NONE && !want_ca)
+			continue;
+		debug3_f("%s%s%s: adding %s %skey from %s:%lu as key %u",
+		    user == NULL ? "": user, user == NULL ? "" : "@",
+		    host, sshkey_type(hke->key), want_ca ? "CA " : "",
+		    hke->file, hke->line, dch->nkeys);
+		dch->keys = xrecallocarray(dch->keys, dch->nkeys,
+		    dch->nkeys + 1, sizeof(*dch->keys));
+		dch->key_is_ca = xrecallocarray(dch->key_is_ca, dch->nkeys,
+		    dch->nkeys + 1, sizeof(*dch->key_is_ca));
+		if ((r = sshkey_from_private(hke->key,
+		    &(dch->keys[dch->nkeys]))) != 0)
+			fatal_fr(r, "sshkey_from_private");
+		dch->key_is_ca[dch->nkeys] = want_ca;
+		dch->nkeys++;
+	}
+	if (dch->nkeys == 0)
+		fatal("No host keys found for destination \"%s\"", host);
+	free_hostkeys(hostkeys);
+	free(os);
+	return;
+}
+
+static void
+parse_dest_constraint(const char *s, struct dest_constraint ***dcp,
+    size_t *ndcp, char **hostkey_files)
+{
+	struct dest_constraint *dc;
+	char *os, *cp;
+
+	dc = xcalloc(1, sizeof(*dc));
+	os = xstrdup(s);
+	if ((cp = strchr(os, '>')) == NULL) {
+		/* initial hop; no 'from' hop specified */
+		parse_dest_constraint_hop(os, &dc->to, hostkey_files);
+	} else {
+		/* two hops specified */
+		*(cp++) = '\0';
+		parse_dest_constraint_hop(os, &dc->from, hostkey_files);
+		parse_dest_constraint_hop(cp, &dc->to, hostkey_files);
+		if (dc->from.user != NULL) {
+			fatal("Invalid key constraint %s: cannot specify "
+			    "user on 'from' host", os);
+		}
+	}
+	/* XXX eliminate or error on duplicates */
+	debug2_f("constraint %zu: %s%s%s (%u keys) > %s%s%s (%u keys)", *ndcp,
+	    dc->from.user ? dc->from.user : "", dc->from.user ? "@" : "",
+	    dc->from.hostname ? dc->from.hostname : "(ORIGIN)", dc->from.nkeys,
+	    dc->to.user ? dc->to.user : "", dc->to.user ? "@" : "",
+	    dc->to.hostname ? dc->to.hostname : "(ANY)", dc->to.nkeys);
+	*dcp = xrecallocarray(*dcp, *ndcp, *ndcp + 1, sizeof(**dcp));
+	(*dcp)[(*ndcp)++] = dc;
+	free(os);
+}
+
+
 static void
 usage(void)
 {
 	fprintf(stderr,
-"usage: ssh-add [-cDdKkLlqvXx] [-E fingerprint_hash] [-S provider] [-t life]\n"
+"usage: ssh-add [-cDdKkLlqvXx] [-E fingerprint_hash] [-H hostkey_file]\n"
+"               [-h destination_constraint] [-S provider] [-t life]\n"
 #ifdef WITH_XMSS
 "               [-M maxsign] [-m minleft]\n"
 #endif
@@ -662,10 +786,13 @@ main(int argc, char **argv)
 	extern int optind;
 	int agent_fd;
 	char *pkcs11provider = NULL, *skprovider = NULL;
+	char **dest_constraint_strings = NULL, **hostkey_files = NULL;
 	int r, i, ch, deleting = 0, ret = 0, key_only = 0, do_download = 0;
 	int xflag = 0, lflag = 0, Dflag = 0, qflag = 0, Tflag = 0;
 	SyslogFacility log_facility = SYSLOG_FACILITY_AUTH;
 	LogLevel log_level = SYSLOG_LEVEL_INFO;
+	struct dest_constraint **dest_constraints = NULL;
+	size_t ndest_constraints = 0;
 
 	/* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
 	sanitise_stdfd();
@@ -692,7 +819,7 @@ main(int argc, char **argv)
 
 	skprovider = getenv("SSH_SK_PROVIDER");
 
-	while ((ch = getopt(argc, argv, "vkKlLcdDTxXE:e:M:m:qs:S:t:")) != -1) {
+	while ((ch = getopt(argc, argv, "vkKlLcdDTxXE:e:h:H:M:m:qs:S:t:")) != -1) {
 		switch (ch) {
 		case 'v':
 			if (log_level == SYSLOG_LEVEL_INFO)
@@ -705,6 +832,12 @@ main(int argc, char **argv)
 			if (fingerprint_hash == -1)
 				fatal("Invalid hash algorithm \"%s\"", optarg);
 			break;
+		case 'H':
+			stringlist_append(&hostkey_files, optarg);
+			break;
+		case 'h':
+			stringlist_append(&dest_constraint_strings, optarg);
+			break;
 		case 'k':
 			key_only = 1;
 			break;
@@ -801,6 +934,20 @@ main(int argc, char **argv)
 		skprovider = "internal";
 #endif
 
+	if (hostkey_files == NULL) {
+		/* use defaults from readconf.c */
+		stringlist_append(&hostkey_files, _PATH_SSH_USER_HOSTFILE);
+		stringlist_append(&hostkey_files, _PATH_SSH_USER_HOSTFILE2);
+		stringlist_append(&hostkey_files, _PATH_SSH_SYSTEM_HOSTFILE);
+		stringlist_append(&hostkey_files, _PATH_SSH_SYSTEM_HOSTFILE2);
+	}
+	if (dest_constraint_strings != NULL) {
+		for (i = 0; dest_constraint_strings[i] != NULL; i++) {
+			parse_dest_constraint(dest_constraint_strings[i],
+			  &dest_constraints, &ndest_constraints, hostkey_files);
+		}
+	}
+
 	argc -= optind;
 	argv += optind;
 	if (Tflag) {
@@ -813,14 +960,15 @@ main(int argc, char **argv)
 	}
 	if (pkcs11provider != NULL) {
 		if (update_card(agent_fd, !deleting, pkcs11provider,
-		    qflag) == -1)
+		    qflag, dest_constraints, ndest_constraints) == -1)
 			ret = 1;
 		goto done;
 	}
 	if (do_download) {
 		if (skprovider == NULL)
 			fatal("Cannot download keys without provider");
-		if (load_resident_keys(agent_fd, skprovider, qflag) != 0)
+		if (load_resident_keys(agent_fd, skprovider, qflag,
+		    dest_constraints, ndest_constraints) != 0)
 			ret = 1;
 		goto done;
 	}
@@ -843,7 +991,8 @@ main(int argc, char **argv)
 			if (stat(buf, &st) == -1)
 				continue;
 			if (do_file(agent_fd, deleting, key_only, buf,
-			    qflag, skprovider) == -1)
+			    qflag, skprovider,
+			    dest_constraints, ndest_constraints) == -1)
 				ret = 1;
 			else
 				count++;
@@ -853,7 +1002,8 @@ main(int argc, char **argv)
 	} else {
 		for (i = 0; i < argc; i++) {
 			if (do_file(agent_fd, deleting, key_only,
-			    argv[i], qflag, skprovider) == -1)
+			    argv[i], qflag, skprovider,
+			    dest_constraints, ndest_constraints) == -1)
 				ret = 1;
 		}
 	}
diff --git a/ssh-agent.0 b/ssh-agent.0
index 1da77c3046a2..d1fb738b08c0 100644
--- a/ssh-agent.0
+++ b/ssh-agent.0
@@ -116,4 +116,4 @@ AUTHORS
      created OpenSSH.  Markus Friedl contributed the support for SSH protocol
      versions 1.5 and 2.0.
 
-OpenBSD 6.9                      June 22, 2020                     OpenBSD 6.9
+OpenBSD 7.0                      June 22, 2020                     OpenBSD 7.0
diff --git a/ssh-agent.c b/ssh-agent.c
index 48a47d45a91b..03ae2b022eed 100644
--- a/ssh-agent.c
+++ b/ssh-agent.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-agent.c,v 1.278 2021/04/03 06:18:41 djm Exp $ */
+/* $OpenBSD: ssh-agent.c,v 1.287 2022/01/14 03:43:48 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -37,7 +37,6 @@
 #include "includes.h"
 
 #include <sys/types.h>
-#include <sys/param.h>
 #include <sys/resource.h>
 #include <sys/stat.h>
 #include <sys/socket.h>
@@ -92,15 +91,24 @@
 #include "pathnames.h"
 #include "ssh-pkcs11.h"
 #include "sk-api.h"
+#include "myproposal.h"
 
 #ifndef DEFAULT_ALLOWED_PROVIDERS
 # define DEFAULT_ALLOWED_PROVIDERS "/usr/lib*/*,/usr/local/lib*/*"
 #endif
 
 /* Maximum accepted message length */
-#define AGENT_MAX_LEN	(256*1024)
+#define AGENT_MAX_LEN		(256*1024)
 /* Maximum bytes to read from client socket */
-#define AGENT_RBUF_LEN	(4096)
+#define AGENT_RBUF_LEN		(4096)
+/* Maximum number of recorded session IDs/hostkeys per connection */
+#define AGENT_MAX_SESSION_IDS		16
+/* Maximum size of session ID */
+#define AGENT_MAX_SID_LEN		128
+/* Maximum number of destination constraints to accept on a key */
+#define AGENT_MAX_DEST_CONSTRAINTS	1024
+
+/* XXX store hostkey_sid in a refcounted tree */
 
 typedef enum {
 	AUTH_UNUSED = 0,
@@ -108,12 +116,20 @@ typedef enum {
 	AUTH_CONNECTION = 2,
 } sock_type;
 
+struct hostkey_sid {
+	struct sshkey *key;
+	struct sshbuf *sid;
+	int forwarded;
+};
+
 typedef struct socket_entry {
 	int fd;
 	sock_type type;
 	struct sshbuf *input;
 	struct sshbuf *output;
 	struct sshbuf *request;
+	size_t nsession_ids;
+	struct hostkey_sid *session_ids;
 } SocketEntry;
 
 u_int sockets_alloc = 0;
@@ -127,6 +143,8 @@ typedef struct identity {
 	time_t death;
 	u_int confirm;
 	char *sk_provider;
+	struct dest_constraint *dest_constraints;
+	size_t ndest_constraints;
 } Identity;
 
 struct idtable {
@@ -174,10 +192,17 @@ static int restrict_websafe = 1;
 static void
 close_socket(SocketEntry *e)
 {
+	size_t i;
+
 	close(e->fd);
 	sshbuf_free(e->input);
 	sshbuf_free(e->output);
 	sshbuf_free(e->request);
+	for (i = 0; i < e->nsession_ids; i++) {
+		sshkey_free(e->session_ids[i].key);
+		sshbuf_free(e->session_ids[i].sid);
+	}
+	free(e->session_ids);
 	memset(e, '\0', sizeof(*e));
 	e->fd = -1;
 	e->type = AUTH_UNUSED;
@@ -191,6 +216,33 @@ idtab_init(void)
 	idtab->nentries = 0;
 }
 
+static void
+free_dest_constraint_hop(struct dest_constraint_hop *dch)
+{
+	u_int i;
+
+	if (dch == NULL)
+		return;
+	free(dch->user);
+	free(dch->hostname);
+	for (i = 0; i < dch->nkeys; i++)
+		sshkey_free(dch->keys[i]);
+	free(dch->keys);
+	free(dch->key_is_ca);
+}
+
+static void
+free_dest_constraints(struct dest_constraint *dcs, size_t ndcs)
+{
+	size_t i;
+
+	for (i = 0; i < ndcs; i++) {
+		free_dest_constraint_hop(&dcs[i].from);
+		free_dest_constraint_hop(&dcs[i].to);
+	}
+	free(dcs);
+}
+
 static void
 free_identity(Identity *id)
 {
@@ -198,9 +250,221 @@ free_identity(Identity *id)
 	free(id->provider);
 	free(id->comment);
 	free(id->sk_provider);
+	free_dest_constraints(id->dest_constraints, id->ndest_constraints);
 	free(id);
 }
 
+/*
+ * Match 'key' against the key/CA list in a destination constraint hop
+ * Returns 0 on success or -1 otherwise.
+ */
+static int
+match_key_hop(const char *tag, const struct sshkey *key,
+    const struct dest_constraint_hop *dch)
+{
+	const char *reason = NULL;
+	const char *hostname = dch->hostname ? dch->hostname : "(ORIGIN)";
+	u_int i;
+	char *fp;
+
+	if (key == NULL)
+		return -1;
+	/* XXX logspam */
+	if ((fp = sshkey_fingerprint(key, SSH_FP_HASH_DEFAULT,
+	    SSH_FP_DEFAULT)) == NULL)
+		fatal_f("fingerprint failed");
+	debug3_f("%s: entering hostname %s, requested key %s %s, %u keys avail",
+	    tag, hostname, sshkey_type(key), fp, dch->nkeys);
+	free(fp);
+	for (i = 0; i < dch->nkeys; i++) {
+		if (dch->keys[i] == NULL)
+			return -1;
+		/* XXX logspam */
+		if ((fp = sshkey_fingerprint(dch->keys[i], SSH_FP_HASH_DEFAULT,
+		    SSH_FP_DEFAULT)) == NULL)
+			fatal_f("fingerprint failed");
+		debug3_f("%s: key %u: %s%s %s", tag, i,
+		    dch->key_is_ca[i] ? "CA " : "",
+		    sshkey_type(dch->keys[i]), fp);
+		free(fp);
+		if (!sshkey_is_cert(key)) {
+			/* plain key */
+			if (dch->key_is_ca[i] ||
+			    !sshkey_equal(key, dch->keys[i]))
+				continue;
+			return 0;
+		}
+		/* certificate */
+		if (!dch->key_is_ca[i])
+			continue;
+		if (key->cert == NULL || key->cert->signature_key == NULL)
+			return -1; /* shouldn't happen */
+		if (!sshkey_equal(key->cert->signature_key, dch->keys[i]))
+			continue;
+		if (sshkey_cert_check_host(key, hostname, 1,
+		    SSH_ALLOWED_CA_SIGALGS, &reason) != 0) {
+			debug_f("cert %s / hostname %s rejected: %s",
+			    key->cert->key_id, hostname, reason);
+			continue;
+		}
+		return 0;
+	}
+	return -1;
+}
+
+/* Check destination constraints on an identity against the hostkey/user */
+static int
+permitted_by_dest_constraints(const struct sshkey *fromkey,
+    const struct sshkey *tokey, Identity *id, const char *user,
+    const char **hostnamep)
+{
+	size_t i;
+	struct dest_constraint *d;
+
+	if (hostnamep != NULL)
+		*hostnamep = NULL;
+	for (i = 0; i < id->ndest_constraints; i++) {
+		d = id->dest_constraints + i;
+		/* XXX remove logspam */
+		debug2_f("constraint %zu %s%s%s (%u keys) > %s%s%s (%u keys)",
+		    i, d->from.user ? d->from.user : "",
+		    d->from.user ? "@" : "",
+		    d->from.hostname ? d->from.hostname : "(ORIGIN)",
+		    d->from.nkeys,
+		    d->to.user ? d->to.user : "", d->to.user ? "@" : "",
+		    d->to.hostname ? d->to.hostname : "(ANY)", d->to.nkeys);
+
+		/* Match 'from' key */
+		if (fromkey == NULL) {
+			/* We are matching the first hop */
+			if (d->from.hostname != NULL || d->from.nkeys != 0)
+				continue;
+		} else if (match_key_hop("from", fromkey, &d->from) != 0)
+			continue;
+
+		/* Match 'to' key */
+		if (tokey != NULL && match_key_hop("to", tokey, &d->to) != 0)
+			continue;
+
+		/* Match user if specified */
+		if (d->to.user != NULL && user != NULL &&
+		    !match_pattern(user, d->to.user))
+			continue;
+
+		/* successfully matched this constraint */
+		if (hostnamep != NULL)
+			*hostnamep = d->to.hostname;
+		debug2_f("allowed for hostname %s",
+		    d->to.hostname == NULL ? "*" : d->to.hostname);
+		return 0;
+	}
+	/* no match */
+	debug2_f("%s identity \"%s\" not permitted for this destination",
+	    sshkey_type(id->key), id->comment);
+	return -1;
+}
+
+/*
+ * Check whether hostkeys on a SocketEntry and the optionally specified user
+ * are permitted by the destination constraints on the Identity.
+ * Returns 0 on success or -1 otherwise.
+ */
+static int
+identity_permitted(Identity *id, SocketEntry *e, char *user,
+    const char **forward_hostnamep, const char **last_hostnamep)
+{
+	size_t i;
+	const char **hp;
+	struct hostkey_sid *hks;
+	const struct sshkey *fromkey = NULL;
+	const char *test_user;
+	char *fp1, *fp2;
+
+	/* XXX remove logspam */
+	debug3_f("entering: key %s comment \"%s\", %zu socket bindings, "
+	    "%zu constraints", sshkey_type(id->key), id->comment,
+	    e->nsession_ids, id->ndest_constraints);
+	if (id->ndest_constraints == 0)
+		return 0; /* unconstrained */
+	if (e->nsession_ids == 0)
+		return 0; /* local use */
+	/*
+	 * Walk through the hops recorded by session_id and try to find a
+	 * constraint that satisfies each.
+	 */
+	for (i = 0; i < e->nsession_ids; i++) {
+		hks = e->session_ids + i;
+		if (hks->key == NULL)
+			fatal_f("internal error: no bound key");
+		/* XXX remove logspam */
+		fp1 = fp2 = NULL;
+		if (fromkey != NULL &&
+		    (fp1 = sshkey_fingerprint(fromkey, SSH_FP_HASH_DEFAULT,
+		    SSH_FP_DEFAULT)) == NULL)
+			fatal_f("fingerprint failed");
+		if ((fp2 = sshkey_fingerprint(hks->key, SSH_FP_HASH_DEFAULT,
+		    SSH_FP_DEFAULT)) == NULL)
+			fatal_f("fingerprint failed");
+		debug3_f("socketentry fd=%d, entry %zu %s, "
+		    "from hostkey %s %s to user %s hostkey %s %s",
+		    e->fd, i, hks->forwarded ? "FORWARD" : "AUTH",
+		    fromkey ? sshkey_type(fromkey) : "(ORIGIN)",
+		    fromkey ? fp1 : "", user ? user : "(ANY)",
+		    sshkey_type(hks->key), fp2);
+		free(fp1);
+		free(fp2);
+		/*
+		 * Record the hostnames for the initial forwarding and
+		 * the final destination.
+		 */
+		hp = NULL;
+		if (i == e->nsession_ids - 1)
+			hp = last_hostnamep;
+		else if (i == 0)
+			hp = forward_hostnamep;
+		/* Special handling for final recorded binding */
+		test_user = NULL;
+		if (i == e->nsession_ids - 1) {
+			/* Can only check user at final hop */
+			test_user = user;
+			/*
+			 * user is only presented for signature requests.
+			 * If this is the case, make sure last binding is not
+			 * for a forwarding.
+			 */
+			if (hks->forwarded && user != NULL) {
+				error_f("tried to sign on forwarding hop");
+				return -1;
+			}
+		} else if (!hks->forwarded) {
+			error_f("tried to forward though signing bind");
+			return -1;
+		}
+		if (permitted_by_dest_constraints(fromkey, hks->key, id,
+		    test_user, hp) != 0)
+			return -1;
+		fromkey = hks->key;
+	}
+	/*
+	 * Another special case: if the last bound session ID was for a
+	 * forwarding, and this function is not being called to check a sign
+	 * request (i.e. no 'user' supplied), then only permit the key if
+	 * there is a permission that would allow it to be used at another
+	 * destination. This hides keys that are allowed to be used to
+	 * authenticate *to* a host but not permitted for *use* beyond it.
+	 */
+	hks = &e->session_ids[e->nsession_ids - 1];
+	if (hks->forwarded && user == NULL &&
+	    permitted_by_dest_constraints(hks->key, NULL, id,
+	    NULL, NULL) != 0) {
+		debug3_f("key permitted at host but not after");
+		return -1;
+	}
+
+	/* success */
+	return 0;
+}
+
 /* return matching private key for given public key */
 static Identity *
 lookup_identity(struct sshkey *key)
@@ -248,27 +512,36 @@ static void
 process_request_identities(SocketEntry *e)
 {
 	Identity *id;
-	struct sshbuf *msg;
+	struct sshbuf *msg, *keys;
 	int r;
+	u_int nentries = 0;
 
 	debug2_f("entering");
 
-	if ((msg = sshbuf_new()) == NULL)
+	if ((msg = sshbuf_new()) == NULL || (keys = sshbuf_new()) == NULL)
 		fatal_f("sshbuf_new failed");
-	if ((r = sshbuf_put_u8(msg, SSH2_AGENT_IDENTITIES_ANSWER)) != 0 ||
-	    (r = sshbuf_put_u32(msg, idtab->nentries)) != 0)
-		fatal_fr(r, "compose");
 	TAILQ_FOREACH(id, &idtab->idlist, next) {
-		if ((r = sshkey_puts_opts(id->key, msg,
+		/* identity not visible, don't include in response */
+		if (identity_permitted(id, e, NULL, NULL, NULL) != 0)
+			continue;
+		if ((r = sshkey_puts_opts(id->key, keys,
 		    SSHKEY_SERIALIZE_INFO)) != 0 ||
-		    (r = sshbuf_put_cstring(msg, id->comment)) != 0) {
+		    (r = sshbuf_put_cstring(keys, id->comment)) != 0) {
 			error_fr(r, "compose key/comment");
 			continue;
 		}
+		nentries++;
 	}
+	debug2_f("replying with %u allowed of %u available keys",
+	    nentries, idtab->nentries);
+	if ((r = sshbuf_put_u8(msg, SSH2_AGENT_IDENTITIES_ANSWER)) != 0 ||
+	    (r = sshbuf_put_u32(msg, nentries)) != 0 ||
+	    (r = sshbuf_putb(msg, keys)) != 0)
+		fatal_fr(r, "compose");
 	if ((r = sshbuf_put_stringb(e->output, msg)) != 0)
 		fatal_fr(r, "enqueue");
 	sshbuf_free(msg);
+	sshbuf_free(keys);
 }
 
 
@@ -294,22 +567,24 @@ agent_decode_alg(struct sshkey *key, u_int flags)
  * request, checking its contents for consistency and matching the embedded
  * key against the one that is being used for signing.
  * Note: does not modify msg buffer.
- * Optionally extract the username and session ID from the request.
+ * Optionally extract the username, session ID and/or hostkey from the request.
  */
 static int
 parse_userauth_request(struct sshbuf *msg, const struct sshkey *expected_key,
-    char **userp, struct sshbuf **sess_idp)
+    char **userp, struct sshbuf **sess_idp, struct sshkey **hostkeyp)
 {
 	struct sshbuf *b = NULL, *sess_id = NULL;
 	char *user = NULL, *service = NULL, *method = NULL, *pkalg = NULL;
 	int r;
 	u_char t, sig_follows;
-	struct sshkey *mkey = NULL;
+	struct sshkey *mkey = NULL, *hostkey = NULL;
 
 	if (userp != NULL)
 		*userp = NULL;
 	if (sess_idp != NULL)
 		*sess_idp = NULL;
+	if (hostkeyp != NULL)
+		*hostkeyp = NULL;
 	if ((b = sshbuf_fromb(msg)) == NULL)
 		fatal_f("sshbuf_fromb");
 
@@ -336,7 +611,10 @@ parse_userauth_request(struct sshbuf *msg, const struct sshkey *expected_key,
 		r = SSH_ERR_INVALID_FORMAT;
 		goto out;
 	}
-	if (strcmp(method, "publickey") != 0) {
+	if (strcmp(method, "publickey-hostbound-v00@openssh.com") == 0) {
+		if ((r = sshkey_froms(b, &hostkey)) != 0)
+			goto out;
+	} else if (strcmp(method, "publickey") != 0) {
 		r = SSH_ERR_INVALID_FORMAT;
 		goto out;
 	}
@@ -355,6 +633,10 @@ parse_userauth_request(struct sshbuf *msg, const struct sshkey *expected_key,
 		*sess_idp = sess_id;
 		sess_id = NULL;
 	}
+	if (hostkeyp != NULL) {
+		*hostkeyp = hostkey;
+		hostkey = NULL;
+	}
  out:
 	sshbuf_free(b);
 	sshbuf_free(sess_id);
@@ -363,6 +645,7 @@ parse_userauth_request(struct sshbuf *msg, const struct sshkey *expected_key,
 	free(method);
 	free(pkalg);
 	sshkey_free(mkey);
+	sshkey_free(hostkey);
 	return r;
 }
 
@@ -407,7 +690,7 @@ parse_sshsig_request(struct sshbuf *msg)
 static int
 check_websafe_message_contents(struct sshkey *key, struct sshbuf *data)
 {
-	if (parse_userauth_request(data, key, NULL, NULL) == 0) {
+	if (parse_userauth_request(data, key, NULL, NULL, NULL) == 0) {
 		debug_f("signed data matches public key userauth request");
 		return 1;
 	}
@@ -422,6 +705,18 @@ check_websafe_message_contents(struct sshkey *key, struct sshbuf *data)
 	return 0;
 }
 
+static int
+buf_equal(const struct sshbuf *a, const struct sshbuf *b)
+{
+	if (sshbuf_ptr(a) == NULL || sshbuf_ptr(b) == NULL)
+		return SSH_ERR_INVALID_ARGUMENT;
+	if (sshbuf_len(a) != sshbuf_len(b))
+		return SSH_ERR_INVALID_FORMAT;
+	if (timingsafe_bcmp(sshbuf_ptr(a), sshbuf_ptr(b), sshbuf_len(a)) != 0)
+		return SSH_ERR_INVALID_FORMAT;
+	return 0;
+}
+
 /* ssh2 only */
 static void
 process_sign_request2(SocketEntry *e)
@@ -429,10 +724,12 @@ process_sign_request2(SocketEntry *e)
 	u_char *signature = NULL;
 	size_t slen = 0;
 	u_int compat = 0, flags;
-	int r, ok = -1;
-	char *fp = NULL;
-	struct sshbuf *msg = NULL, *data = NULL;
-	struct sshkey *key = NULL;
+	int r, ok = -1, retried = 0;
+	char *fp = NULL, *pin = NULL, *prompt = NULL;
+	char *user = NULL, *sig_dest = NULL;
+	const char *fwd_host = NULL, *dest_host = NULL;
+	struct sshbuf *msg = NULL, *data = NULL, *sid = NULL;
+	struct sshkey *key = NULL, *hostkey = NULL;
 	struct identity *id;
 	struct notifier_ctx *notifier = NULL;
 
@@ -451,7 +748,62 @@ process_sign_request2(SocketEntry *e)
 		verbose_f("%s key not found", sshkey_type(key));
 		goto send;
 	}
-	if (id->confirm && confirm_key(id, NULL) != 0) {
+	if ((fp = sshkey_fingerprint(key, SSH_FP_HASH_DEFAULT,
+	    SSH_FP_DEFAULT)) == NULL)
+		fatal_f("fingerprint failed");
+
+	if (id->ndest_constraints != 0) {
+		if (e->nsession_ids == 0) {
+			logit_f("refusing use of destination-constrained key "
+			    "to sign on unbound connection");
+			goto send;
+		}
+		if (parse_userauth_request(data, key, &user, &sid,
+		    &hostkey) != 0) {
+			logit_f("refusing use of destination-constrained key "
+			   "to sign an unidentified signature");
+			goto send;
+		}
+		/* XXX logspam */
+		debug_f("user=%s", user);
+		if (identity_permitted(id, e, user, &fwd_host, &dest_host) != 0)
+			goto send;
+		/* XXX display fwd_host/dest_host in askpass UI */
+		/*
+		 * Ensure that the session ID is the most recent one
+		 * registered on the socket - it should have been bound by
+		 * ssh immediately before userauth.
+		 */
+		if (buf_equal(sid,
+		    e->session_ids[e->nsession_ids - 1].sid) != 0) {
+			error_f("unexpected session ID (%zu listed) on "
+			    "signature request for target user %s with "
+			    "key %s %s", e->nsession_ids, user,
+			    sshkey_type(id->key), fp);
+			goto send;
+		}
+		/*
+		 * Ensure that the hostkey embedded in the signature matches
+		 * the one most recently bound to the socket. An exception is
+		 * made for the initial forwarding hop.
+		 */
+		if (e->nsession_ids > 1 && hostkey == NULL) {
+			error_f("refusing use of destination-constrained key: "
+			    "no hostkey recorded in signature for forwarded "
+			    "connection");
+			goto send;
+		}
+		if (hostkey != NULL && !sshkey_equal(hostkey,
+		    e->session_ids[e->nsession_ids - 1].key)) {
+			error_f("refusing use of destination-constrained key: "
+			    "mismatch between hostkey in request and most "
+			    "recently bound session");
+			goto send;
+		}
+		xasprintf(&sig_dest, "public key authentication request for "
+		    "user \"%s\" to listed host", user);
+	}
+	if (id->confirm && confirm_key(id, sig_dest) != 0) {
 		verbose_f("user refused key");
 		goto send;
 	}
@@ -461,19 +813,43 @@ process_sign_request2(SocketEntry *e)
 			/* error already logged */
 			goto send;
 		}
-		if ((id->key->sk_flags & SSH_SK_USER_PRESENCE_REQD)) {
-			if ((fp = sshkey_fingerprint(key, SSH_FP_HASH_DEFAULT,
-			    SSH_FP_DEFAULT)) == NULL)
-				fatal_f("fingerprint failed");
-			notifier = notify_start(0,
-			    "Confirm user presence for key %s %s",
+		if ((id->key->sk_flags & SSH_SK_USER_VERIFICATION_REQD)) {
+			/* XXX include sig_dest */
+			xasprintf(&prompt, "Enter PIN%sfor %s key %s: ",
+			    (id->key->sk_flags & SSH_SK_USER_PRESENCE_REQD) ?
+			    " and confirm user presence " : " ",
 			    sshkey_type(id->key), fp);
+			pin = read_passphrase(prompt, RP_USE_ASKPASS);
+			free(prompt);
+			prompt = NULL;
+		} else if ((id->key->sk_flags & SSH_SK_USER_PRESENCE_REQD)) {
+			notifier = notify_start(0,
+			    "Confirm user presence for key %s %s%s%s",
+			    sshkey_type(id->key), fp,
+			    sig_dest == NULL ? "" : "\n",
+			    sig_dest == NULL ? "" : sig_dest);
 		}
 	}
-	/* XXX support PIN required FIDO keys */
+ retry_pin:
 	if ((r = sshkey_sign(id->key, &signature, &slen,
 	    sshbuf_ptr(data), sshbuf_len(data), agent_decode_alg(key, flags),
-	    id->sk_provider, NULL, compat)) != 0) {
+	    id->sk_provider, pin, compat)) != 0) {
+		debug_fr(r, "sshkey_sign");
+		if (pin == NULL && !retried && sshkey_is_sk(id->key) &&
+		    r == SSH_ERR_KEY_WRONG_PASSPHRASE) {
+			if (notifier) {
+				notify_complete(notifier, NULL);
+				notifier = NULL;
+			}
+			/* XXX include sig_dest */
+			xasprintf(&prompt, "Enter PIN%sfor %s key %s: ",
+			    (id->key->sk_flags & SSH_SK_USER_PRESENCE_REQD) ?
+			    " and confirm user presence " : " ",
+			    sshkey_type(id->key), fp);
+			pin = read_passphrase(prompt, RP_USE_ASKPASS);
+			retried = 1;
+			goto retry_pin;
+		}
 		error_fr(r, "sshkey_sign");
 		goto send;
 	}
@@ -492,11 +868,18 @@ process_sign_request2(SocketEntry *e)
 	if ((r = sshbuf_put_stringb(e->output, msg)) != 0)
 		fatal_fr(r, "enqueue");
 
+	sshbuf_free(sid);
 	sshbuf_free(data);
 	sshbuf_free(msg);
 	sshkey_free(key);
+	sshkey_free(hostkey);
 	free(fp);
 	free(signature);
+	free(sig_dest);
+	free(user);
+	free(prompt);
+	if (pin != NULL)
+		freezero(pin, strlen(pin));
 }
 
 /* shared */
@@ -516,6 +899,9 @@ process_remove_identity(SocketEntry *e)
 		debug_f("key not found");
 		goto done;
 	}
+	/* identity not visible, cannot be removed */
+	if (identity_permitted(id, e, NULL, NULL, NULL) != 0)
+		goto done; /* error already logged */
 	/* We have this key, free it. */
 	if (idtab->nentries < 1)
 		fatal_f("internal error: nentries %d", idtab->nentries);
@@ -575,10 +961,119 @@ reaper(void)
 }
 
 static int
-parse_key_constraint_extension(struct sshbuf *m, char **sk_providerp)
+parse_dest_constraint_hop(struct sshbuf *b, struct dest_constraint_hop *dch)
+{
+	u_char key_is_ca;
+	size_t elen = 0;
+	int r;
+	struct sshkey *k = NULL;
+	char *fp;
+
+	memset(dch, '\0', sizeof(*dch));
+	if ((r = sshbuf_get_cstring(b, &dch->user, NULL)) != 0 ||
+	    (r = sshbuf_get_cstring(b, &dch->hostname, NULL)) != 0 ||
+	    (r = sshbuf_get_string_direct(b, NULL, &elen)) != 0) {
+		error_fr(r, "parse");
+		goto out;
+	}
+	if (elen != 0) {
+		error_f("unsupported extensions (len %zu)", elen);
+		r = SSH_ERR_FEATURE_UNSUPPORTED;
+		goto out;
+	}
+	if (*dch->hostname == '\0') {
+		free(dch->hostname);
+		dch->hostname = NULL;
+	}
+	if (*dch->user == '\0') {
+		free(dch->user);
+		dch->user = NULL;
+	}
+	while (sshbuf_len(b) != 0) {
+		dch->keys = xrecallocarray(dch->keys, dch->nkeys,
+		    dch->nkeys + 1, sizeof(*dch->keys));
+		dch->key_is_ca = xrecallocarray(dch->key_is_ca, dch->nkeys,
+		    dch->nkeys + 1, sizeof(*dch->key_is_ca));
+		if ((r = sshkey_froms(b, &k)) != 0 ||
+		    (r = sshbuf_get_u8(b, &key_is_ca)) != 0)
+			goto out;
+		if ((fp = sshkey_fingerprint(k, SSH_FP_HASH_DEFAULT,
+		    SSH_FP_DEFAULT)) == NULL)
+			fatal_f("fingerprint failed");
+		debug3_f("%s%s%s: adding %skey %s %s",
+		    dch->user == NULL ? "" : dch->user,
+		    dch->user == NULL ? "" : "@",
+		    dch->hostname, key_is_ca ? "CA " : "", sshkey_type(k), fp);
+		free(fp);
+		dch->keys[dch->nkeys] = k;
+		dch->key_is_ca[dch->nkeys] = key_is_ca != 0;
+		dch->nkeys++;
+		k = NULL; /* transferred */
+	}
+	/* success */
+	r = 0;
+ out:
+	sshkey_free(k);
+	return r;
+}
+
+static int
+parse_dest_constraint(struct sshbuf *m, struct dest_constraint *dc)
+{
+	struct sshbuf *b = NULL, *frombuf = NULL, *tobuf = NULL;
+	int r;
+	size_t elen = 0;
+
+	debug3_f("entering");
+
+	memset(dc, '\0', sizeof(*dc));
+	if ((r = sshbuf_froms(m, &b)) != 0 ||
+	    (r = sshbuf_froms(b, &frombuf)) != 0 ||
+	    (r = sshbuf_froms(b, &tobuf)) != 0 ||
+	    (r = sshbuf_get_string_direct(b, NULL, &elen)) != 0) {
+		error_fr(r, "parse");
+		goto out;
+	}
+	if ((r = parse_dest_constraint_hop(frombuf, &dc->from) != 0) ||
+	    (r = parse_dest_constraint_hop(tobuf, &dc->to) != 0))
+		goto out; /* already logged */
+	if (elen != 0) {
+		error_f("unsupported extensions (len %zu)", elen);
+		r = SSH_ERR_FEATURE_UNSUPPORTED;
+		goto out;
+	}
+	debug2_f("parsed %s (%u keys) > %s%s%s (%u keys)",
+	    dc->from.hostname ? dc->from.hostname : "(ORIGIN)", dc->from.nkeys,
+	    dc->to.user ? dc->to.user : "", dc->to.user ? "@" : "",
+	    dc->to.hostname ? dc->to.hostname : "(ANY)", dc->to.nkeys);
+	/* check consistency */
+	if ((dc->from.hostname == NULL) != (dc->from.nkeys == 0) ||
+	    dc->from.user != NULL) {
+		error_f("inconsistent \"from\" specification");
+		r = SSH_ERR_INVALID_FORMAT;
+		goto out;
+	}
+	if (dc->to.hostname == NULL || dc->to.nkeys == 0) {
+		error_f("incomplete \"to\" specification");
+		r = SSH_ERR_INVALID_FORMAT;
+		goto out;
+	}
+	/* success */
+	r = 0;
+ out:
+	sshbuf_free(b);
+	sshbuf_free(frombuf);
+	sshbuf_free(tobuf);
+	return r;
+}
+
+static int
+parse_key_constraint_extension(struct sshbuf *m, char **sk_providerp,
+    struct dest_constraint **dcsp, size_t *ndcsp)
 {
 	char *ext_name = NULL;
 	int r;
+	struct sshbuf *b = NULL;
 
 	if ((r = sshbuf_get_cstring(m, &ext_name, NULL)) != 0) {
 		error_fr(r, "parse constraint extension");
@@ -600,6 +1095,27 @@ parse_key_constraint_extension(struct sshbuf *m, char **sk_providerp)
 			error_fr(r, "parse %s", ext_name);
 			goto out;
 		}
+	} else if (strcmp(ext_name,
+	    "restrict-destination-v00@openssh.com") == 0) {
+		if (*dcsp != NULL) {
+			error_f("%s already set", ext_name);
+			goto out;
+		}
+		if ((r = sshbuf_froms(m, &b)) != 0) {
+			error_fr(r, "parse %s outer", ext_name);
+			goto out;
+		}
+		while (sshbuf_len(b) != 0) {
+			if (*ndcsp >= AGENT_MAX_DEST_CONSTRAINTS) {
+				error_f("too many %s constraints", ext_name);
+				goto out;
+			}
+			*dcsp = xrecallocarray(*dcsp, *ndcsp, *ndcsp + 1,
+			    sizeof(**dcsp));
+			if ((r = parse_dest_constraint(b,
+			    *dcsp + (*ndcsp)++)) != 0)
+				goto out; /* error already logged */
+		}
 	} else {
 		error_f("unsupported constraint \"%s\"", ext_name);
 		r = SSH_ERR_FEATURE_UNSUPPORTED;
@@ -609,12 +1125,14 @@ parse_key_constraint_extension(struct sshbuf *m, char **sk_providerp)
 	r = 0;
  out:
 	free(ext_name);
+	sshbuf_free(b);
 	return r;
 }
 
 static int
 parse_key_constraints(struct sshbuf *m, struct sshkey *k, time_t *deathp,
-    u_int *secondsp, int *confirmp, char **sk_providerp)
+    u_int *secondsp, int *confirmp, char **sk_providerp,
+    struct dest_constraint **dcsp, size_t *ndcsp)
 {
 	u_char ctype;
 	int r;
@@ -669,7 +1187,7 @@ parse_key_constraints(struct sshbuf *m, struct sshkey *k, time_t *deathp,
 			break;
 		case SSH_AGENT_CONSTRAIN_EXTENSION:
 			if ((r = parse_key_constraint_extension(m,
-			    sk_providerp)) != 0)
+			    sk_providerp, dcsp, ndcsp)) != 0)
 				goto out; /* error already logged */
 			break;
 		default:
@@ -693,6 +1211,8 @@ process_add_identity(SocketEntry *e)
 	char canonical_provider[PATH_MAX];
 	time_t death = 0;
 	u_int seconds = 0;
+	struct dest_constraint *dest_constraints = NULL;
+	size_t ndest_constraints = 0;
 	struct sshkey *k = NULL;
 	int r = SSH_ERR_INTERNAL_ERROR;
 
@@ -704,7 +1224,7 @@ process_add_identity(SocketEntry *e)
 		goto out;
 	}
 	if (parse_key_constraints(e->request, k, &death, &seconds, &confirm,
-	    &sk_provider) != 0) {
+	    &sk_provider, &dest_constraints, &ndest_constraints) != 0) {
 		error_f("failed to parse constraints");
 		sshbuf_reset(e->request);
 		goto out;
@@ -747,10 +1267,15 @@ process_add_identity(SocketEntry *e)
 		/* Increment the number of identities. */
 		idtab->nentries++;
 	} else {
+		/* identity not visible, do not update */
+		if (identity_permitted(id, e, NULL, NULL, NULL) != 0)
+			goto out; /* error already logged */
 		/* key state might have been updated */
 		sshkey_free(id->key);
 		free(id->comment);
 		free(id->sk_provider);
+		free_dest_constraints(id->dest_constraints,
+		    id->ndest_constraints);
 	}
 	/* success */
 	id->key = k;
@@ -758,23 +1283,29 @@ process_add_identity(SocketEntry *e)
 	id->death = death;
 	id->confirm = confirm;
 	id->sk_provider = sk_provider;
+	id->dest_constraints = dest_constraints;
+	id->ndest_constraints = ndest_constraints;
 
 	if ((fp = sshkey_fingerprint(k, SSH_FP_HASH_DEFAULT,
 	    SSH_FP_DEFAULT)) == NULL)
 		fatal_f("sshkey_fingerprint failed");
 	debug_f("add %s %s \"%.100s\" (life: %u) (confirm: %u) "
-	    "(provider: %s)", sshkey_ssh_name(k), fp, comment, seconds,
-	    confirm, sk_provider == NULL ? "none" : sk_provider);
+	    "(provider: %s) (destination constraints: %zu)",
+	    sshkey_ssh_name(k), fp, comment, seconds, confirm,
+	    sk_provider == NULL ? "none" : sk_provider, ndest_constraints);
 	free(fp);
 	/* transferred */
 	k = NULL;
 	comment = NULL;
 	sk_provider = NULL;
+	dest_constraints = NULL;
+	ndest_constraints = 0;
 	success = 1;
  out:
 	free(sk_provider);
 	free(comment);
 	sshkey_free(k);
+	free_dest_constraints(dest_constraints, ndest_constraints);
 	send_status(e, success);
 }
 
@@ -857,6 +1388,8 @@ process_add_smartcard_key(SocketEntry *e)
 	time_t death = 0;
 	struct sshkey **keys = NULL, *k;
 	Identity *id;
+	struct dest_constraint *dest_constraints = NULL;
+	size_t ndest_constraints = 0;
 
 	debug2_f("entering");
 	if ((r = sshbuf_get_cstring(e->request, &provider, NULL)) != 0 ||
@@ -865,7 +1398,7 @@ process_add_smartcard_key(SocketEntry *e)
 		goto send;
 	}
 	if (parse_key_constraints(e->request, NULL, &death, &seconds, &confirm,
-	    NULL) != 0) {
+	    NULL, &dest_constraints, &ndest_constraints) != 0) {
 		error_f("failed to parse constraints");
 		goto send;
 	}
@@ -899,6 +1432,10 @@ process_add_smartcard_key(SocketEntry *e)
 			}
 			id->death = death;
 			id->confirm = confirm;
+			id->dest_constraints = dest_constraints;
+			id->ndest_constraints = ndest_constraints;
+			dest_constraints = NULL; /* transferred */
+			ndest_constraints = 0;
 			TAILQ_INSERT_TAIL(&idtab->idlist, id, next);
 			idtab->nentries++;
 			success = 1;
@@ -912,6 +1449,7 @@ send:
 	free(provider);
 	free(keys);
 	free(comments);
+	free_dest_constraints(dest_constraints, ndest_constraints);
 	send_status(e, success);
 }
 
@@ -958,6 +1496,105 @@ send:
 }
 #endif /* ENABLE_PKCS11 */
 
+static int
+process_ext_session_bind(SocketEntry *e)
+{
+	int r, sid_match, key_match;
+	struct sshkey *key = NULL;
+	struct sshbuf *sid = NULL, *sig = NULL;
+	char *fp = NULL;
+	size_t i;
+	u_char fwd = 0;
+
+	debug2_f("entering");
+	if ((r = sshkey_froms(e->request, &key)) != 0 ||
+	    (r = sshbuf_froms(e->request, &sid)) != 0 ||
+	    (r = sshbuf_froms(e->request, &sig)) != 0 ||
+	    (r = sshbuf_get_u8(e->request, &fwd)) != 0) {
+		error_fr(r, "parse");
+		goto out;
+	}
+	if ((fp = sshkey_fingerprint(key, SSH_FP_HASH_DEFAULT,
+	    SSH_FP_DEFAULT)) == NULL)
+		fatal_f("fingerprint failed");
+	/* check signature with hostkey on session ID */
+	if ((r = sshkey_verify(key, sshbuf_ptr(sig), sshbuf_len(sig),
+	    sshbuf_ptr(sid), sshbuf_len(sid), NULL, 0, NULL)) != 0) {
+		error_fr(r, "sshkey_verify for %s %s", sshkey_type(key), fp);
+		goto out;
+	}
+	/* check whether sid/key already recorded */
+	for (i = 0; i < e->nsession_ids; i++) {
+		if (!e->session_ids[i].forwarded) {
+			error_f("attempt to bind session ID to socket "
+			    "previously bound for authentication attempt");
+			r = -1;
+			goto out;
+		}
+		sid_match = buf_equal(sid, e->session_ids[i].sid) == 0;
+		key_match = sshkey_equal(key, e->session_ids[i].key);
+		if (sid_match && key_match) {
+			debug_f("session ID already recorded for %s %s",
+			    sshkey_type(key), fp);
+			r = 0;
+			goto out;
+		} else if (sid_match) {
+			error_f("session ID recorded against different key "
+			    "for %s %s", sshkey_type(key), fp);
+			r = -1;
+			goto out;
+		}
+		/*
+		 * new sid with previously-seen key can happen, e.g. multiple
+		 * connections to the same host.
+		 */
+	}
+	/* record new key/sid */
+	if (e->nsession_ids >= AGENT_MAX_SESSION_IDS) {
+		error_f("too many session IDs recorded");
+		goto out;
+	}
+	e->session_ids = xrecallocarray(e->session_ids, e->nsession_ids,
+	    e->nsession_ids + 1, sizeof(*e->session_ids));
+	i = e->nsession_ids++;
+	debug_f("recorded %s %s (slot %zu of %d)", sshkey_type(key), fp, i,
+	    AGENT_MAX_SESSION_IDS);
+	e->session_ids[i].key = key;
+	e->session_ids[i].forwarded = fwd != 0;
+	key = NULL; /* transferred */
+	/* can't transfer sid; it's refcounted and scoped to request's life */
+	if ((e->session_ids[i].sid = sshbuf_new()) == NULL)
+		fatal_f("sshbuf_new");
+	if ((r = sshbuf_putb(e->session_ids[i].sid, sid)) != 0)
+		fatal_fr(r, "sshbuf_putb session ID");
+	/* success */
+	r = 0;
+ out:
+	sshkey_free(key);
+	sshbuf_free(sid);
+	sshbuf_free(sig);
+	return r == 0 ? 1 : 0;
+}
+
+static void
+process_extension(SocketEntry *e)
+{
+	int r, success = 0;
+	char *name;
+
+	debug2_f("entering");
+	if ((r = sshbuf_get_cstring(e->request, &name, NULL)) != 0) {
+		error_fr(r, "parse");
+		goto send;
+	}
+	if (strcmp(name, "session-bind@openssh.com") == 0)
+		success = process_ext_session_bind(e);
+	else
+		debug_f("unsupported extension \"%s\"", name);
+	free(name);
+send:
+	send_status(e, success);
+}
 /*
  * dispatch incoming message.
  * returns 1 on success, 0 for incomplete messages or -1 on error.
@@ -1050,6 +1687,9 @@ process_message(u_int socknum)
 		process_remove_smartcard_key(e);
 		break;
 #endif /* ENABLE_PKCS11 */
+	case SSH_AGENTC_EXTENSION:
+		process_extension(e);
+		break;
 	default:
 		/* Unknown message.  Respond with failure. */
 		error("Unknown message %d", type);
@@ -1214,10 +1854,9 @@ after_poll(struct pollfd *pfd, size_t npfd, u_int maxfds)
 				activefds++;
 			break;
 		case AUTH_CONNECTION:
-			if ((pfd[i].revents & (POLLIN|POLLERR)) != 0 &&
-			    handle_conn_read(socknum) != 0) {
+			if ((pfd[i].revents & (POLLIN|POLLHUP|POLLERR)) != 0 &&
+			    handle_conn_read(socknum) != 0)
 				goto close_sock;
-			}
 			if ((pfd[i].revents & (POLLOUT|POLLHUP)) != 0 &&
 			    handle_conn_write(socknum) != 0) {
  close_sock:
diff --git a/ssh-keygen.0 b/ssh-keygen.0
index 2027bdf3cb68..f81493770585 100644
--- a/ssh-keygen.0
+++ b/ssh-keygen.0
@@ -34,8 +34,9 @@ SYNOPSIS
      ssh-keygen -Q [-l] -f krl_file file ...
      ssh-keygen -Y find-principals [-O option] -s signature_file
                 -f allowed_signers_file
+     ssh-keygen -Y match-principals -I signer_identity -f allowed_signers_file
      ssh-keygen -Y check-novalidate [-O option] -n namespace -s signature_file
-     ssh-keygen -Y sign -f key_file -n namespace file ...
+     ssh-keygen -Y sign [-O option] -f key_file -n namespace file ...
      ssh-keygen -Y verify [-O option] -f allowed_signers_file
                 -I signer_identity -n namespace -s signature_file
                 [-r revocation_file]
@@ -172,11 +173,11 @@ DESCRIPTION
              hashed names.
 
      -h      When signing a key, create a host certificate instead of a user
-             certificate.  Please see the CERTIFICATES section for details.
+             certificate.  See the CERTIFICATES section for details.
 
      -I certificate_identity
-             Specify the key identity when signing a public key.  Please see
-             the CERTIFICATES section for details.
+             Specify the key identity when signing a public key.  See the
+             CERTIFICATES section for details.
 
      -i      This option will read an unencrypted private (or public) key file
              in the format specified by the -m option and print an OpenSSH
@@ -239,7 +240,7 @@ DESCRIPTION
      -n principals
              Specify one or more principals (user or host names) to be
              included in a certificate when signing a key.  Multiple
-             principals may be specified, separated by commas.  Please see the
+             principals may be specified, separated by commas.  See the
              CERTIFICATES section for details.
 
      -O option
@@ -301,13 +302,17 @@ DESCRIPTION
              write-attestation=path
                      May be used at key generation time to record the
                      attestation data returned from FIDO tokens during key
-                     generation.  Please note that this information is
-                     potentially sensitive.  By default, this information is
-                     discarded.
+                     generation.  This information is potentially sensitive.
+                     By default, this information is discarded.
 
              When performing signature-related options using the -Y flag, the
              following options are accepted:
 
+             hashalg=algorithm
+                     Selects the hash algorithm to use for hashing the message
+                     to be signed.  Valid algorithms are M-bM-^@M-^\sha256M-bM-^@M-^] and
+                     M-bM-^@M-^\sha512.M-bM-^@M-^] The default is M-bM-^@M-^\sha512.M-bM-^@M-^]
+
              print-pubkey
                      Print the full public key to standard output after
                      signature verification.
@@ -343,8 +348,8 @@ DESCRIPTION
              the specified public key file.
 
      -s ca_key
-             Certify (sign) a public key using the specified CA key.  Please
-             see the CERTIFICATES section for details.
+             Certify (sign) a public key using the specified CA key.  See the
+             CERTIFICATES section for details.
 
              When generating a KRL, -s specifies a path to a CA public key
              file used to revoke certificates directly by key ID or serial
@@ -411,6 +416,12 @@ DESCRIPTION
              If one or more matching principals are found, they are returned
              on standard output.
 
+     -Y match-principals
+             Find principal matching the principal name provided using the -I
+             flag in the authorized signers file specified using the -f flag.
+             If one or more matching principals are found, they are returned
+             on standard output.
+
      -Y check-novalidate
              Checks that a signature generated using ssh-keygen -Y sign has a
              valid structure.  This does not validate if a signature comes
@@ -664,8 +675,8 @@ CERTIFICATES
      to the distant future.
 
      For certificates to be used for user or host authentication, the CA
-     public key must be trusted by sshd(8) or ssh(1).  Please refer to those
-     manual pages for details.
+     public key must be trusted by sshd(8) or ssh(1).  Refer to those manual
+     pages for details.
 
 KEY REVOCATION LISTS
      ssh-keygen is able to manage OpenSSH format Key Revocation Lists (KRLs).
@@ -835,4 +846,4 @@ AUTHORS
      created OpenSSH.  Markus Friedl contributed the support for SSH protocol
      versions 1.5 and 2.0.
 
-OpenBSD 6.9                     August 11, 2021                    OpenBSD 6.9
+OpenBSD 7.0                    February 6, 2022                    OpenBSD 7.0
diff --git a/ssh-keygen.1 b/ssh-keygen.1
index f83f515f6008..59b7f23a1fa5 100644
--- a/ssh-keygen.1
+++ b/ssh-keygen.1
@@ -1,4 +1,4 @@
-.\"	$OpenBSD: ssh-keygen.1,v 1.216 2021/08/11 08:54:17 djm Exp $
+.\"	$OpenBSD: ssh-keygen.1,v 1.220 2022/02/06 00:29:03 jsg Exp $
 .\"
 .\" Author: Tatu Ylonen <ylo@cs.hut.fi>
 .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -35,7 +35,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: August 11 2021 $
+.Dd $Mdocdate: February 6 2022 $
 .Dt SSH-KEYGEN 1
 .Os
 .Sh NAME
@@ -151,12 +151,17 @@
 .Fl s Ar signature_file
 .Fl f Ar allowed_signers_file
 .Nm ssh-keygen
+.Fl Y Cm match-principals
+.Fl I Ar signer_identity
+.Fl f Ar allowed_signers_file
+.Nm ssh-keygen
 .Fl Y Cm check-novalidate
 .Op Fl O Ar option
 .Fl n Ar namespace
 .Fl s Ar signature_file
 .Nm ssh-keygen
 .Fl Y Cm sign
+.Op Fl O Ar option
 .Fl f Ar key_file
 .Fl n Ar namespace
 .Ar
@@ -367,12 +372,12 @@ to use on files that mix hashed and non-hashed names.
 .It Fl h
 When signing a key, create a host certificate instead of a user
 certificate.
-Please see the
+See the
 .Sx CERTIFICATES
 section for details.
 .It Fl I Ar certificate_identity
 Specify the key identity when signing a public key.
-Please see the
+See the
 .Sx CERTIFICATES
 section for details.
 .It Fl i
@@ -464,7 +469,7 @@ Provides the new passphrase.
 Specify one or more principals (user or host names) to be included in
 a certificate when signing a key.
 Multiple principals may be specified, separated by commas.
-Please see the
+See the
 .Sx CERTIFICATES
 section for details.
 .It Fl O Ar option
@@ -529,7 +534,7 @@ but other methods may be supported in the future.
 .It Cm write-attestation Ns = Ns Ar path
 May be used at key generation time to record the attestation data
 returned from FIDO tokens during key generation.
-Please note that this information is potentially sensitive.
+This information is potentially sensitive.
 By default, this information is discarded.
 .El
 .Pp
@@ -537,6 +542,14 @@ When performing signature-related options using the
 .Fl Y
 flag, the following options are accepted:
 .Bl -tag -width Ds
+.It Cm hashalg Ns = Ns Ar algorithm
+Selects the hash algorithm to use for hashing the message to be signed.
+Valid algorithms are
+.Dq sha256
+and
+.Dq sha512.
+The default is
+.Dq sha512.
 .It Cm print-pubkey
 Print the full public key to standard output after signature verification.
 .It Cm verify-time Ns = Ns Ar timestamp
@@ -581,7 +594,7 @@ Print the SSHFP fingerprint resource record named
 for the specified public key file.
 .It Fl s Ar ca_key
 Certify (sign) a public key using the specified CA key.
-Please see the
+See the
 .Sx CERTIFICATES
 section for details.
 .Pp
@@ -683,6 +696,14 @@ The format of the allowed signers file is documented in the
 section below.
 If one or more matching principals are found, they are returned on
 standard output.
+.It Fl Y Cm match-principals
+Find principal matching the principal name provided using the
+.Fl I
+flag in the authorized signers file specified using the
+.Fl f
+flag.
+If one or more matching principals are found, they are returned on
+standard output.
 .It Fl Y Cm check-novalidate
 Checks that a signature generated using
 .Nm
@@ -1038,7 +1059,7 @@ public key must be trusted by
 .Xr sshd 8
 or
 .Xr ssh 1 .
-Please refer to those manual pages for details.
+Refer to those manual pages for details.
 .Sh KEY REVOCATION LISTS
 .Nm
 is able to manage OpenSSH format Key Revocation Lists (KRLs).
diff --git a/ssh-keygen.c b/ssh-keygen.c
index 4b40768d517f..d4b7f4dcf800 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-keygen.c,v 1.437 2021/09/08 03:23:44 djm Exp $ */
+/* $OpenBSD: ssh-keygen.c,v 1.448 2022/02/01 23:32:51 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -1203,6 +1203,7 @@ known_hosts_hash(struct hostkey_foreach_line *l, void *_ctx)
 			if ((hashed = host_hash(cp, NULL, 0)) == NULL)
 				fatal("hash_host failed");
 			fprintf(ctx->out, "%s %s\n", hashed, l->rawkey);
+			free(hashed);
 			ctx->has_unhashed = 1;
 		}
 		free(ohosts);
@@ -2459,7 +2460,7 @@ load_sign_key(const char *keypath, const struct sshkey *pubkey)
 {
 	size_t i, slen, plen = strlen(keypath);
 	char *privpath = xstrdup(keypath);
-	const char *suffixes[] = { "-cert.pub", ".pub", NULL };
+	static const char * const suffixes[] = { "-cert.pub", ".pub", NULL };
 	struct sshkey *ret = NULL, *privkey = NULL;
 	int r;
 
@@ -2511,7 +2512,8 @@ load_sign_key(const char *keypath, const struct sshkey *pubkey)
 
 static int
 sign_one(struct sshkey *signkey, const char *filename, int fd,
-    const char *sig_namespace, sshsig_signer *signer, void *signer_ctx)
+    const char *sig_namespace, const char *hashalg, sshsig_signer *signer,
+    void *signer_ctx)
 {
 	struct sshbuf *sigbuf = NULL, *abuf = NULL;
 	int r = SSH_ERR_INTERNAL_ERROR, wfd = -1, oerrno;
@@ -2541,7 +2543,7 @@ sign_one(struct sshkey *signkey, const char *filename, int fd,
 			free(fp);
 		}
 	}
-	if ((r = sshsig_sign_fd(signkey, NULL, sk_provider, pin,
+	if ((r = sshsig_sign_fd(signkey, hashalg, sk_provider, pin,
 	    fd, sig_namespace, &sigbuf, signer, signer_ctx)) != 0) {
 		error_r(r, "Signing %s failed", filename);
 		goto out;
@@ -2602,12 +2604,57 @@ sign_one(struct sshkey *signkey, const char *filename, int fd,
 }
 
 static int
-sig_sign(const char *keypath, const char *sig_namespace, int argc, char **argv)
+sig_process_opts(char * const *opts, size_t nopts, char **hashalgp,
+    uint64_t *verify_timep, int *print_pubkey)
+{
+	size_t i;
+	time_t now;
+
+	if (verify_timep != NULL)
+		*verify_timep = 0;
+	if (print_pubkey != NULL)
+		*print_pubkey = 0;
+	if (hashalgp != NULL)
+		*hashalgp = NULL;
+	for (i = 0; i < nopts; i++) {
+		if (hashalgp != NULL &&
+		    strncasecmp(opts[i], "hashalg=", 8) == 0) {
+			*hashalgp = xstrdup(opts[i] + 8);
+		} else if (verify_timep &&
+		    strncasecmp(opts[i], "verify-time=", 12) == 0) {
+			if (parse_absolute_time(opts[i] + 12,
+			    verify_timep) != 0 || *verify_timep == 0) {
+				error("Invalid \"verify-time\" option");
+				return SSH_ERR_INVALID_ARGUMENT;
+			}
+		} else if (print_pubkey &&
+		    strcasecmp(opts[i], "print-pubkey") == 0) {
+			*print_pubkey = 1;
+		} else {
+			error("Invalid option \"%s\"", opts[i]);
+			return SSH_ERR_INVALID_ARGUMENT;
+		}
+	}
+	if (verify_timep && *verify_timep == 0) {
+		if ((now = time(NULL)) < 0) {
+			error("Time is before epoch");
+			return SSH_ERR_INVALID_ARGUMENT;
+		}
+		*verify_timep = (uint64_t)now;
+	}
+	return 0;
+}
+
+
+static int
+sig_sign(const char *keypath, const char *sig_namespace, int argc, char **argv,
+    char * const *opts, size_t nopts)
 {
 	int i, fd = -1, r, ret = -1;
 	int agent_fd = -1;
 	struct sshkey *pubkey = NULL, *privkey = NULL, *signkey = NULL;
 	sshsig_signer *signer = NULL;
+	char *hashalg = NULL;
 
 	/* Check file arguments. */
 	for (i = 0; i < argc; i++) {
@@ -2617,6 +2664,9 @@ sig_sign(const char *keypath, const char *sig_namespace, int argc, char **argv)
 			fatal("Cannot sign mix of paths and standard input");
 	}
 
+	if (sig_process_opts(opts, nopts, &hashalg, NULL, NULL) != 0)
+		goto done; /* error already logged */
+
 	if ((r = sshkey_load_public(keypath, &pubkey, NULL)) != 0) {
 		error_r(r, "Couldn't load public key %s", keypath);
 		goto done;
@@ -2643,7 +2693,7 @@ sig_sign(const char *keypath, const char *sig_namespace, int argc, char **argv)
 
 	if (argc == 0) {
 		if ((r = sign_one(signkey, "(stdin)", STDIN_FILENO,
-		    sig_namespace, signer, &agent_fd)) != 0)
+		    sig_namespace, hashalg, signer, &agent_fd)) != 0)
 			goto done;
 	} else {
 		for (i = 0; i < argc; i++) {
@@ -2655,7 +2705,7 @@ sig_sign(const char *keypath, const char *sig_namespace, int argc, char **argv)
 				goto done;
 			}
 			if ((r = sign_one(signkey, argv[i], fd, sig_namespace,
-			    signer, &agent_fd)) != 0)
+			    hashalg, signer, &agent_fd)) != 0)
 				goto done;
 			if (fd != STDIN_FILENO)
 				close(fd);
@@ -2669,44 +2719,10 @@ done:
 		close(fd);
 	sshkey_free(pubkey);
 	sshkey_free(privkey);
+	free(hashalg);
 	return ret;
 }
 
-static int
-sig_process_opts(char * const *opts, size_t nopts, uint64_t *verify_timep,
-    int *print_pubkey)
-{
-	size_t i;
-	time_t now;
-
-	*verify_timep = 0;
-	if (print_pubkey != NULL)
-		*print_pubkey = 0;
-	for (i = 0; i < nopts; i++) {
-		if (strncasecmp(opts[i], "verify-time=", 12) == 0) {
-			if (parse_absolute_time(opts[i] + 12,
-			    verify_timep) != 0 || *verify_timep == 0) {
-				error("Invalid \"verify-time\" option");
-				return SSH_ERR_INVALID_ARGUMENT;
-			}
-		} else if (print_pubkey &&
-		    strcasecmp(opts[i], "print-pubkey") == 0) {
-			*print_pubkey = 1;
-		} else {
-			error("Invalid option \"%s\"", opts[i]);
-			return SSH_ERR_INVALID_ARGUMENT;
-		}
-	}
-	if (*verify_timep == 0) {
-		if ((now = time(NULL)) < 0) {
-			error("Time is before epoch");
-			return SSH_ERR_INVALID_ARGUMENT;
-		}
-		*verify_timep = (uint64_t)now;
-	}
-	return 0;
-}
-
 static int
 sig_verify(const char *signature, const char *sig_namespace,
     const char *principal, const char *allowed_keys, const char *revoked_keys,
@@ -2720,7 +2736,8 @@ sig_verify(const char *signature, const char *sig_namespace,
 	struct sshkey_sig_details *sig_details = NULL;
 	uint64_t verify_time = 0;
 
-	if (sig_process_opts(opts, nopts, &verify_time, &print_pubkey) != 0)
+	if (sig_process_opts(opts, nopts, NULL, &verify_time,
+	    &print_pubkey) != 0)
 		goto done; /* error already logged */
 
 	memset(&sig_details, 0, sizeof(sig_details));
@@ -2808,7 +2825,7 @@ sig_find_principals(const char *signature, const char *allowed_keys,
 	char *principals = NULL, *cp, *tmp;
 	uint64_t verify_time = 0;
 
-	if (sig_process_opts(opts, nopts, &verify_time, NULL) != 0)
+	if (sig_process_opts(opts, nopts, NULL, &verify_time, NULL) != 0)
 		goto done; /* error already logged */
 
 	if ((r = sshbuf_load_file(signature, &abuf)) != 0) {
@@ -2846,6 +2863,32 @@ done:
 	return ret;
 }
 
+static int
+sig_match_principals(const char *allowed_keys, char *principal,
+	char * const *opts, size_t nopts)
+{
+	int r;
+	char **principals = NULL;
+	size_t i, nprincipals = 0;
+
+	if ((r = sig_process_opts(opts, nopts, NULL, NULL, NULL)) != 0)
+		return r; /* error already logged */
+
+	if ((r = sshsig_match_principals(allowed_keys, principal,
+	    &principals, &nprincipals)) != 0) {
+		debug_f("match: %s", ssh_err(r));
+		fprintf(stderr, "No principal matched.\n");
+		return r;
+	}
+	for (i = 0; i < nprincipals; i++) {
+		printf("%s\n", principals[i]);
+		free(principals[i]);
+	}
+	free(principals);
+
+	return 0;
+}
+
 static void
 do_moduli_gen(const char *out_file, char **opts, size_t nopts)
 {
@@ -2995,24 +3038,52 @@ passphrase_again:
 	return passphrase1;
 }
 
-static const char *
-skip_ssh_url_preamble(const char *s)
+static char *
+sk_suffix(const char *application, const uint8_t *user, size_t userlen)
 {
-	if (strncmp(s, "ssh://", 6) == 0)
-		return s + 6;
-	else if (strncmp(s, "ssh:", 4) == 0)
-		return s + 4;
-	return s;
+	char *ret, *cp;
+	size_t slen, i;
+
+	/* Trim off URL-like preamble */
+	if (strncmp(application, "ssh://", 6) == 0)
+		ret =  xstrdup(application + 6);
+	else if (strncmp(application, "ssh:", 4) == 0)
+		ret =  xstrdup(application + 4);
+	else
+		ret = xstrdup(application);
+
+	/* Count trailing zeros in user */
+	for (i = 0; i < userlen; i++) {
+		if (user[userlen - i - 1] != 0)
+			break;
+	}
+	if (i >= userlen)
+		return ret; /* user-id was default all-zeros */
+
+	/* Append user-id, escaping non-UTF-8 characters */
+	slen = userlen - i;
+	if (asmprintf(&cp, INT_MAX, NULL, "%.*s", (int)slen, user) == -1)
+		fatal_f("asmprintf failed");
+	/* Don't emit a user-id that contains path or control characters */
+	if (strchr(cp, '/') != NULL || strstr(cp, "..") != NULL ||
+	    strchr(cp, '\\') != NULL) {
+		free(cp);
+		cp = tohex(user, slen);
+	}
+	xextendf(&ret, "_", "%s", cp);
+	free(cp);
+	return ret;
 }
 
 static int
 do_download_sk(const char *skprovider, const char *device)
 {
-	struct sshkey **keys;
-	size_t nkeys, i;
+	struct sshsk_resident_key **srks;
+	size_t nsrks, i;
 	int r, ret = -1;
 	char *fp, *pin = NULL, *pass = NULL, *path, *pubpath;
 	const char *ext;
+	struct sshkey *key;
 
 	if (skprovider == NULL)
 		fatal("Cannot download keys without provider");
@@ -3022,34 +3093,34 @@ do_download_sk(const char *skprovider, const char *device)
 		printf("You may need to touch your authenticator "
 		    "to authorize key download.\n");
 	}
-	if ((r = sshsk_load_resident(skprovider, device, pin,
-	    &keys, &nkeys)) != 0) {
+	if ((r = sshsk_load_resident(skprovider, device, pin, 0,
+	    &srks, &nsrks)) != 0) {
 		if (pin != NULL)
 			freezero(pin, strlen(pin));
 		error_r(r, "Unable to load resident keys");
 		return -1;
 	}
-	if (nkeys == 0)
+	if (nsrks == 0)
 		logit("No keys to download");
 	if (pin != NULL)
 		freezero(pin, strlen(pin));
 
-	for (i = 0; i < nkeys; i++) {
-		if (keys[i]->type != KEY_ECDSA_SK &&
-		    keys[i]->type != KEY_ED25519_SK) {
+	for (i = 0; i < nsrks; i++) {
+		key = srks[i]->key;
+		if (key->type != KEY_ECDSA_SK && key->type != KEY_ED25519_SK) {
 			error("Unsupported key type %s (%d)",
-			    sshkey_type(keys[i]), keys[i]->type);
+			    sshkey_type(key), key->type);
 			continue;
 		}
-		if ((fp = sshkey_fingerprint(keys[i],
-		    fingerprint_hash, SSH_FP_DEFAULT)) == NULL)
+		if ((fp = sshkey_fingerprint(key, fingerprint_hash,
+		    SSH_FP_DEFAULT)) == NULL)
 			fatal_f("sshkey_fingerprint failed");
 		debug_f("key %zu: %s %s %s (flags 0x%02x)", i,
-		    sshkey_type(keys[i]), fp, keys[i]->sk_application,
-		    keys[i]->sk_flags);
-		ext = skip_ssh_url_preamble(keys[i]->sk_application);
+		    sshkey_type(key), fp, key->sk_application, key->sk_flags);
+		ext = sk_suffix(key->sk_application,
+		    srks[i]->user_id, srks[i]->user_id_len);
 		xasprintf(&path, "id_%s_rk%s%s",
-		    keys[i]->type == KEY_ECDSA_SK ? "ecdsa_sk" : "ed25519_sk",
+		    key->type == KEY_ECDSA_SK ? "ecdsa_sk" : "ed25519_sk",
 		    *ext == '\0' ? "" : "_", ext);
 
 		/* If the file already exists, ask the user to confirm. */
@@ -3061,26 +3132,25 @@ do_download_sk(const char *skprovider, const char *device)
 		/* Save the key with the application string as the comment */
 		if (pass == NULL)
 			pass = private_key_passphrase();
-		if ((r = sshkey_save_private(keys[i], path, pass,
-		    keys[i]->sk_application, private_key_format,
+		if ((r = sshkey_save_private(key, path, pass,
+		    key->sk_application, private_key_format,
 		    openssh_format_cipher, rounds)) != 0) {
 			error_r(r, "Saving key \"%s\" failed", path);
 			free(path);
 			break;
 		}
 		if (!quiet) {
-			printf("Saved %s key%s%s to %s\n",
-			    sshkey_type(keys[i]),
+			printf("Saved %s key%s%s to %s\n", sshkey_type(key),
 			    *ext != '\0' ? " " : "",
-			    *ext != '\0' ? keys[i]->sk_application : "",
+			    *ext != '\0' ? key->sk_application : "",
 			    path);
 		}
 
 		/* Save public key too */
 		xasprintf(&pubpath, "%s.pub", path);
 		free(path);
-		if ((r = sshkey_save_public(keys[i], pubpath,
-		    keys[i]->sk_application)) != 0) {
+		if ((r = sshkey_save_public(key, pubpath,
+		    key->sk_application)) != 0) {
 			error_r(r, "Saving public key \"%s\" failed", pubpath);
 			free(pubpath);
 			break;
@@ -3088,13 +3158,11 @@ do_download_sk(const char *skprovider, const char *device)
 		free(pubpath);
 	}
 
-	if (i >= nkeys)
+	if (i >= nsrks)
 		ret = 0; /* success */
 	if (pass != NULL)
 		freezero(pass, strlen(pass));
-	for (i = 0; i < nkeys; i++)
-		sshkey_free(keys[i]);
-	free(keys);
+	sshsk_free_resident_keys(srks, nsrks);
 	return ret;
 }
 
@@ -3159,10 +3227,11 @@ usage(void)
 	    "                  file ...\n"
 	    "       ssh-keygen -Q [-l] -f krl_file [file ...]\n"
 	    "       ssh-keygen -Y find-principals -s signature_file -f allowed_signers_file\n"
+	    "       ssh-keygen -Y match-principals -I signer_identity -f allowed_signers_file\n"
 	    "       ssh-keygen -Y check-novalidate -n namespace -s signature_file\n"
-	    "       ssh-keygen -Y sign -f key_file -n namespace file ...\n"
+	    "       ssh-keygen -Y sign -f key_file -n namespace file [-O option] ...\n"
 	    "       ssh-keygen -Y verify -f allowed_signers_file -I signer_identity\n"
-	    "                  -n namespace -s signature_file [-r revocation_file]\n");
+	    "                  -n namespace -s signature_file [-r krl_file] [-O option]\n");
 	exit(1);
 }
 
@@ -3440,7 +3509,21 @@ main(int argc, char **argv)
 			}
 			return sig_find_principals(ca_key_path, identity_file,
 			    opts, nopts);
+		} else if (strncmp(sign_op, "match-principals", 16) == 0) {
+			if (!have_identity) {
+				error("Too few arguments for match-principals:"
+				    "missing allowed keys file");
+				exit(1);
+			}
+			if (cert_key_id == NULL) {
+				error("Too few arguments for match-principals: "
+				    "missing principal ID");
+				exit(1);
+			}
+			return sig_match_principals(identity_file, cert_key_id,
+			    opts, nopts);
 		} else if (strncmp(sign_op, "sign", 4) == 0) {
+			/* NB. cert_principals is actually namespace, via -n */
 			if (cert_principals == NULL ||
 			    *cert_principals == '\0') {
 				error("Too few arguments for sign: "
@@ -3453,7 +3536,7 @@ main(int argc, char **argv)
 				exit(1);
 			}
 			return sig_sign(identity_file, cert_principals,
-			    argc, argv);
+			    argc, argv, opts, nopts);
 		} else if (strncmp(sign_op, "check-novalidate", 16) == 0) {
 			if (ca_key_path == NULL) {
 				error("Too few arguments for check-novalidate: "
@@ -3463,6 +3546,7 @@ main(int argc, char **argv)
 			return sig_verify(ca_key_path, cert_principals,
 			    NULL, NULL, NULL, opts, nopts);
 		} else if (strncmp(sign_op, "verify", 6) == 0) {
+			/* NB. cert_principals is actually namespace, via -n */
 			if (cert_principals == NULL ||
 			    *cert_principals == '\0') {
 				error("Too few arguments for verify: "
@@ -3481,7 +3565,7 @@ main(int argc, char **argv)
 			}
 			if (cert_key_id == NULL) {
 				error("Too few arguments for verify: "
-				    "missing principal ID");
+				    "missing principal identity");
 				exit(1);
 			}
 			return sig_verify(ca_key_path, cert_principals,
diff --git a/ssh-keyscan.0 b/ssh-keyscan.0
index e65b4259a9fa..7e41755b5375 100644
--- a/ssh-keyscan.0
+++ b/ssh-keyscan.0
@@ -93,4 +93,4 @@ AUTHORS
      Davison <wayned@users.sourceforge.net> added support for protocol version
      2.
 
-OpenBSD 6.9                    November 30, 2019                   OpenBSD 6.9
+OpenBSD 7.0                    November 30, 2019                   OpenBSD 7.0
diff --git a/ssh-keyscan.c b/ssh-keyscan.c
index 7abbcbff5d00..d29a03b4e68a 100644
--- a/ssh-keyscan.c
+++ b/ssh-keyscan.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-keyscan.c,v 1.139 2021/01/27 09:26:54 djm Exp $ */
+/* $OpenBSD: ssh-keyscan.c,v 1.145 2022/01/21 00:53:40 deraadt Exp $ */
 /*
  * Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>.
  *
@@ -25,6 +25,9 @@
 
 #include <netdb.h>
 #include <errno.h>
+#ifdef HAVE_POLL_H
+#include <poll.h>
+#endif
 #include <stdarg.h>
 #include <stdio.h>
 #include <stdlib.h>
@@ -85,8 +88,7 @@ int maxfd;
 #define MAXCON (maxfd - 10)
 
 extern char *__progname;
-fd_set *read_wait;
-size_t read_wait_nfdset;
+struct pollfd *read_wait;
 int ncon;
 
 /*
@@ -111,7 +113,7 @@ typedef struct Connection {
 	char *c_output_name;	/* Hostname of connection for output */
 	char *c_data;		/* Data read from this fd */
 	struct ssh *c_ssh;	/* SSH-connection */
-	struct timeval c_tv;	/* Time at which connection gets aborted */
+	struct timespec c_ts;	/* Time at which connection gets aborted */
 	TAILQ_ENTRY(Connection) c_link;	/* List of connections in timeout order. */
 } con;
 
@@ -305,8 +307,8 @@ keygrab_ssh2(con *c)
 static void
 keyprint_one(const char *host, struct sshkey *key)
 {
-	char *hostport;
-	const char *known_host, *hashed;
+	char *hostport = NULL, *hashed = NULL;
+	const char *known_host;
 
 	found_one = 1;
 
@@ -317,13 +319,14 @@ keyprint_one(const char *host, struct sshkey *key)
 
 	hostport = put_host_port(host, ssh_port);
 	lowercase(hostport);
-	if (hash_hosts && (hashed = host_hash(host, NULL, 0)) == NULL)
+	if (hash_hosts && (hashed = host_hash(hostport, NULL, 0)) == NULL)
 		fatal("host_hash failed");
 	known_host = hash_hosts ? hashed : hostport;
 	if (!get_cert)
 		fprintf(stdout, "%s ", known_host);
 	sshkey_write(key, stdout);
 	fputs("\n", stdout);
+	free(hashed);
 	free(hostport);
 }
 
@@ -412,10 +415,11 @@ conalloc(char *iname, char *oname, int keytype)
 	fdcon[s].c_len = 4;
 	fdcon[s].c_off = 0;
 	fdcon[s].c_keytype = keytype;
-	monotime_tv(&fdcon[s].c_tv);
-	fdcon[s].c_tv.tv_sec += timeout;
+	monotime_ts(&fdcon[s].c_ts);
+	fdcon[s].c_ts.tv_sec += timeout;
 	TAILQ_INSERT_TAIL(&tq, &fdcon[s], c_link);
-	FD_SET(s, read_wait);
+	read_wait[s].fd = s;
+	read_wait[s].events = POLLIN;
 	ncon++;
 	return (s);
 }
@@ -438,7 +442,8 @@ confree(int s)
 	} else
 		close(s);
 	TAILQ_REMOVE(&tq, &fdcon[s], c_link);
-	FD_CLR(s, read_wait);
+	read_wait[s].fd = -1;
+	read_wait[s].events = 0;
 	ncon--;
 }
 
@@ -446,8 +451,8 @@ static void
 contouch(int s)
 {
 	TAILQ_REMOVE(&tq, &fdcon[s], c_link);
-	monotime_tv(&fdcon[s].c_tv);
-	fdcon[s].c_tv.tv_sec += timeout;
+	monotime_ts(&fdcon[s].c_ts);
+	fdcon[s].c_ts.tv_sec += timeout;
 	TAILQ_INSERT_TAIL(&tq, &fdcon[s], c_link);
 }
 
@@ -575,40 +580,33 @@ conread(int s)
 static void
 conloop(void)
 {
-	struct timeval seltime, now;
-	fd_set *r, *e;
+	struct timespec seltime, now;
 	con *c;
 	int i;
 
-	monotime_tv(&now);
+	monotime_ts(&now);
 	c = TAILQ_FIRST(&tq);
 
-	if (c && timercmp(&c->c_tv, &now, >))
-		timersub(&c->c_tv, &now, &seltime);
+	if (c && timespeccmp(&c->c_ts, &now, >))
+		timespecsub(&c->c_ts, &now, &seltime);
 	else
-		timerclear(&seltime);
-
-	r = xcalloc(read_wait_nfdset, sizeof(fd_mask));
-	e = xcalloc(read_wait_nfdset, sizeof(fd_mask));
-	memcpy(r, read_wait, read_wait_nfdset * sizeof(fd_mask));
-	memcpy(e, read_wait, read_wait_nfdset * sizeof(fd_mask));
+		timespecclear(&seltime);
 
-	while (select(maxfd, r, NULL, e, &seltime) == -1 &&
-	    (errno == EAGAIN || errno == EINTR || errno == EWOULDBLOCK))
-		;
+	while (ppoll(read_wait, maxfd, &seltime, NULL) == -1) {
+		if (errno == EAGAIN || errno == EINTR || errno == EWOULDBLOCK)
+			continue;
+		error("poll error");
+	}
 
 	for (i = 0; i < maxfd; i++) {
-		if (FD_ISSET(i, e)) {
-			error("%s: exception!", fdcon[i].c_name);
+		if (read_wait[i].revents & (POLLHUP|POLLERR|POLLNVAL))
 			confree(i);
-		} else if (FD_ISSET(i, r))
+		else if (read_wait[i].revents & (POLLIN|POLLHUP))
 			conread(i);
 	}
-	free(r);
-	free(e);
 
 	c = TAILQ_FIRST(&tq);
-	while (c && timercmp(&c->c_tv, &now, <)) {
+	while (c && timespeccmp(&c->c_ts, &now, <)) {
 		int s = c->c_fd;
 
 		c = TAILQ_NEXT(c, c_link);
@@ -778,9 +776,9 @@ main(int argc, char **argv)
 	if (maxfd > fdlim_get(0))
 		fdlim_set(maxfd);
 	fdcon = xcalloc(maxfd, sizeof(con));
-
-	read_wait_nfdset = howmany(maxfd, NFDBITS);
-	read_wait = xcalloc(read_wait_nfdset, sizeof(fd_mask));
+	read_wait = xcalloc(maxfd, sizeof(struct pollfd));
+	for (j = 0; j < maxfd; j++)
+		read_wait[j].fd = -1;
 
 	for (j = 0; j < fopt_count; j++) {
 		if (argv[j] == NULL)
diff --git a/ssh-keysign.0 b/ssh-keysign.0
index 6d0c83997dd4..85feb7a47204 100644
--- a/ssh-keysign.0
+++ b/ssh-keysign.0
@@ -49,4 +49,4 @@ HISTORY
 AUTHORS
      Markus Friedl <markus@openbsd.org>
 
-OpenBSD 6.9                    November 30, 2019                   OpenBSD 6.9
+OpenBSD 7.0                    November 30, 2019                   OpenBSD 7.0
diff --git a/ssh-keysign.c b/ssh-keysign.c
index d6ac98c6c8c7..c52321e220e7 100644
--- a/ssh-keysign.c
+++ b/ssh-keysign.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-keysign.c,v 1.67 2021/07/05 01:16:46 dtucker Exp $ */
+/* $OpenBSD: ssh-keysign.c,v 1.70 2022/01/06 22:00:18 djm Exp $ */
 /*
  * Copyright (c) 2002 Markus Friedl.  All rights reserved.
  *
@@ -62,7 +62,7 @@
 extern char *__progname;
 
 static int
-valid_request(struct passwd *pw, char *host, struct sshkey **ret,
+valid_request(struct passwd *pw, char *host, struct sshkey **ret, char **pkalgp,
     u_char *data, size_t datalen)
 {
 	struct sshbuf *b;
@@ -75,15 +75,20 @@ valid_request(struct passwd *pw, char *host, struct sshkey **ret,
 
 	if (ret != NULL)
 		*ret = NULL;
+	if (pkalgp != NULL)
+		*pkalgp = NULL;
 	fail = 0;
 
 	if ((b = sshbuf_from(data, datalen)) == NULL)
 		fatal_f("sshbuf_from failed");
 
-	/* session id, currently limited to SHA1 (20 bytes) or SHA256 (32) */
+	/* session id */
 	if ((r = sshbuf_get_string(b, NULL, &len)) != 0)
 		fatal_fr(r, "parse session ID");
-	if (len != 20 && len != 32)
+	if (len != 20 && /* SHA1 */
+	    len != 32 && /* SHA256 */
+	    len != 48 && /* SHA384 */
+	    len != 64)   /* SHA512 */
 		fail++;
 
 	if ((r = sshbuf_get_u8(b, &type)) != 0)
@@ -122,8 +127,6 @@ valid_request(struct passwd *pw, char *host, struct sshkey **ret,
 		fail++;
 	} else if (key->type != pktype)
 		fail++;
-	free(pkalg);
-	free(pkblob);
 
 	/* client host name, handle trailing dot */
 	if ((r = sshbuf_get_cstring(b, &p, &len)) != 0)
@@ -154,8 +157,19 @@ valid_request(struct passwd *pw, char *host, struct sshkey **ret,
 
 	if (fail)
 		sshkey_free(key);
-	else if (ret != NULL)
-		*ret = key;
+	else {
+		if (ret != NULL) {
+			*ret = key;
+			key = NULL;
+		}
+		if (pkalgp != NULL) {
+			*pkalgp = pkalg;
+			pkalg = NULL;
+		}
+	}
+	sshkey_free(key);
+	free(pkalg);
+	free(pkblob);
 
 	return (fail ? -1 : 0);
 }
@@ -170,7 +184,7 @@ main(int argc, char **argv)
 	struct passwd *pw;
 	int r, key_fd[NUM_KEYTYPES], i, found, version = 2, fd;
 	u_char *signature, *data, rver;
-	char *host, *fp;
+	char *host, *fp, *pkalg;
 	size_t slen, dlen;
 
 	if (pledge("stdio rpath getpw dns id", NULL) != 0)
@@ -212,6 +226,9 @@ main(int argc, char **argv)
 		fatal("ssh-keysign not enabled in %s",
 		    _PATH_HOST_CONFIG_FILE);
 
+	if (pledge("stdio dns", NULL) != 0)
+		fatal("%s: pledge: %s", __progname, strerror(errno));
+
 	for (i = found = 0; i < NUM_KEYTYPES; i++) {
 		if (key_fd[i] != -1)
 			found = 1;
@@ -237,9 +254,6 @@ main(int argc, char **argv)
 	if (!found)
 		fatal("no hostkey found");
 
-	if (pledge("stdio dns", NULL) != 0)
-		fatal("%s: pledge: %s", __progname, strerror(errno));
-
 	if ((b = sshbuf_new()) == NULL)
 		fatal("%s: sshbuf_new failed", __progname);
 	if (ssh_msg_recv(STDIN_FILENO, b) < 0)
@@ -258,7 +272,7 @@ main(int argc, char **argv)
 
 	if ((r = sshbuf_get_string(b, &data, &dlen)) != 0)
 		fatal_r(r, "%s: buffer error", __progname);
-	if (valid_request(pw, host, &key, data, dlen) < 0)
+	if (valid_request(pw, host, &key, &pkalg, data, dlen) < 0)
 		fatal("%s: not a valid request", __progname);
 	free(host);
 
@@ -279,7 +293,7 @@ main(int argc, char **argv)
 	}
 
 	if ((r = sshkey_sign(keys[i], &signature, &slen, data, dlen,
-	    NULL, NULL, NULL, 0)) != 0)
+	    pkalg, NULL, NULL, 0)) != 0)
 		fatal_r(r, "%s: sshkey_sign failed", __progname);
 	free(data);
 
diff --git a/ssh-pkcs11-client.c b/ssh-pkcs11-client.c
index e724736944f4..cfd833d74054 100644
--- a/ssh-pkcs11-client.c
+++ b/ssh-pkcs11-client.c
@@ -163,7 +163,7 @@ rsa_encrypt(int flen, const u_char *from, u_char *to, RSA *rsa, int padding)
 	return (ret);
 }
 
-#ifdef HAVE_EC_KEY_METHOD_NEW
+#if defined(OPENSSL_HAS_ECC) && defined(HAVE_EC_KEY_METHOD_NEW)
 static ECDSA_SIG *
 ecdsa_do_sign(const unsigned char *dgst, int dgst_len, const BIGNUM *inv,
     const BIGNUM *rp, EC_KEY *ec)
@@ -220,12 +220,12 @@ ecdsa_do_sign(const unsigned char *dgst, int dgst_len, const BIGNUM *inv,
 	sshbuf_free(msg);
 	return (ret);
 }
-#endif /* HAVE_EC_KEY_METHOD_NEW */
+#endif /* OPENSSL_HAS_ECC && HAVE_EC_KEY_METHOD_NEW */
 
 static RSA_METHOD	*helper_rsa;
-#ifdef HAVE_EC_KEY_METHOD_NEW
+#if defined(OPENSSL_HAS_ECC) && defined(HAVE_EC_KEY_METHOD_NEW)
 static EC_KEY_METHOD	*helper_ecdsa;
-#endif /* HAVE_EC_KEY_METHOD_NEW */
+#endif /* OPENSSL_HAS_ECC && HAVE_EC_KEY_METHOD_NEW */
 
 /* redirect private key crypto operations to the ssh-pkcs11-helper */
 static void
@@ -233,10 +233,10 @@ wrap_key(struct sshkey *k)
 {
 	if (k->type == KEY_RSA)
 		RSA_set_method(k->rsa, helper_rsa);
-#ifdef HAVE_EC_KEY_METHOD_NEW
+#if defined(OPENSSL_HAS_ECC) && defined(HAVE_EC_KEY_METHOD_NEW)
 	else if (k->type == KEY_ECDSA)
 		EC_KEY_set_method(k->ecdsa, helper_ecdsa);
-#endif /* HAVE_EC_KEY_METHOD_NEW */
+#endif /* OPENSSL_HAS_ECC && HAVE_EC_KEY_METHOD_NEW */
 	else
 		fatal_f("unknown key type");
 }
@@ -247,7 +247,7 @@ pkcs11_start_helper_methods(void)
 	if (helper_rsa != NULL)
 		return (0);
 
-#ifdef HAVE_EC_KEY_METHOD_NEW
+#if defined(OPENSSL_HAS_ECC) && defined(HAVE_EC_KEY_METHOD_NEW)
 	int (*orig_sign)(int, const unsigned char *, int, unsigned char *,
 	    unsigned int *, const BIGNUM *, const BIGNUM *, EC_KEY *) = NULL;
 	if (helper_ecdsa != NULL)
@@ -257,7 +257,7 @@ pkcs11_start_helper_methods(void)
 		return (-1);
 	EC_KEY_METHOD_get_sign(helper_ecdsa, &orig_sign, NULL, NULL);
 	EC_KEY_METHOD_set_sign(helper_ecdsa, orig_sign, NULL, ecdsa_do_sign);
-#endif /* HAVE_EC_KEY_METHOD_NEW */
+#endif /* OPENSSL_HAS_ECC && HAVE_EC_KEY_METHOD_NEW */
 
 	if ((helper_rsa = RSA_meth_dup(RSA_get_default_method())) == NULL)
 		fatal_f("RSA_meth_dup failed");
diff --git a/ssh-pkcs11-helper.0 b/ssh-pkcs11-helper.0
index 0553465cf3be..5b38bb07d8ca 100644
--- a/ssh-pkcs11-helper.0
+++ b/ssh-pkcs11-helper.0
@@ -32,4 +32,4 @@ HISTORY
 AUTHORS
      Markus Friedl <markus@openbsd.org>
 
-OpenBSD 6.9                    November 30, 2019                   OpenBSD 6.9
+OpenBSD 7.0                    November 30, 2019                   OpenBSD 7.0
diff --git a/ssh-pkcs11-helper.c b/ssh-pkcs11-helper.c
index 5ca8d03fbd1e..5c3eaaeb0197 100644
--- a/ssh-pkcs11-helper.c
+++ b/ssh-pkcs11-helper.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-pkcs11-helper.c,v 1.25 2021/08/11 05:20:17 djm Exp $ */
+/* $OpenBSD: ssh-pkcs11-helper.c,v 1.26 2021/11/18 03:31:44 djm Exp $ */
 /*
  * Copyright (c) 2010 Markus Friedl.  All rights reserved.
  *
@@ -385,7 +385,7 @@ main(int argc, char **argv)
 		}
 
 		/* copy stdin to iqueue */
-		if ((pfd[0].revents & (POLLIN|POLLERR)) != 0) {
+		if ((pfd[0].revents & (POLLIN|POLLHUP|POLLERR)) != 0) {
 			len = read(in, buf, sizeof buf);
 			if (len == 0) {
 				debug("read eof");
diff --git a/ssh-pkcs11.c b/ssh-pkcs11.c
index 37a6b1b5bcae..b2e2b32a5078 100644
--- a/ssh-pkcs11.c
+++ b/ssh-pkcs11.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-pkcs11.c,v 1.54 2021/08/11 05:20:17 djm Exp $ */
+/* $OpenBSD: ssh-pkcs11.c,v 1.55 2021/11/18 21:11:01 djm Exp $ */
 /*
  * Copyright (c) 2010 Markus Friedl.  All rights reserved.
  * Copyright (c) 2014 Pedro Martelletto. All rights reserved.
@@ -79,7 +79,7 @@ struct pkcs11_key {
 
 int pkcs11_interactive = 0;
 
-#ifdef HAVE_EC_KEY_METHOD_NEW
+#if defined(OPENSSL_HAS_ECC) && defined(HAVE_EC_KEY_METHOD_NEW)
 static void
 ossl_error(const char *msg)
 {
@@ -89,7 +89,7 @@ ossl_error(const char *msg)
 	while ((e = ERR_get_error()) != 0)
 		error_f("libcrypto error: %s", ERR_error_string(e, NULL));
 }
-#endif /* HAVE_EC_KEY_METHOD_NEW */
+#endif /* OPENSSL_HAS_ECC && HAVE_EC_KEY_METHOD_NEW */
 
 int
 pkcs11_init(int interactive)
@@ -190,10 +190,10 @@ pkcs11_del_provider(char *provider_id)
 
 static RSA_METHOD *rsa_method;
 static int rsa_idx = 0;
-#ifdef HAVE_EC_KEY_METHOD_NEW
+#if defined(OPENSSL_HAS_ECC) && defined(HAVE_EC_KEY_METHOD_NEW)
 static EC_KEY_METHOD *ec_key_method;
 static int ec_key_idx = 0;
-#endif
+#endif /* OPENSSL_HAS_ECC && HAVE_EC_KEY_METHOD_NEW */
 
 /* release a wrapped object */
 static void
@@ -507,7 +507,7 @@ pkcs11_rsa_wrap(struct pkcs11_provider *provider, CK_ULONG slotidx,
 	return (0);
 }
 
-#ifdef HAVE_EC_KEY_METHOD_NEW
+#if defined(OPENSSL_HAS_ECC) && defined(HAVE_EC_KEY_METHOD_NEW)
 /* openssl callback doing the actual signing operation */
 static ECDSA_SIG *
 ecdsa_do_sign(const unsigned char *dgst, int dgst_len, const BIGNUM *inv,
@@ -611,15 +611,16 @@ pkcs11_ecdsa_wrap(struct pkcs11_provider *provider, CK_ULONG slotidx,
 	k11->slotidx = slotidx;
 	/* identify key object on smartcard */
 	k11->keyid_len = keyid_attrib->ulValueLen;
-	k11->keyid = xmalloc(k11->keyid_len);
-	memcpy(k11->keyid, keyid_attrib->pValue, k11->keyid_len);
-
+	if (k11->keyid_len > 0) {
+		k11->keyid = xmalloc(k11->keyid_len);
+		memcpy(k11->keyid, keyid_attrib->pValue, k11->keyid_len);
+	}
 	EC_KEY_set_method(ec, ec_key_method);
 	EC_KEY_set_ex_data(ec, ec_key_idx, k11);
 
 	return (0);
 }
-#endif /* HAVE_EC_KEY_METHOD_NEW */
+#endif /* OPENSSL_HAS_ECC && HAVE_EC_KEY_METHOD_NEW */
 
 /* remove trailing spaces */
 static void
@@ -694,7 +695,7 @@ pkcs11_key_included(struct sshkey ***keysp, int *nkeys, struct sshkey *key)
 	return (0);
 }
 
-#ifdef HAVE_EC_KEY_METHOD_NEW
+#if defined(OPENSSL_HAS_ECC) && defined(HAVE_EC_KEY_METHOD_NEW)
 static struct sshkey *
 pkcs11_fetch_ecdsa_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx,
     CK_OBJECT_HANDLE *obj)
@@ -817,7 +818,7 @@ fail:
 
 	return (key);
 }
-#endif /* HAVE_EC_KEY_METHOD_NEW */
+#endif /* OPENSSL_HAS_ECC && HAVE_EC_KEY_METHOD_NEW */
 
 static struct sshkey *
 pkcs11_fetch_rsa_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx,
@@ -925,7 +926,7 @@ pkcs11_fetch_x509_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx,
 #endif
 	struct sshkey		*key = NULL;
 	int			 i;
-#ifdef HAVE_EC_KEY_METHOD_NEW
+#if defined(OPENSSL_HAS_ECC) && defined(HAVE_EC_KEY_METHOD_NEW)
 	int			 nid;
 #endif
 	const u_char		*cp;
@@ -1014,7 +1015,7 @@ pkcs11_fetch_x509_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx,
 		key->type = KEY_RSA;
 		key->flags |= SSHKEY_FLAG_EXT;
 		rsa = NULL;	/* now owned by key */
-#ifdef HAVE_EC_KEY_METHOD_NEW
+#if defined(OPENSSL_HAS_ECC) && defined(HAVE_EC_KEY_METHOD_NEW)
 	} else if (EVP_PKEY_base_id(evp) == EVP_PKEY_EC) {
 		if (EVP_PKEY_get0_EC_KEY(evp) == NULL) {
 			error("invalid x509; no ec key");
@@ -1045,7 +1046,7 @@ pkcs11_fetch_x509_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx,
 		key->type = KEY_ECDSA;
 		key->flags |= SSHKEY_FLAG_EXT;
 		ec = NULL;	/* now owned by key */
-#endif /* HAVE_EC_KEY_METHOD_NEW */
+#endif /* OPENSSL_HAS_ECC && HAVE_EC_KEY_METHOD_NEW */
 	} else {
 		error("unknown certificate key type");
 		goto out;
@@ -1269,11 +1270,11 @@ pkcs11_fetch_keys(struct pkcs11_provider *p, CK_ULONG slotidx,
 		case CKK_RSA:
 			key = pkcs11_fetch_rsa_pubkey(p, slotidx, &obj);
 			break;
-#ifdef HAVE_EC_KEY_METHOD_NEW
+#if defined(OPENSSL_HAS_ECC) && defined(HAVE_EC_KEY_METHOD_NEW)
 		case CKK_ECDSA:
 			key = pkcs11_fetch_ecdsa_pubkey(p, slotidx, &obj);
 			break;
-#endif /* HAVE_EC_KEY_METHOD_NEW */
+#endif /* OPENSSL_HAS_ECC && HAVE_EC_KEY_METHOD_NEW */
 		default:
 			/* XXX print key type? */
 			key = NULL;
diff --git a/ssh-sk-client.c b/ssh-sk-client.c
index e932590094a2..321fe53a2d91 100644
--- a/ssh-sk-client.c
+++ b/ssh-sk-client.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-sk-client.c,v 1.9 2021/04/03 06:18:41 djm Exp $ */
+/* $OpenBSD: ssh-sk-client.c,v 1.12 2022/01/14 03:34:00 djm Exp $ */
 /*
  * Copyright (c) 2019 Google LLC
  *
@@ -232,7 +232,6 @@ sshsk_sign(const char *provider, struct sshkey *key,
     u_int compat, const char *pin)
 {
 	int oerrno, r = SSH_ERR_INTERNAL_ERROR;
-	char *fp = NULL;
 	struct sshbuf *kbuf = NULL, *req = NULL, *resp = NULL;
 
 	*sigp = NULL;
@@ -262,12 +261,6 @@ sshsk_sign(const char *provider, struct sshkey *key,
 		goto out;
 	}
 
-	if ((fp = sshkey_fingerprint(key, SSH_FP_HASH_DEFAULT,
-	    SSH_FP_DEFAULT)) == NULL) {
-		error_f("sshkey_fingerprint failed");
-		r = SSH_ERR_ALLOC_FAIL;
-		goto out;
-	}
 	if ((r = client_converse(req, &resp, SSH_SK_HELPER_SIGN)) != 0)
 		goto out;
 
@@ -375,20 +368,46 @@ sshsk_enroll(int type, const char *provider_path, const char *device,
 	return r;
 }
 
+static void
+sshsk_free_resident_key(struct sshsk_resident_key *srk)
+{
+	if (srk == NULL)
+		return;
+	sshkey_free(srk->key);
+	freezero(srk->user_id, srk->user_id_len);
+	free(srk);
+}
+
+
+void
+sshsk_free_resident_keys(struct sshsk_resident_key **srks, size_t nsrks)
+{
+	size_t i;
+
+	if (srks == NULL || nsrks == 0)
+		return;
+
+	for (i = 0; i < nsrks; i++)
+		sshsk_free_resident_key(srks[i]);
+	free(srks);
+}
+
 int
 sshsk_load_resident(const char *provider_path, const char *device,
-    const char *pin, struct sshkey ***keysp, size_t *nkeysp)
+    const char *pin, u_int flags, struct sshsk_resident_key ***srksp,
+    size_t *nsrksp)
 {
 	int oerrno, r = SSH_ERR_INTERNAL_ERROR;
 	struct sshbuf *kbuf = NULL, *req = NULL, *resp = NULL;
-	struct sshkey *key = NULL, **keys = NULL, **tmp;
-	size_t i, nkeys = 0;
+	struct sshkey *key = NULL;
+	struct sshsk_resident_key *srk = NULL, **srks = NULL, **tmp;
+	u_char *userid = NULL;
+	size_t userid_len = 0, nsrks = 0;
 
-	*keysp = NULL;
-	*nkeysp = 0;
+	*srksp = NULL;
+	*nsrksp = 0;
 
-	if ((resp = sshbuf_new()) == NULL ||
-	    (kbuf = sshbuf_new()) == NULL ||
+	if ((kbuf = sshbuf_new()) == NULL ||
 	    (req = sshbuf_new()) == NULL) {
 		r = SSH_ERR_ALLOC_FAIL;
 		goto out;
@@ -396,7 +415,8 @@ sshsk_load_resident(const char *provider_path, const char *device,
 
 	if ((r = sshbuf_put_cstring(req, provider_path)) != 0 ||
 	    (r = sshbuf_put_cstring(req, device)) != 0 ||
-	    (r = sshbuf_put_cstring(req, pin)) != 0) {
+	    (r = sshbuf_put_cstring(req, pin)) != 0 ||
+	    (r = sshbuf_put_u32(req, flags)) != 0) {
 		error_fr(r, "compose");
 		goto out;
 	}
@@ -405,10 +425,11 @@ sshsk_load_resident(const char *provider_path, const char *device,
 		goto out;
 
 	while (sshbuf_len(resp) != 0) {
-		/* key, comment */
+		/* key, comment, user_id */
 		if ((r = sshbuf_get_stringb(resp, kbuf)) != 0 ||
-		    (r = sshbuf_get_cstring(resp, NULL, NULL)) != 0) {
-			error_fr(r, "parse signature");
+		    (r = sshbuf_get_cstring(resp, NULL, NULL)) != 0 ||
+		    (r = sshbuf_get_string(resp, &userid, &userid_len)) != 0) {
+			error_fr(r, "parse");
 			r = SSH_ERR_INVALID_FORMAT;
 			goto out;
 		}
@@ -416,29 +437,40 @@ sshsk_load_resident(const char *provider_path, const char *device,
 			error_fr(r, "decode key");
 			goto out;
 		}
-		if ((tmp = recallocarray(keys, nkeys, nkeys + 1,
-		    sizeof(*keys))) == NULL) {
-			error_f("recallocarray keys failed");
+		if ((srk = calloc(1, sizeof(*srk))) == NULL) {
+			error_f("calloc failed");
 			goto out;
 		}
-		debug_f("keys[%zu]: %s %s", nkeys, sshkey_type(key),
-		    key->sk_application);
-		keys = tmp;
-		keys[nkeys++] = key;
+		srk->key = key;
 		key = NULL;
+		srk->user_id = userid;
+		srk->user_id_len = userid_len;
+		userid = NULL;
+		userid_len = 0;
+		if ((tmp = recallocarray(srks, nsrks, nsrks + 1,
+		    sizeof(*srks))) == NULL) {
+			error_f("recallocarray keys failed");
+			goto out;
+		}
+		debug_f("srks[%zu]: %s %s uidlen %zu", nsrks,
+		    sshkey_type(srk->key), srk->key->sk_application,
+		    srk->user_id_len);
+		srks = tmp;
+		srks[nsrks++] = srk;
+		srk = NULL;
 	}
 
 	/* success */
 	r = 0;
-	*keysp = keys;
-	*nkeysp = nkeys;
-	keys = NULL;
-	nkeys = 0;
+	*srksp = srks;
+	*nsrksp = nsrks;
+	srks = NULL;
+	nsrks = 0;
  out:
 	oerrno = errno;
-	for (i = 0; i < nkeys; i++)
-		sshkey_free(keys[i]);
-	free(keys);
+	sshsk_free_resident_key(srk);
+	sshsk_free_resident_keys(srks, nsrks);
+	freezero(userid, userid_len);
 	sshkey_free(key);
 	sshbuf_free(kbuf);
 	sshbuf_free(req);
diff --git a/ssh-sk-helper.c b/ssh-sk-helper.c
index 21a08919d340..b1d22631f2f6 100644
--- a/ssh-sk-helper.c
+++ b/ssh-sk-helper.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-sk-helper.c,v 1.11 2020/10/18 11:32:02 djm Exp $ */
+/* $OpenBSD: ssh-sk-helper.c,v 1.12 2021/10/28 02:54:18 djm Exp $ */
 /*
  * Copyright (c) 2019 Google LLC
  *
@@ -216,15 +216,17 @@ process_load_resident(struct sshbuf *req)
 	int r;
 	char *provider, *pin, *device;
 	struct sshbuf *kbuf, *resp;
-	struct sshkey **keys = NULL;
-	size_t nkeys = 0, i;
+	struct sshsk_resident_key **srks = NULL;
+	size_t nsrks = 0, i;
+	u_int flags;
 
 	if ((kbuf = sshbuf_new()) == NULL)
 		fatal("%s: sshbuf_new failed", __progname);
 
 	if ((r = sshbuf_get_cstring(req, &provider, NULL)) != 0 ||
 	    (r = sshbuf_get_cstring(req, &device, NULL)) != 0 ||
-	    (r = sshbuf_get_cstring(req, &pin, NULL)) != 0)
+	    (r = sshbuf_get_cstring(req, &pin, NULL)) != 0 ||
+	    (r = sshbuf_get_u32(req, &flags)) != 0)
 		fatal_r(r, "%s: parse", __progname);
 	if (sshbuf_len(req) != 0)
 		fatal("%s: trailing data in request", __progname);
@@ -232,9 +234,9 @@ process_load_resident(struct sshbuf *req)
 	null_empty(&device);
 	null_empty(&pin);
 
-	if ((r = sshsk_load_resident(provider, device, pin,
-	    &keys, &nkeys)) != 0) {
-		resp = reply_error(r, " sshsk_load_resident failed: %s",
+	if ((r = sshsk_load_resident(provider, device, pin, flags,
+	    &srks, &nsrks)) != 0) {
+		resp = reply_error(r, "sshsk_load_resident failed: %s",
 		    ssh_err(r));
 		goto out;
 	}
@@ -245,21 +247,22 @@ process_load_resident(struct sshbuf *req)
 	if ((r = sshbuf_put_u32(resp, SSH_SK_HELPER_LOAD_RESIDENT)) != 0)
 		fatal_r(r, "%s: compose", __progname);
 
-	for (i = 0; i < nkeys; i++) {
-		debug_f("key %zu %s %s", i, sshkey_type(keys[i]),
-		    keys[i]->sk_application);
+	for (i = 0; i < nsrks; i++) {
+		debug_f("key %zu %s %s uidlen %zu", i,
+		    sshkey_type(srks[i]->key), srks[i]->key->sk_application,
+		    srks[i]->user_id_len);
 		sshbuf_reset(kbuf);
-		if ((r = sshkey_private_serialize(keys[i], kbuf)) != 0)
+		if ((r = sshkey_private_serialize(srks[i]->key, kbuf)) != 0)
 			fatal_r(r, "%s: encode key", __progname);
 		if ((r = sshbuf_put_stringb(resp, kbuf)) != 0 ||
-		    (r = sshbuf_put_cstring(resp, "")) != 0) /* comment */
+		    (r = sshbuf_put_cstring(resp, "")) != 0 || /* comment */
+		    (r = sshbuf_put_string(resp, srks[i]->user_id,
+		    srks[i]->user_id_len)) != 0)
 			fatal_r(r, "%s: compose key", __progname);
 	}
 
  out:
-	for (i = 0; i < nkeys; i++)
-		sshkey_free(keys[i]);
-	free(keys);
+	sshsk_free_resident_keys(srks, nsrks);
 	sshbuf_free(kbuf);
 	free(provider);
 	if (pin != NULL)
diff --git a/ssh-sk.c b/ssh-sk.c
index d254e77f9397..a1ff5cc485e8 100644
--- a/ssh-sk.c
+++ b/ssh-sk.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-sk.c,v 1.35 2021/02/26 00:16:58 djm Exp $ */
+/* $OpenBSD: ssh-sk.c,v 1.38 2022/01/14 03:35:10 djm Exp $ */
 /*
  * Copyright (c) 2019 Google LLC
  *
@@ -29,10 +29,10 @@
 #include <string.h>
 #include <stdio.h>
 
-#ifdef WITH_OPENSSL
+#if defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC)
 #include <openssl/objects.h>
 #include <openssl/ec.h>
-#endif /* WITH_OPENSSL */
+#endif /* WITH_OPENSSL && OPENSSL_HAS_ECC */
 
 #include "log.h"
 #include "misc.h"
@@ -45,6 +45,15 @@
 #include "sk-api.h"
 #include "crypto_api.h"
 
+/*
+ * Almost every use of OpenSSL in this file is for ECDSA-NISTP256.
+ * This is strictly a larger hammer than necessary, but it reduces changes
+ * with upstream.
+ */
+#ifndef OPENSSL_HAS_ECC
+# undef WITH_OPENSSL
+#endif
+
 struct sshsk_provider {
 	char *path;
 	void *dlhandle;
@@ -525,7 +534,7 @@ sshsk_enroll(int type, const char *provider_path, const char *device,
 		goto out;
 	}
 
-	if ((r = sshsk_key_from_response(alg, application, flags,
+	if ((r = sshsk_key_from_response(alg, application, resp->flags,
 	    resp, &key)) != 0)
 		goto out;
 
@@ -733,6 +742,7 @@ sshsk_free_sk_resident_keys(struct sk_resident_key **rks, size_t nrks)
 		return;
 	for (i = 0; i < nrks; i++) {
 		free(rks[i]->application);
+		freezero(rks[i]->user_id, rks[i]->user_id_len);
 		freezero(rks[i]->key.key_handle, rks[i]->key.key_handle_len);
 		freezero(rks[i]->key.public_key, rks[i]->key.public_key_len);
 		freezero(rks[i]->key.signature, rks[i]->key.signature_len);
@@ -743,25 +753,51 @@ sshsk_free_sk_resident_keys(struct sk_resident_key **rks, size_t nrks)
 	free(rks);
 }
 
+static void
+sshsk_free_resident_key(struct sshsk_resident_key *srk)
+{
+	if (srk == NULL)
+		return;
+	sshkey_free(srk->key);
+	freezero(srk->user_id, srk->user_id_len);
+	free(srk);
+}
+
+
+void
+sshsk_free_resident_keys(struct sshsk_resident_key **srks, size_t nsrks)
+{
+	size_t i;
+
+	if (srks == NULL || nsrks == 0)
+		return;
+
+	for (i = 0; i < nsrks; i++)
+		sshsk_free_resident_key(srks[i]);
+	free(srks);
+}
+
 int
 sshsk_load_resident(const char *provider_path, const char *device,
-    const char *pin, struct sshkey ***keysp, size_t *nkeysp)
+    const char *pin, u_int flags, struct sshsk_resident_key ***srksp,
+    size_t *nsrksp)
 {
 	struct sshsk_provider *skp = NULL;
 	int r = SSH_ERR_INTERNAL_ERROR;
 	struct sk_resident_key **rks = NULL;
-	size_t i, nrks = 0, nkeys = 0;
-	struct sshkey *key = NULL, **keys = NULL, **tmp;
-	uint8_t flags;
+	size_t i, nrks = 0, nsrks = 0;
+	struct sshkey *key = NULL;
+	struct sshsk_resident_key *srk = NULL, **srks = NULL, **tmp;
+	uint8_t sk_flags;
 	struct sk_option **opts = NULL;
 
 	debug_f("provider \"%s\"%s", provider_path,
 	    (pin != NULL && *pin != '\0') ? ", have-pin": "");
 
-	if (keysp == NULL || nkeysp == NULL)
+	if (srksp == NULL || nsrksp == NULL)
 		return SSH_ERR_INVALID_ARGUMENT;
-	*keysp = NULL;
-	*nkeysp = 0;
+	*srksp = NULL;
+	*nsrksp = 0;
 
 	if ((r = make_options(device, NULL, &opts)) != 0)
 		goto out;
@@ -775,8 +811,9 @@ sshsk_load_resident(const char *provider_path, const char *device,
 		goto out;
 	}
 	for (i = 0; i < nrks; i++) {
-		debug3_f("rk %zu: slot = %zu, alg = %d, application = \"%s\"",
-		    i, rks[i]->slot, rks[i]->alg, rks[i]->application);
+		debug3_f("rk %zu: slot %zu, alg %d, app \"%s\", uidlen %zu",
+		    i, rks[i]->slot, rks[i]->alg, rks[i]->application,
+		    rks[i]->user_id_len);
 		/* XXX need better filter here */
 		if (strncmp(rks[i]->application, "ssh:", 4) != 0)
 			continue;
@@ -787,39 +824,50 @@ sshsk_load_resident(const char *provider_path, const char *device,
 		default:
 			continue;
 		}
-		flags = SSH_SK_USER_PRESENCE_REQD|SSH_SK_RESIDENT_KEY;
+		sk_flags = SSH_SK_USER_PRESENCE_REQD|SSH_SK_RESIDENT_KEY;
 		if ((rks[i]->flags & SSH_SK_USER_VERIFICATION_REQD))
-			flags |= SSH_SK_USER_VERIFICATION_REQD;
+			sk_flags |= SSH_SK_USER_VERIFICATION_REQD;
 		if ((r = sshsk_key_from_response(rks[i]->alg,
-		    rks[i]->application, flags, &rks[i]->key, &key)) != 0)
+		    rks[i]->application, sk_flags, &rks[i]->key, &key)) != 0)
 			goto out;
-		if ((tmp = recallocarray(keys, nkeys, nkeys + 1,
+		if ((srk = calloc(1, sizeof(*srk))) == NULL) {
+			error_f("calloc failed");
+			r = SSH_ERR_ALLOC_FAIL;
+			goto out;
+		}
+		srk->key = key;
+		key = NULL; /* transferred */
+		if ((srk->user_id = calloc(1, rks[i]->user_id_len)) == NULL) {
+			error_f("calloc failed");
+			r = SSH_ERR_ALLOC_FAIL;
+			goto out;
+		}
+		memcpy(srk->user_id, rks[i]->user_id, rks[i]->user_id_len);
+		srk->user_id_len = rks[i]->user_id_len;
+		if ((tmp = recallocarray(srks, nsrks, nsrks + 1,
 		    sizeof(*tmp))) == NULL) {
 			error_f("recallocarray failed");
 			r = SSH_ERR_ALLOC_FAIL;
 			goto out;
 		}
-		keys = tmp;
-		keys[nkeys++] = key;
-		key = NULL;
+		srks = tmp;
+		srks[nsrks++] = srk;
+		srk = NULL;
 		/* XXX synthesise comment */
 	}
 	/* success */
-	*keysp = keys;
-	*nkeysp = nkeys;
-	keys = NULL;
-	nkeys = 0;
+	*srksp = srks;
+	*nsrksp = nsrks;
+	srks = NULL;
+	nsrks = 0;
 	r = 0;
  out:
 	sshsk_free_options(opts);
 	sshsk_free(skp);
 	sshsk_free_sk_resident_keys(rks, nrks);
 	sshkey_free(key);
-	if (nkeys != 0) {
-		for (i = 0; i < nkeys; i++)
-			sshkey_free(keys[i]);
-		free(keys);
-	}
+	sshsk_free_resident_key(srk);
+	sshsk_free_resident_keys(srks, nsrks);
 	return r;
 }
 
diff --git a/ssh-sk.h b/ssh-sk.h
index 0f566bbc3859..89d1b6627854 100644
--- a/ssh-sk.h
+++ b/ssh-sk.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-sk.h,v 1.10 2020/01/10 23:43:26 djm Exp $ */
+/* $OpenBSD: ssh-sk.h,v 1.11 2021/10/28 02:54:18 djm Exp $ */
 /*
  * Copyright (c) 2019 Google LLC
  *
@@ -31,6 +31,12 @@ struct sk_option;
 #define SSH_SK_HELPER_ENROLL		2
 #define SSH_SK_HELPER_LOAD_RESIDENT	3
 
+struct sshsk_resident_key {
+	struct sshkey *key;
+	uint8_t *user_id;
+	size_t user_id_len;
+};
+
 /*
  * Enroll (generate) a new security-key hosted private key of given type
  * via the specified provider middleware.
@@ -63,7 +69,11 @@ int sshsk_sign(const char *provider_path, struct sshkey *key,
  * Returns 0 on success or a ssherr.h error code on failure.
  */
 int sshsk_load_resident(const char *provider_path, const char *device,
-    const char *pin, struct sshkey ***keysp, size_t *nkeysp);
+    const char *pin, u_int flags, struct sshsk_resident_key ***srksp,
+    size_t *nsrksp);
+
+/* Free an array of sshsk_resident_key (as returned from sshsk_load_resident) */
+void sshsk_free_resident_keys(struct sshsk_resident_key **srks, size_t nsrks);
 
 #endif /* _SSH_SK_H */
 
diff --git a/ssh.0 b/ssh.0
index 055bad3b686f..3a88a46d47bd 100644
--- a/ssh.0
+++ b/ssh.0
@@ -143,9 +143,9 @@ DESCRIPTION
              key authentication is read.  You can also specify a public key
              file to use the corresponding private key that is loaded in
              ssh-agent(1) when the private key file is not present locally.
-             The default is ~/.ssh/id_dsa, ~/.ssh/id_ecdsa,
+             The default is ~/.ssh/id_rsa, ~/.ssh/id_ecdsa,
              ~/.ssh/id_ecdsa_sk, ~/.ssh/id_ed25519, ~/.ssh/id_ed25519_sk and
-             ~/.ssh/id_rsa.  Identity files may also be specified on a per-
+             ~/.ssh/id_dsa.  Identity files may also be specified on a per-
              host basis in the configuration file.  It is possible to have
              multiple -i options (and multiple identities specified in
              configuration files).  If no certificates have been explicitly
@@ -448,9 +448,9 @@ DESCRIPTION
              to perform activities such as keystroke monitoring.
 
              For this reason, X11 forwarding is subjected to X11 SECURITY
-             extension restrictions by default.  Please refer to the ssh -Y
-             option and the ForwardX11Trusted directive in ssh_config(5) for
-             more information.
+             extension restrictions by default.  Refer to the ssh -Y option
+             and the ForwardX11Trusted directive in ssh_config(5) for more
+             information.
 
      -x      Disables X11 forwarding.
 
@@ -1013,4 +1013,4 @@ AUTHORS
      created OpenSSH.  Markus Friedl contributed the support for SSH protocol
      versions 1.5 and 2.0.
 
-OpenBSD 6.9                   September 10, 2021                   OpenBSD 6.9
+OpenBSD 7.0                    February 6, 2022                    OpenBSD 7.0
diff --git a/ssh.1 b/ssh.1
index 7efb23828dc7..ce0024911691 100644
--- a/ssh.1
+++ b/ssh.1
@@ -33,8 +33,8 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: ssh.1,v 1.427 2021/09/10 10:26:02 dtucker Exp $
-.Dd $Mdocdate: September 10 2021 $
+.\" $OpenBSD: ssh.1,v 1.429 2022/02/06 00:29:03 jsg Exp $
+.Dd $Mdocdate: February 6 2022 $
 .Dt SSH 1
 .Os
 .Sh NAME
@@ -298,13 +298,13 @@ private key that is loaded in
 .Xr ssh-agent 1
 when the private key file is not present locally.
 The default is
-.Pa ~/.ssh/id_dsa ,
+.Pa ~/.ssh/id_rsa ,
 .Pa ~/.ssh/id_ecdsa ,
 .Pa ~/.ssh/id_ecdsa_sk ,
 .Pa ~/.ssh/id_ed25519 ,
 .Pa ~/.ssh/id_ed25519_sk
 and
-.Pa ~/.ssh/id_rsa .
+.Pa ~/.ssh/id_dsa .
 Identity files may also be specified on
 a per-host basis in the configuration file.
 It is possible to have multiple
@@ -825,7 +825,7 @@ An attacker may then be able to perform activities such as keystroke monitoring.
 .Pp
 For this reason, X11 forwarding is subjected to X11 SECURITY extension
 restrictions by default.
-Please refer to the
+Refer to the
 .Nm
 .Fl Y
 option and the
diff --git a/ssh.c b/ssh.c
index e6fe8090991d..8ff97881874f 100644
--- a/ssh.c
+++ b/ssh.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh.c,v 1.569 2021/09/20 04:02:13 dtucker Exp $ */
+/* $OpenBSD: ssh.c,v 1.573 2022/02/08 08:59:12 dtucker Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -1272,7 +1272,7 @@ main(int ac, char **av)
 		    /* Optional additional jump hosts ",..." */
 		    options.jump_extra == NULL ? "" : " -J ",
 		    options.jump_extra == NULL ? "" : options.jump_extra,
-		    /* Optional "-F" argumment if -F specified */
+		    /* Optional "-F" argument if -F specified */
 		    config == NULL ? "" : " -F ",
 		    config == NULL ? "" : config,
 		    /* Optional "-v" arguments if -v set */
@@ -1342,7 +1342,8 @@ main(int ac, char **av)
 
 	/* Force no tty */
 	if (options.request_tty == REQUEST_TTY_NO ||
-	    (muxclient_command && muxclient_command != SSHMUX_COMMAND_PROXY))
+	    (muxclient_command && muxclient_command != SSHMUX_COMMAND_PROXY) ||
+	    options.session_type == SESSION_TYPE_NONE)
 		tty_flag = 0;
 	/* Do not allocate a tty if stdin is not a tty. */
 	if ((!isatty(fileno(stdin)) || options.stdin_null) &&
@@ -1576,11 +1577,17 @@ main(int ac, char **av)
 		fatal_f("pubkey out of array bounds"); \
 	check_load(sshkey_load_public(p, &(sensitive_data.keys[o]), NULL), \
 	    p, "pubkey"); \
+	if (sensitive_data.keys[o] != NULL) \
+		debug2("hostbased key %d: %s key from \"%s\"", o, \
+		    sshkey_ssh_name(sensitive_data.keys[o]), p); \
 } while (0)
 #define L_CERT(p,o) do { \
 	if ((o) >= sensitive_data.nkeys) \
 		fatal_f("cert out of array bounds"); \
 	check_load(sshkey_load_cert(p, &(sensitive_data.keys[o])), p, "cert"); \
+	if (sensitive_data.keys[o] != NULL) \
+		debug2("hostbased key %d: %s cert from \"%s\"", o, \
+		    sshkey_ssh_name(sensitive_data.keys[o]), p); \
 } while (0)
 
 		if (options.hostbased_authentication == 1) {
@@ -1880,7 +1887,7 @@ ssh_init_forward_permissions(struct ssh *ssh, const char *what, char **opens,
 {
 	u_int i;
 	int port;
-	char *addr, *arg, *oarg, ch;
+	char *addr, *arg, *oarg;
 	int where = FORWARD_LOCAL;
 
 	channel_clear_permission(ssh, FORWARD_ADM, where);
@@ -1897,9 +1904,8 @@ ssh_init_forward_permissions(struct ssh *ssh, const char *what, char **opens,
 	/* Otherwise treat it as a list of permitted host:port */
 	for (i = 0; i < num_opens; i++) {
 		oarg = arg = xstrdup(opens[i]);
-		ch = '\0';
-		addr = hpdelim2(&arg, &ch);
-		if (addr == NULL || ch == '/')
+		addr = hpdelim(&arg);
+		if (addr == NULL)
 			fatal_f("missing host in %s", what);
 		addr = cleanhostname(addr);
 		if (arg == NULL || ((port = permitopen_port(arg)) < 0))
diff --git a/ssh_config.0 b/ssh_config.0
index d3890a4a7fc4..18811469893a 100644
--- a/ssh_config.0
+++ b/ssh_config.0
@@ -589,9 +589,9 @@ DESCRIPTION
      IdentityFile
              Specifies a file from which the user's DSA, ECDSA, authenticator-
              hosted ECDSA, Ed25519, authenticator-hosted Ed25519 or RSA
-             authentication identity is read.  The default is ~/.ssh/id_dsa,
+             authentication identity is read.  The default is ~/.ssh/id_rsa,
              ~/.ssh/id_ecdsa, ~/.ssh/id_ecdsa_sk, ~/.ssh/id_ed25519,
-             ~/.ssh/id_ed25519_sk and ~/.ssh/id_rsa.  Additionally, any
+             ~/.ssh/id_ed25519_sk and ~/.ssh/id_dsa.  Additionally, any
              identities represented by the authentication agent will be used
              for authentication unless IdentitiesOnly is set.  If no
              certificates have been explicitly specified by CertificateFile,
@@ -672,6 +672,7 @@ DESCRIPTION
 
                    curve25519-sha256,curve25519-sha256@libssh.org,
                    ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,
+                   sntrup761x25519-sha512@openssh.com,
                    diffie-hellman-group-exchange-sha256,
                    diffie-hellman-group16-sha512,
                    diffie-hellman-group18-sha512,
@@ -907,7 +908,11 @@ DESCRIPTION
 
      PubkeyAuthentication
              Specifies whether to try public key authentication.  The argument
-             to this keyword must be yes (the default) or no.
+             to this keyword must be yes (the default), no, unbound or
+             host-bound.  The final two options enable public key
+             authentication while respectively disabling or enabling the
+             OpenSSH host-bound authentication protocol extension required for
+             restricted ssh-agent(1) forwarding.
 
      RekeyLimit
              Specifies the maximum amount of data that may be transmitted
@@ -1303,4 +1308,4 @@ AUTHORS
      created OpenSSH.  Markus Friedl contributed the support for SSH protocol
      versions 1.5 and 2.0.
 
-OpenBSD 6.9                   September 25, 2021                   OpenBSD 6.9
+OpenBSD 7.0                    February 15, 2022                   OpenBSD 7.0
diff --git a/ssh_config.5 b/ssh_config.5
index 170125a0e443..69132282b341 100644
--- a/ssh_config.5
+++ b/ssh_config.5
@@ -33,8 +33,8 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: ssh_config.5,v 1.366 2021/09/25 09:40:33 kn Exp $
-.Dd $Mdocdate: September 25 2021 $
+.\" $OpenBSD: ssh_config.5,v 1.369 2022/02/15 05:13:36 djm Exp $
+.Dd $Mdocdate: February 15 2022 $
 .Dt SSH_CONFIG 5
 .Os
 .Sh NAME
@@ -1012,13 +1012,13 @@ section.
 Specifies a file from which the user's DSA, ECDSA, authenticator-hosted ECDSA,
 Ed25519, authenticator-hosted Ed25519 or RSA authentication identity is read.
 The default is
-.Pa ~/.ssh/id_dsa ,
+.Pa ~/.ssh/id_rsa ,
 .Pa ~/.ssh/id_ecdsa ,
 .Pa ~/.ssh/id_ecdsa_sk ,
 .Pa ~/.ssh/id_ed25519 ,
 .Pa ~/.ssh/id_ed25519_sk
 and
-.Pa ~/.ssh/id_rsa .
+.Pa ~/.ssh/id_dsa .
 Additionally, any identities represented by the authentication agent
 will be used for authentication unless
 .Cm IdentitiesOnly
@@ -1167,6 +1167,7 @@ The default is:
 .Bd -literal -offset indent
 curve25519-sha256,curve25519-sha256@libssh.org,
 ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,
+sntrup761x25519-sha512@openssh.com,
 diffie-hellman-group-exchange-sha256,
 diffie-hellman-group16-sha512,
 diffie-hellman-group18-sha512,
@@ -1520,9 +1521,16 @@ The list of available signature algorithms may also be obtained using
 Specifies whether to try public key authentication.
 The argument to this keyword must be
 .Cm yes
-(the default)
+(the default),
+.Cm no ,
+.Cm unbound
 or
-.Cm no .
+.Cm host-bound .
+The final two options enable public key authentication while respectively
+disabling or enabling the OpenSSH host-bound authentication protocol
+extension required for restricted
+.Xr ssh-agent 1
+forwarding.
 .It Cm RekeyLimit
 Specifies the maximum amount of data that may be transmitted before the
 session key is renegotiated, optionally followed by a maximum amount of
diff --git a/sshbuf-misc.c b/sshbuf-misc.c
index 80714d1f3839..9c5c42bba70a 100644
--- a/sshbuf-misc.c
+++ b/sshbuf-misc.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: sshbuf-misc.c,v 1.17 2021/08/11 05:21:32 djm Exp $	*/
+/*	$OpenBSD: sshbuf-misc.c,v 1.18 2022/01/22 00:43:43 djm Exp $	*/
 /*
  * Copyright (c) 2011 Damien Miller
  *
@@ -30,6 +30,7 @@
 #include <string.h>
 #include <resolv.h>
 #include <ctype.h>
+#include <unistd.h>
 
 #include "ssherr.h"
 #define SSHBUF_INTERNAL
@@ -269,3 +270,39 @@ sshbuf_find(const struct sshbuf *b, size_t start_offset,
 		*offsetp = (const u_char *)p - sshbuf_ptr(b);
 	return 0;
 }
+
+int
+sshbuf_read(int fd, struct sshbuf *buf, size_t maxlen, size_t *rlen)
+{
+	int r, oerrno;
+	size_t adjust;
+	ssize_t rr;
+	u_char *d;
+
+	if (rlen != NULL)
+		*rlen = 0;
+	if ((r = sshbuf_reserve(buf, maxlen, &d)) != 0)
+		return r;
+	rr = read(fd, d, maxlen);
+	oerrno = errno;
+
+	/* Adjust the buffer to include only what was actually read */
+	if ((adjust = maxlen - (rr > 0 ? rr : 0)) != 0) {
+		if ((r = sshbuf_consume_end(buf, adjust)) != 0) {
+			/* avoid returning uninitialised data to caller */
+			memset(d + rr, '\0', adjust);
+			return SSH_ERR_INTERNAL_ERROR; /* shouldn't happen */
+		}
+	}
+	if (rr < 0) {
+		errno = oerrno;
+		return SSH_ERR_SYSTEM_ERROR;
+	} else if (rr == 0) {
+		errno = EPIPE;
+		return SSH_ERR_SYSTEM_ERROR;
+	}
+	/* success */
+	if (rlen != NULL)
+		*rlen = (size_t)rr;
+	return 0;
+}
diff --git a/sshbuf.h b/sshbuf.h
index 2ad0e61be120..07d54f0a988d 100644
--- a/sshbuf.h
+++ b/sshbuf.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: sshbuf.h,v 1.23 2020/06/22 05:54:10 djm Exp $	*/
+/*	$OpenBSD: sshbuf.h,v 1.25 2022/01/22 00:43:43 djm Exp $	*/
 /*
  * Copyright (c) 2011 Damien Miller
  *
@@ -309,6 +309,10 @@ int sshbuf_load_file(const char *, struct sshbuf **)
 int sshbuf_write_file(const char *path, struct sshbuf *buf)
     __attribute__((__nonnull__ (2)));
 
+/* Read up to maxlen bytes from a fd directly to a buffer */
+int sshbuf_read(int, struct sshbuf *, size_t, size_t *)
+    __attribute__((__nonnull__ (2)));
+
 /* Macros for decoding/encoding integers */
 #define PEEK_U64(p) \
 	(((u_int64_t)(((const u_char *)(p))[0]) << 56) | \
@@ -380,7 +384,7 @@ u_int	sshbuf_refcount(const struct sshbuf *buf);
 
 # define SSHBUF_SIZE_INIT	256		/* Initial allocation */
 # define SSHBUF_SIZE_INC	256		/* Preferred increment length */
-# define SSHBUF_PACK_MIN	8192		/* Minimim packable offset */
+# define SSHBUF_PACK_MIN	8192		/* Minimum packable offset */
 
 /* # define SSHBUF_ABORT abort */
 /* # define SSHBUF_DEBUG */
diff --git a/sshconnect.c b/sshconnect.c
index fcf87bb76f64..ebecc83747bb 100644
--- a/sshconnect.c
+++ b/sshconnect.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect.c,v 1.355 2021/07/02 05:11:21 dtucker Exp $ */
+/* $OpenBSD: sshconnect.c,v 1.356 2021/12/19 22:10:24 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -1700,7 +1700,7 @@ maybe_add_key_to_agent(const char *authfile, struct sshkey *private,
 	if ((r = ssh_add_identity_constrained(auth_sock, private,
 	    comment == NULL ? authfile : comment,
 	    options.add_keys_to_agent_lifespan,
-	    (options.add_keys_to_agent == 3), 0, skprovider)) == 0)
+	    (options.add_keys_to_agent == 3), 0, skprovider, NULL, 0)) == 0)
 		debug("identity added to agent: %s", authfile);
 	else
 		debug("could not add identity to agent: %s (%d)", authfile, r);
diff --git a/sshconnect2.c b/sshconnect2.c
index fea50fab61d3..b25225e645cb 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect2.c,v 1.351 2021/07/23 05:24:02 djm Exp $ */
+/* $OpenBSD: sshconnect2.c,v 1.356 2022/02/01 23:32:51 djm Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  * Copyright (c) 2008 Damien Miller.  All rights reserved.
@@ -391,7 +391,7 @@ void	userauth(struct ssh *, char *);
 
 static void pubkey_cleanup(struct ssh *);
 static int sign_and_send_pubkey(struct ssh *ssh, Identity *);
-static void pubkey_prepare(Authctxt *);
+static void pubkey_prepare(struct ssh *, Authctxt *);
 static void pubkey_reset(Authctxt *);
 static struct sshkey *load_identity_file(Identity *);
 
@@ -465,7 +465,7 @@ ssh_userauth2(struct ssh *ssh, const char *local_user,
 	authctxt.mech_tried = 0;
 #endif
 	authctxt.agent_fd = -1;
-	pubkey_prepare(&authctxt);
+	pubkey_prepare(ssh, &authctxt);
 	if (authctxt.method == NULL) {
 		fatal_f("internal error: cannot send userauth none request");
 	}
@@ -1318,7 +1318,7 @@ identity_sign(struct identity *id, u_char **sigp, size_t *lenp,
 static int
 id_filename_matches(Identity *id, Identity *private_id)
 {
-	const char *suffixes[] = { ".pub", "-cert.pub", NULL };
+	static const char * const suffixes[] = { ".pub", "-cert.pub", NULL };
 	size_t len = strlen(id->filename), plen = strlen(private_id->filename);
 	size_t i, slen;
 
@@ -1344,13 +1344,21 @@ sign_and_send_pubkey(struct ssh *ssh, Identity *id)
 	size_t slen = 0, skip = 0;
 	int r, fallback_sigtype, sent = 0;
 	char *alg = NULL, *fp = NULL;
-	const char *loc = "";
+	const char *loc = "", *method = "publickey";
+	int hostbound = 0;
+
+	/* prefer host-bound pubkey signatures if supported by server */
+	if ((ssh->kex->flags & KEX_HAS_PUBKEY_HOSTBOUND) != 0 &&
+	    (options.pubkey_authentication & SSH_PUBKEY_AUTH_HBOUND) != 0) {
+		hostbound = 1;
+		method = "publickey-hostbound-v00@openssh.com";
+	}
 
 	if ((fp = sshkey_fingerprint(id->key, options.fingerprint_hash,
 	    SSH_FP_DEFAULT)) == NULL)
 		return 0;
 
-	debug3_f("%s %s", sshkey_type(id->key), fp);
+	debug3_f("using %s with %s %s", method, sshkey_type(id->key), fp);
 
 	/*
 	 * If the key is an certificate, try to find a matching private key
@@ -1430,13 +1438,20 @@ sign_and_send_pubkey(struct ssh *ssh, Identity *id)
 		if ((r = sshbuf_put_u8(b, SSH2_MSG_USERAUTH_REQUEST)) != 0 ||
 		    (r = sshbuf_put_cstring(b, authctxt->server_user)) != 0 ||
 		    (r = sshbuf_put_cstring(b, authctxt->service)) != 0 ||
-		    (r = sshbuf_put_cstring(b, authctxt->method->name)) != 0 ||
+		    (r = sshbuf_put_cstring(b, method)) != 0 ||
 		    (r = sshbuf_put_u8(b, 1)) != 0 ||
 		    (r = sshbuf_put_cstring(b, alg)) != 0 ||
 		    (r = sshkey_puts(id->key, b)) != 0) {
 			fatal_fr(r, "assemble signed data");
 		}
-
+		if (hostbound) {
+			if (ssh->kex->initial_hostkey == NULL) {
+				fatal_f("internal error: initial hostkey "
+				    "not recorded");
+			}
+			if ((r = sshkey_puts(ssh->kex->initial_hostkey, b)) != 0)
+				fatal_fr(r, "assemble %s hostkey", method);
+		}
 		/* generate signature */
 		r = identity_sign(sign_id, &signature, &slen,
 		    sshbuf_ptr(b), sshbuf_len(b), ssh->compat, alg);
@@ -1631,6 +1646,36 @@ key_type_allowed_by_config(struct sshkey *key)
 	return 0;
 }
 
+/* obtain a list of keys from the agent */
+static int
+get_agent_identities(struct ssh *ssh, int *agent_fdp,
+    struct ssh_identitylist **idlistp)
+{
+	int r, agent_fd;
+	struct ssh_identitylist *idlist;
+
+	if ((r = ssh_get_authentication_socket(&agent_fd)) != 0) {
+		if (r != SSH_ERR_AGENT_NOT_PRESENT)
+			debug_fr(r, "ssh_get_authentication_socket");
+		return r;
+	}
+	if ((r = ssh_agent_bind_hostkey(agent_fd, ssh->kex->initial_hostkey,
+	    ssh->kex->session_id, ssh->kex->initial_sig, 0)) == 0)
+		debug_f("bound agent to hostkey");
+	else
+		debug2_fr(r, "ssh_agent_bind_hostkey");
+
+	if ((r = ssh_fetch_identitylist(agent_fd, &idlist)) != 0) {
+		debug_fr(r, "ssh_fetch_identitylist");
+		close(agent_fd);
+		return r;
+	}
+	/* success */
+	*agent_fdp = agent_fd;
+	*idlistp = idlist;
+	debug_f("agent returned %zu keys", idlist->nkeys);
+	return 0;
+}
 
 /*
  * try keys in the following order:
@@ -1641,7 +1686,7 @@ key_type_allowed_by_config(struct sshkey *key)
  *	5. keys that are only listed in the config file
  */
 static void
-pubkey_prepare(Authctxt *authctxt)
+pubkey_prepare(struct ssh *ssh, Authctxt *authctxt)
 {
 	struct identity *id, *id2, *tmp;
 	struct idlist agent, files, *preferred;
@@ -1703,14 +1748,7 @@ pubkey_prepare(Authctxt *authctxt)
 		TAILQ_INSERT_TAIL(preferred, id, next);
 	}
 	/* list of keys supported by the agent */
-	if ((r = ssh_get_authentication_socket(&agent_fd)) != 0) {
-		if (r != SSH_ERR_AGENT_NOT_PRESENT)
-			debug_fr(r, "ssh_get_authentication_socket");
-	} else if ((r = ssh_fetch_identitylist(agent_fd, &idlist)) != 0) {
-		if (r != SSH_ERR_AGENT_NO_IDENTITIES)
-			debug_fr(r, "ssh_fetch_identitylist");
-		close(agent_fd);
-	} else {
+	if ((r = get_agent_identities(ssh, &agent_fd, &idlist)) == 0) {
 		for (j = 0; j < idlist->nkeys; j++) {
 			found = 0;
 			TAILQ_FOREACH(id, &files, next) {
@@ -2131,9 +2169,9 @@ userauth_hostbased(struct ssh *ssh)
 			if (authctxt->sensitive->keys[i] == NULL ||
 			    authctxt->sensitive->keys[i]->type == KEY_UNSPEC)
 				continue;
-			if (match_pattern_list(
+			if (!sshkey_match_keyname_to_sigalgs(
 			    sshkey_ssh_name(authctxt->sensitive->keys[i]),
-			    authctxt->active_ktype, 0) != 1)
+			    authctxt->active_ktype))
 				continue;
 			/* we take and free the key */
 			private = authctxt->sensitive->keys[i];
@@ -2159,7 +2197,8 @@ userauth_hostbased(struct ssh *ssh)
 		error_f("sshkey_fingerprint failed");
 		goto out;
 	}
-	debug_f("trying hostkey %s %s", sshkey_ssh_name(private), fp);
+	debug_f("trying hostkey %s %s using sigalg %s",
+	    sshkey_ssh_name(private), fp, authctxt->active_ktype);
 
 	/* figure out a name for the client host */
 	lname = get_local_name(ssh_packet_get_connection_in(ssh));
diff --git a/sshd.0 b/sshd.0
index 16e31053d3b7..5240a6016e6d 100644
--- a/sshd.0
+++ b/sshd.0
@@ -672,4 +672,4 @@ AUTHORS
      versions 1.5 and 2.0.  Niels Provos and Markus Friedl contributed support
      for privilege separation.
 
-OpenBSD 6.9                   September 10, 2021                   OpenBSD 6.9
+OpenBSD 7.0                   September 10, 2021                   OpenBSD 7.0
diff --git a/sshd.c b/sshd.c
index ea63d0307097..ef18ba4670c1 100644
--- a/sshd.c
+++ b/sshd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshd.c,v 1.578 2021/07/19 02:21:50 dtucker Exp $ */
+/* $OpenBSD: sshd.c,v 1.583 2022/02/01 07:57:32 dtucker Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -64,6 +64,9 @@
 #include <paths.h>
 #endif
 #include <grp.h>
+#ifdef HAVE_POLL_H
+#include <poll.h>
+#endif
 #include <pwd.h>
 #include <signal.h>
 #include <stdarg.h>
@@ -272,7 +275,7 @@ close_listen_socks(void)
 
 	for (i = 0; i < num_listen_socks; i++)
 		close(listen_socks[i]);
-	num_listen_socks = -1;
+	num_listen_socks = 0;
 }
 
 static void
@@ -354,12 +357,9 @@ main_sigchld_handler(int sig)
 static void
 grace_alarm_handler(int sig)
 {
-	if (use_privsep && pmonitor != NULL && pmonitor->m_pid > 0)
-		kill(pmonitor->m_pid, SIGALRM);
-
 	/*
 	 * Try to kill any processes that we have spawned, E.g. authorized
-	 * keys command helpers.
+	 * keys command helpers or privsep children.
 	 */
 	if (getpgid(0) == getpid()) {
 		ssh_signal(SIGTERM, SIG_IGN);
@@ -367,13 +367,9 @@ grace_alarm_handler(int sig)
 	}
 
 	/* Log error and exit. */
-	if (use_privsep && pmonitor != NULL && pmonitor->m_pid <= 0)
-		cleanup_exit(255); /* don't log in privsep child */
-	else {
-		sigdie("Timeout before authentication for %s port %d",
-		    ssh_remote_ipaddr(the_active_state),
-		    ssh_remote_port(the_active_state));
-	}
+	sigdie("Timeout before authentication for %s port %d",
+	    ssh_remote_ipaddr(the_active_state),
+	    ssh_remote_port(the_active_state));
 }
 
 /* Destroy the host and server keys.  They will no longer be needed. */
@@ -1132,8 +1128,8 @@ server_listen(void)
 static void
 server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s)
 {
-	fd_set *fdset;
-	int i, j, ret, maxfd;
+	struct pollfd *pfd = NULL;
+	int i, j, ret;
 	int ostartups = -1, startups = 0, listening = 0, lameduck = 0;
 	int startup_p[2] = { -1 , -1 };
 	char c = 0;
@@ -1143,12 +1139,6 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s)
 	u_char rnd[256];
 	sigset_t nsigset, osigset;
 
-	/* setup fd set for accept */
-	fdset = NULL;
-	maxfd = 0;
-	for (i = 0; i < num_listen_socks; i++)
-		if (listen_socks[i] > maxfd)
-			maxfd = listen_socks[i];
 	/* pipes connected to unauthenticated child sshd processes */
 	startup_pipes = xcalloc(options.max_startups, sizeof(int));
 	startup_flags = xcalloc(options.max_startups, sizeof(int));
@@ -1158,7 +1148,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s)
 	/*
 	 * Prepare signal mask that we use to block signals that might set
 	 * received_sigterm or received_sighup, so that we are guaranteed
-	 * to immediately wake up the pselect if a signal is received after
+	 * to immediately wake up the ppoll if a signal is received after
 	 * the flag is checked.
 	 */
 	sigemptyset(&nsigset);
@@ -1167,6 +1157,9 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s)
 	sigaddset(&nsigset, SIGTERM);
 	sigaddset(&nsigset, SIGQUIT);
 
+	pfd = xcalloc(num_listen_socks + options.max_startups,
+	    sizeof(struct pollfd));
+
 	/*
 	 * Stay listening for connections until the system crashes or
 	 * the daemon is killed with a signal.
@@ -1198,27 +1191,29 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s)
 				sighup_restart();
 			}
 		}
-		free(fdset);
-		fdset = xcalloc(howmany(maxfd + 1, NFDBITS),
-		    sizeof(fd_mask));
 
-		for (i = 0; i < num_listen_socks; i++)
-			FD_SET(listen_socks[i], fdset);
-		for (i = 0; i < options.max_startups; i++)
+		for (i = 0; i < num_listen_socks; i++) {
+			pfd[i].fd = listen_socks[i];
+			pfd[i].events = POLLIN;
+		}
+		for (i = 0; i < options.max_startups; i++) {
+			pfd[num_listen_socks+i].fd = startup_pipes[i];
 			if (startup_pipes[i] != -1)
-				FD_SET(startup_pipes[i], fdset);
+				pfd[num_listen_socks+i].events = POLLIN;
+		}
 
 		/* Wait until a connection arrives or a child exits. */
-		ret = pselect(maxfd+1, fdset, NULL, NULL, NULL, &osigset);
+		ret = ppoll(pfd, num_listen_socks + options.max_startups,
+		    NULL, &osigset);
 		if (ret == -1 && errno != EINTR)
-			error("pselect: %.100s", strerror(errno));
+			error("ppoll: %.100s", strerror(errno));
 		sigprocmask(SIG_SETMASK, &osigset, NULL);
 		if (ret == -1)
 			continue;
 
 		for (i = 0; i < options.max_startups; i++) {
 			if (startup_pipes[i] == -1 ||
-			    !FD_ISSET(startup_pipes[i], fdset))
+			    !(pfd[num_listen_socks+i].revents & (POLLIN|POLLHUP)))
 				continue;
 			switch (read(startup_pipes[i], &c, sizeof(c))) {
 			case -1:
@@ -1249,7 +1244,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s)
 			}
 		}
 		for (i = 0; i < num_listen_socks; i++) {
-			if (!FD_ISSET(listen_socks[i], fdset))
+			if (!(pfd[i].revents & POLLIN))
 				continue;
 			fromlen = sizeof(from);
 			*newsock = accept(listen_socks[i],
@@ -1264,8 +1259,10 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s)
 				continue;
 			}
 			if (unset_nonblock(*newsock) == -1 ||
-			    pipe(startup_p) == -1)
+			    pipe(startup_p) == -1) {
+				close(*newsock);
 				continue;
+			}
 			if (drop_connection(*newsock, startups, startup_p[0])) {
 				close(*newsock);
 				close(startup_p[0]);
@@ -1286,8 +1283,6 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s)
 			for (j = 0; j < options.max_startups; j++)
 				if (startup_pipes[j] == -1) {
 					startup_pipes[j] = startup_p[0];
-					if (maxfd < startup_p[0])
-						maxfd = startup_p[0];
 					startups++;
 					startup_flags[j] = 1;
 					break;
@@ -1315,6 +1310,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s)
 					send_rexec_state(config_s[0], cfg);
 					close(config_s[0]);
 				}
+				free(pfd);
 				return;
 			}
 
@@ -1357,6 +1353,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s)
 					(void)atomicio(vwrite, startup_pipe,
 					    "\0", 1);
 				}
+				free(pfd);
 				return;
 			}
 
@@ -2083,15 +2080,8 @@ main(int ac, char **av)
 	 * setlogin() affects the entire process group.  We don't
 	 * want the child to be able to affect the parent.
 	 */
-#if !defined(SSHD_ACQUIRES_CTTY)
-	/*
-	 * If setsid is called, on some platforms sshd will later acquire a
-	 * controlling terminal which will result in "could not set
-	 * controlling tty" errors.
-	 */
 	if (!debug_flag && !inetd_flag && setsid() == -1)
 		error("setsid: %.100s", strerror(errno));
-#endif
 
 	if (rexec_flag) {
 		debug("rexec start in %d out %d newsock %d pipe %d sock %d",
diff --git a/sshd_config.0 b/sshd_config.0
index 92a98165963b..880fe2eb8992 100644
--- a/sshd_config.0
+++ b/sshd_config.0
@@ -415,12 +415,11 @@ DESCRIPTION
                 sk-ecdsa-sha2-nistp256-cert-v01@openssh.com,
                 rsa-sha2-512-cert-v01@openssh.com,
                 rsa-sha2-256-cert-v01@openssh.com,
-                ssh-rsa-cert-v01@openssh.com,
                 ssh-ed25519,
                 ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
                 sk-ssh-ed25519@openssh.com,
                 sk-ecdsa-sha2-nistp256@openssh.com,
-                rsa-sha2-512,rsa-sha2-256,ssh-rsa
+                rsa-sha2-512,rsa-sha2-256
 
              The list of available signature algorithms may also be obtained
              using "ssh -Q HostbasedAcceptedAlgorithms".  This was formerly
@@ -478,12 +477,11 @@ DESCRIPTION
                 sk-ecdsa-sha2-nistp256-cert-v01@openssh.com,
                 rsa-sha2-512-cert-v01@openssh.com,
                 rsa-sha2-256-cert-v01@openssh.com,
-                ssh-rsa-cert-v01@openssh.com,
                 ssh-ed25519,
                 ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
                 sk-ssh-ed25519@openssh.com,
                 sk-ecdsa-sha2-nistp256@openssh.com,
-                rsa-sha2-512,rsa-sha2-256,ssh-rsa
+                rsa-sha2-512,rsa-sha2-256
 
              The list of available signature algorithms may also be obtained
              using "ssh -Q HostKeyAlgorithms".
@@ -581,6 +579,7 @@ DESCRIPTION
 
                    curve25519-sha256,curve25519-sha256@libssh.org,
                    ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,
+                   sntrup761x25519-sha512@openssh.com,
                    diffie-hellman-group-exchange-sha256,
                    diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,
                    diffie-hellman-group14-sha256
@@ -707,16 +706,17 @@ DESCRIPTION
              AuthorizedKeysCommand, AuthorizedKeysCommandUser,
              AuthorizedKeysFile, AuthorizedPrincipalsCommand,
              AuthorizedPrincipalsCommandUser, AuthorizedPrincipalsFile,
-             Banner, ChrootDirectory, ClientAliveCountMax,
-             ClientAliveInterval, DenyGroups, DenyUsers, DisableForwarding,
-             ForceCommand, GatewayPorts, GSSAPIAuthentication,
-             HostbasedAcceptedAlgorithms, HostbasedAuthentication,
-             HostbasedUsesNameFromPacketOnly, IgnoreRhosts, Include, IPQoS,
-             KbdInteractiveAuthentication, KerberosAuthentication, LogLevel,
-             MaxAuthTries, MaxSessions, PasswordAuthentication,
-             PermitEmptyPasswords, PermitListen, PermitOpen, PermitRootLogin,
-             PermitTTY, PermitTunnel, PermitUserRC, PubkeyAcceptedAlgorithms,
-             PubkeyAuthentication, RekeyLimit, RevokedKeys, RDomain, SetEnv,
+             Banner, CASignatureAlgorithms, ChrootDirectory,
+             ClientAliveCountMax, ClientAliveInterval, DenyGroups, DenyUsers,
+             DisableForwarding, ExposeAuthInfo, ForceCommand, GatewayPorts,
+             GSSAPIAuthentication, HostbasedAcceptedAlgorithms,
+             HostbasedAuthentication, HostbasedUsesNameFromPacketOnly,
+             IgnoreRhosts, Include, IPQoS, KbdInteractiveAuthentication,
+             KerberosAuthentication, LogLevel, MaxAuthTries, MaxSessions,
+             PasswordAuthentication, PermitEmptyPasswords, PermitListen,
+             PermitOpen, PermitRootLogin, PermitTTY, PermitTunnel,
+             PermitUserRC, PubkeyAcceptedAlgorithms, PubkeyAuthentication,
+             PubkeyAuthOptions, RekeyLimit, RevokedKeys, RDomain, SetEnv,
              StreamLocalBindMask, StreamLocalBindUnlink, TrustedUserCAKeys,
              X11DisplayOffset, X11Forwarding and X11UseLocalhost.
 
@@ -898,12 +898,11 @@ DESCRIPTION
                 sk-ecdsa-sha2-nistp256-cert-v01@openssh.com,
                 rsa-sha2-512-cert-v01@openssh.com,
                 rsa-sha2-256-cert-v01@openssh.com,
-                ssh-rsa-cert-v01@openssh.com,
                 ssh-ed25519,
                 ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
                 sk-ssh-ed25519@openssh.com,
                 sk-ecdsa-sha2-nistp256@openssh.com,
-                rsa-sha2-512,rsa-sha2-256,ssh-rsa
+                rsa-sha2-512,rsa-sha2-256
 
              The list of available signature algorithms may also be obtained
              using "ssh -Q PubkeyAcceptedAlgorithms".
@@ -1192,4 +1191,4 @@ AUTHORS
      versions 1.5 and 2.0.  Niels Provos and Markus Friedl contributed support
      for privilege separation.
 
-OpenBSD 6.9                    September 3, 2021                   OpenBSD 6.9
+OpenBSD 7.0                    December 4, 2021                    OpenBSD 7.0
diff --git a/sshd_config.5 b/sshd_config.5
index a8d0545c31dd..985f1ba5cbd9 100644
--- a/sshd_config.5
+++ b/sshd_config.5
@@ -33,8 +33,8 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: sshd_config.5,v 1.335 2021/09/03 05:25:50 dtucker Exp $
-.Dd $Mdocdate: September 3 2021 $
+.\" $OpenBSD: sshd_config.5,v 1.339 2021/12/04 00:05:39 naddy Exp $
+.Dd $Mdocdate: December 4 2021 $
 .Dt SSHD_CONFIG 5
 .Os
 .Sh NAME
@@ -689,12 +689,11 @@ sk-ssh-ed25519-cert-v01@openssh.com,
 sk-ecdsa-sha2-nistp256-cert-v01@openssh.com,
 rsa-sha2-512-cert-v01@openssh.com,
 rsa-sha2-256-cert-v01@openssh.com,
-ssh-rsa-cert-v01@openssh.com,
 ssh-ed25519,
 ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
 sk-ssh-ed25519@openssh.com,
 sk-ecdsa-sha2-nistp256@openssh.com,
-rsa-sha2-512,rsa-sha2-256,ssh-rsa
+rsa-sha2-512,rsa-sha2-256
 .Ed
 .Pp
 The list of available signature algorithms may also be obtained using
@@ -774,12 +773,11 @@ sk-ssh-ed25519-cert-v01@openssh.com,
 sk-ecdsa-sha2-nistp256-cert-v01@openssh.com,
 rsa-sha2-512-cert-v01@openssh.com,
 rsa-sha2-256-cert-v01@openssh.com,
-ssh-rsa-cert-v01@openssh.com,
 ssh-ed25519,
 ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
 sk-ssh-ed25519@openssh.com,
 sk-ecdsa-sha2-nistp256@openssh.com,
-rsa-sha2-512,rsa-sha2-256,ssh-rsa
+rsa-sha2-512,rsa-sha2-256
 .Ed
 .Pp
 The list of available signature algorithms may also be obtained using
@@ -965,6 +963,7 @@ The default is:
 .Bd -literal -offset indent
 curve25519-sha256,curve25519-sha256@libssh.org,
 ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,
+sntrup761x25519-sha512@openssh.com,
 diffie-hellman-group-exchange-sha256,
 diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,
 diffie-hellman-group14-sha256
@@ -1190,12 +1189,14 @@ Available keywords are
 .Cm AuthorizedPrincipalsCommandUser ,
 .Cm AuthorizedPrincipalsFile ,
 .Cm Banner ,
+.Cm CASignatureAlgorithms ,
 .Cm ChrootDirectory ,
 .Cm ClientAliveCountMax ,
 .Cm ClientAliveInterval ,
 .Cm DenyGroups ,
 .Cm DenyUsers ,
 .Cm DisableForwarding ,
+.Cm ExposeAuthInfo ,
 .Cm ForceCommand ,
 .Cm GatewayPorts ,
 .Cm GSSAPIAuthentication ,
@@ -1220,6 +1221,7 @@ Available keywords are
 .Cm PermitUserRC ,
 .Cm PubkeyAcceptedAlgorithms ,
 .Cm PubkeyAuthentication ,
+.Cm PubkeyAuthOptions ,
 .Cm RekeyLimit ,
 .Cm RevokedKeys ,
 .Cm RDomain ,
@@ -1521,12 +1523,11 @@ sk-ssh-ed25519-cert-v01@openssh.com,
 sk-ecdsa-sha2-nistp256-cert-v01@openssh.com,
 rsa-sha2-512-cert-v01@openssh.com,
 rsa-sha2-256-cert-v01@openssh.com,
-ssh-rsa-cert-v01@openssh.com,
 ssh-ed25519,
 ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
 sk-ssh-ed25519@openssh.com,
 sk-ecdsa-sha2-nistp256@openssh.com,
-rsa-sha2-512,rsa-sha2-256,ssh-rsa
+rsa-sha2-512,rsa-sha2-256
 .Ed
 .Pp
 The list of available signature algorithms may also be obtained using
diff --git a/sshkey.c b/sshkey.c
index 0dbc0d873b4f..f1e92003b7e4 100644
--- a/sshkey.c
+++ b/sshkey.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshkey.c,v 1.119 2021/07/23 03:37:52 djm Exp $ */
+/* $OpenBSD: sshkey.c,v 1.120 2022/01/06 22:05:42 djm Exp $ */
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
  * Copyright (c) 2008 Alexander von Gernler.  All rights reserved.
@@ -107,10 +107,12 @@ static const struct keytype keytypes[] = {
 	{ "ssh-ed25519", "ED25519", NULL, KEY_ED25519, 0, 0, 0 },
 	{ "ssh-ed25519-cert-v01@openssh.com", "ED25519-CERT", NULL,
 	    KEY_ED25519_CERT, 0, 1, 0 },
+#ifdef ENABLE_SK
 	{ "sk-ssh-ed25519@openssh.com", "ED25519-SK", NULL,
 	    KEY_ED25519_SK, 0, 0, 0 },
 	{ "sk-ssh-ed25519-cert-v01@openssh.com", "ED25519-SK-CERT", NULL,
 	    KEY_ED25519_SK_CERT, 0, 1, 0 },
+#endif
 #ifdef WITH_XMSS
 	{ "ssh-xmss@openssh.com", "XMSS", NULL, KEY_XMSS, 0, 0, 0 },
 	{ "ssh-xmss-cert-v01@openssh.com", "XMSS-CERT", NULL,
@@ -130,10 +132,12 @@ static const struct keytype keytypes[] = {
 	{ "ecdsa-sha2-nistp521", "ECDSA", NULL,
 	    KEY_ECDSA, NID_secp521r1, 0, 0 },
 #  endif /* OPENSSL_HAS_NISTP521 */
+#  ifdef ENABLE_SK
 	{ "sk-ecdsa-sha2-nistp256@openssh.com", "ECDSA-SK", NULL,
 	    KEY_ECDSA_SK, NID_X9_62_prime256v1, 0, 0 },
 	{ "webauthn-sk-ecdsa-sha2-nistp256@openssh.com", "ECDSA-SK", NULL,
 	    KEY_ECDSA_SK, NID_X9_62_prime256v1, 0, 1 },
+#  endif /* ENABLE_SK */
 # endif /* OPENSSL_HAS_ECC */
 	{ "ssh-rsa-cert-v01@openssh.com", "RSA-CERT", NULL,
 	    KEY_RSA_CERT, 0, 1, 0 },
@@ -152,8 +156,10 @@ static const struct keytype keytypes[] = {
 	{ "ecdsa-sha2-nistp521-cert-v01@openssh.com", "ECDSA-CERT", NULL,
 	    KEY_ECDSA_CERT, NID_secp521r1, 1, 0 },
 #  endif /* OPENSSL_HAS_NISTP521 */
+#  ifdef ENABLE_SK
 	{ "sk-ecdsa-sha2-nistp256-cert-v01@openssh.com", "ECDSA-SK-CERT", NULL,
 	    KEY_ECDSA_SK_CERT, NID_X9_62_prime256v1, 1, 0 },
+#  endif /* ENABLE_SK */
 # endif /* OPENSSL_HAS_ECC */
 #endif /* WITH_OPENSSL */
 	{ NULL, NULL, NULL, -1, -1, 0, 0 }
@@ -249,6 +255,29 @@ sshkey_ecdsa_nid_from_name(const char *name)
 	return -1;
 }
 
+int
+sshkey_match_keyname_to_sigalgs(const char *keyname, const char *sigalgs)
+{
+	int ktype;
+
+	if (sigalgs == NULL || *sigalgs == '\0' ||
+	    (ktype = sshkey_type_from_name(keyname)) == KEY_UNSPEC)
+		return 0;
+	else if (ktype == KEY_RSA) {
+		return match_pattern_list("ssh-rsa", sigalgs, 0) == 1 ||
+		    match_pattern_list("rsa-sha2-256", sigalgs, 0) == 1 ||
+		    match_pattern_list("rsa-sha2-512", sigalgs, 0) == 1;
+	} else if (ktype == KEY_RSA_CERT) {
+		return match_pattern_list("ssh-rsa-cert-v01@openssh.com",
+		    sigalgs, 0) == 1 ||
+		    match_pattern_list("rsa-sha2-256-cert-v01@openssh.com",
+		    sigalgs, 0) == 1 ||
+		    match_pattern_list("rsa-sha2-512-cert-v01@openssh.com",
+		    sigalgs, 0) == 1;
+	} else
+		return match_pattern_list(keyname, sigalgs, 0) == 1;
+}
+
 char *
 sshkey_alg_list(int certs_only, int plain_only, int include_sigonly, char sep)
 {
diff --git a/sshkey.h b/sshkey.h
index 6edc6c5a5dbd..094815e00a2a 100644
--- a/sshkey.h
+++ b/sshkey.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshkey.h,v 1.50 2021/07/23 03:37:52 djm Exp $ */
+/* $OpenBSD: sshkey.h,v 1.51 2022/01/06 22:05:42 djm Exp $ */
 
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
@@ -192,6 +192,10 @@ int	 sshkey_is_cert(const struct sshkey *);
 int	 sshkey_is_sk(const struct sshkey *);
 int	 sshkey_type_is_cert(int);
 int	 sshkey_type_plain(int);
+
+/* Returns non-zero if key name match sigalgs pattern list. (handles RSA) */
+int	 sshkey_match_keyname_to_sigalgs(const char *, const char *);
+
 int	 sshkey_to_certified(struct sshkey *);
 int	 sshkey_drop_cert(struct sshkey *);
 int	 sshkey_cert_copy(const struct sshkey *, struct sshkey *);
diff --git a/sshsig.c b/sshsig.c
index d0d401a326ee..773613462758 100644
--- a/sshsig.c
+++ b/sshsig.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshsig.c,v 1.21 2021/07/23 04:00:59 djm Exp $ */
+/* $OpenBSD: sshsig.c,v 1.28 2022/02/01 23:34:47 djm Exp $ */
 /*
  * Copyright (c) 2019 Google LLC
  *
@@ -812,20 +812,80 @@ parse_principals_key_and_options(const char *path, u_long linenum, char *line,
 	return r;
 }
 
+static int
+cert_filter_principals(const char *path, u_long linenum,
+    char **principalsp, const struct sshkey *cert, uint64_t verify_time)
+{
+	char *cp, *oprincipals, *principals;
+	const char *reason;
+	struct sshbuf *nprincipals;
+	int r = SSH_ERR_INTERNAL_ERROR, success = 0;
+	u_int i;
+
+	oprincipals = principals = *principalsp;
+	*principalsp = NULL;
+
+	if ((nprincipals = sshbuf_new()) == NULL) {
+		r = SSH_ERR_ALLOC_FAIL;
+		goto out;
+	}
+
+	while ((cp = strsep(&principals, ",")) != NULL && *cp != '\0') {
+		/* Check certificate validity */
+		if ((r = sshkey_cert_check_authority(cert, 0, 1, 0,
+		    verify_time, NULL, &reason)) != 0) {
+			debug("%s:%lu: principal \"%s\" not authorized: %s",
+			    path, linenum, cp, reason);
+			continue;
+		}
+		/* Return all matching principal names from the cert */
+		for (i = 0; i < cert->cert->nprincipals; i++) {
+			if (match_pattern(cert->cert->principals[i], cp)) {
+				if ((r = sshbuf_putf(nprincipals, "%s%s",
+					sshbuf_len(nprincipals) != 0 ? "," : "",
+						cert->cert->principals[i])) != 0) {
+					error_f("buffer error");
+					goto out;
+				}
+			}
+		}
+	}
+	if (sshbuf_len(nprincipals) == 0) {
+		error("%s:%lu: no valid principals found", path, linenum);
+		r = SSH_ERR_KEY_CERT_INVALID;
+		goto out;
+	}
+	if ((principals = sshbuf_dup_string(nprincipals)) == NULL) {
+		error_f("buffer error");
+		goto out;
+	}
+	/* success */
+	success = 1;
+	*principalsp = principals;
+ out:
+	sshbuf_free(nprincipals);
+	free(oprincipals);
+	return success ? 0 : r;
+}
+
 static int
 check_allowed_keys_line(const char *path, u_long linenum, char *line,
     const struct sshkey *sign_key, const char *principal,
-    const char *sig_namespace, uint64_t verify_time)
+    const char *sig_namespace, uint64_t verify_time, char **principalsp)
 {
 	struct sshkey *found_key = NULL;
+	char *principals = NULL;
 	int r, success = 0;
 	const char *reason = NULL;
 	struct sshsigopt *sigopts = NULL;
 	char tvalid[64], tverify[64];
 
+	if (principalsp != NULL)
+		*principalsp = NULL;
+
 	/* Parse the line */
 	if ((r = parse_principals_key_and_options(path, linenum, line,
-	    principal, NULL, &found_key, &sigopts)) != 0) {
+	    principal, &principals, &found_key, &sigopts)) != 0) {
 		/* error already logged */
 		goto done;
 	}
@@ -835,21 +895,35 @@ check_allowed_keys_line(const char *path, u_long linenum, char *line,
 		debug("%s:%lu: matched key", path, linenum);
 	} else if (sigopts->ca && sshkey_is_cert(sign_key) &&
 	    sshkey_equal_public(sign_key->cert->signature_key, found_key)) {
-		/* Match of certificate's CA key */
-		if ((r = sshkey_cert_check_authority(sign_key, 0, 1, 0,
-		    verify_time, principal, &reason)) != 0) {
-			error("%s:%lu: certificate not authorized: %s",
-			    path, linenum, reason);
-			goto done;
+		if (principal) {
+			/* Match certificate CA key with specified principal */
+			if ((r = sshkey_cert_check_authority(sign_key, 0, 1, 0,
+			    verify_time, principal, &reason)) != 0) {
+				error("%s:%lu: certificate not authorized: %s",
+				    path, linenum, reason);
+				goto done;
+			}
+			debug("%s:%lu: matched certificate CA key",
+			    path, linenum);
+		} else {
+			/* No principal specified - find all matching ones */
+			if ((r = cert_filter_principals(path, linenum,
+			    &principals, sign_key, verify_time)) != 0) {
+				/* error already displayed */
+				debug_r(r, "%s:%lu: cert_filter_principals",
+				    path, linenum);
+				goto done;
+			}
+			debug("%s:%lu: matched certificate CA key",
+			    path, linenum);
 		}
-		debug("%s:%lu: matched certificate CA key", path, linenum);
 	} else {
 		/* Didn't match key */
 		goto done;
 	}
 
 	/* Check whether options preclude the use of this key */
-	if (sigopts->namespaces != NULL &&
+	if (sigopts->namespaces != NULL && sig_namespace != NULL &&
 	    match_pattern_list(sig_namespace, sigopts->namespaces, 0) != 1) {
 		error("%s:%lu: key is not permitted for use in signature "
 		    "namespace \"%s\"", path, linenum, sig_namespace);
@@ -879,6 +953,11 @@ check_allowed_keys_line(const char *path, u_long linenum, char *line,
 	success = 1;
 
  done:
+	if (success && principalsp != NULL) {
+		*principalsp = principals;
+		principals = NULL; /* transferred */
+	}
+	free(principals);
 	sshkey_free(found_key);
 	sshsigopt_free(sigopts);
 	return success ? 0 : SSH_ERR_KEY_NOT_FOUND;
@@ -906,7 +985,7 @@ sshsig_check_allowed_keys(const char *path, const struct sshkey *sign_key,
 	while (getline(&line, &linesize, f) != -1) {
 		linenum++;
 		r = check_allowed_keys_line(path, linenum, line, sign_key,
-		    principal, sig_namespace, verify_time);
+		    principal, sig_namespace, verify_time, NULL);
 		free(line);
 		line = NULL;
 		linesize = 0;
@@ -925,112 +1004,6 @@ sshsig_check_allowed_keys(const char *path, const struct sshkey *sign_key,
 	return r == 0 ? SSH_ERR_KEY_NOT_FOUND : r;
 }
 
-static int
-cert_filter_principals(const char *path, u_long linenum,
-    char **principalsp, const struct sshkey *cert, uint64_t verify_time)
-{
-	char *cp, *oprincipals, *principals;
-	const char *reason;
-	struct sshbuf *nprincipals;
-	int r = SSH_ERR_INTERNAL_ERROR, success = 0;
-
-	oprincipals = principals = *principalsp;
-	*principalsp = NULL;
-
-	if ((nprincipals = sshbuf_new()) == NULL) {
-		r = SSH_ERR_ALLOC_FAIL;
-		goto out;
-	}
-
-	while ((cp = strsep(&principals, ",")) != NULL && *cp != '\0') {
-		if (strcspn(cp, "!?*") != strlen(cp)) {
-			debug("%s:%lu: principal \"%s\" not authorized: "
-			    "contains wildcards", path, linenum, cp);
-			continue;
-		}
-		/* Check against principals list in certificate */
-		if ((r = sshkey_cert_check_authority(cert, 0, 1, 0,
-		    verify_time, cp, &reason)) != 0) {
-			debug("%s:%lu: principal \"%s\" not authorized: %s",
-			    path, linenum, cp, reason);
-			continue;
-		}
-		if ((r = sshbuf_putf(nprincipals, "%s%s",
-		    sshbuf_len(nprincipals) != 0 ? "," : "", cp)) != 0) {
-			error_f("buffer error");
-			goto out;
-		}
-	}
-	if (sshbuf_len(nprincipals) == 0) {
-		error("%s:%lu: no valid principals found", path, linenum);
-		r = SSH_ERR_KEY_CERT_INVALID;
-		goto out;
-	}
-	if ((principals = sshbuf_dup_string(nprincipals)) == NULL) {
-		error_f("buffer error");
-		goto out;
-	}
-	/* success */
-	success = 1;
-	*principalsp = principals;
- out:
-	sshbuf_free(nprincipals);
-	free(oprincipals);
-	return success ? 0 : r;
-}
-
-static int
-get_matching_principals_from_line(const char *path, u_long linenum, char *line,
-    const struct sshkey *sign_key, uint64_t verify_time, char **principalsp)
-{
-	struct sshkey *found_key = NULL;
-	char *principals = NULL;
-	int r, found = 0;
-	struct sshsigopt *sigopts = NULL;
-
-	if (principalsp != NULL)
-		*principalsp = NULL;
-
-	/* Parse the line */
-	if ((r = parse_principals_key_and_options(path, linenum, line,
-	    NULL, &principals, &found_key, &sigopts)) != 0) {
-		/* error already logged */
-		goto done;
-	}
-
-	if (!sigopts->ca && sshkey_equal(found_key, sign_key)) {
-		/* Exact match of key */
-		debug("%s:%lu: matched key", path, linenum);
-		/* success */
-		found = 1;
-	} else if (sigopts->ca && sshkey_is_cert(sign_key) &&
-	    sshkey_equal_public(sign_key->cert->signature_key, found_key)) {
-		/* Remove principals listed in file but not allowed by cert */
-		if ((r = cert_filter_principals(path, linenum,
-		    &principals, sign_key, verify_time)) != 0) {
-			/* error already displayed */
-			debug_r(r, "%s:%lu: cert_filter_principals",
-			    path, linenum);
-			goto done;
-		}
-		debug("%s:%lu: matched certificate CA key", path, linenum);
-		/* success */
-		found = 1;
-	} else {
-		/* Key didn't match */
-		goto done;
-	}
- done:
-	if (found && principalsp != NULL) {
-		*principalsp = principals;
-		principals = NULL; /* transferred */
-	}
-	free(principals);
-	sshkey_free(found_key);
-	sshsigopt_free(sigopts);
-	return found ? 0 : SSH_ERR_KEY_NOT_FOUND;
-}
-
 int
 sshsig_find_principals(const char *path, const struct sshkey *sign_key,
     uint64_t verify_time, char **principals)
@@ -1049,10 +1022,11 @@ sshsig_find_principals(const char *path, const struct sshkey *sign_key,
 		return SSH_ERR_SYSTEM_ERROR;
 	}
 
+	r = SSH_ERR_KEY_NOT_FOUND;
 	while (getline(&line, &linesize, f) != -1) {
 		linenum++;
-		r = get_matching_principals_from_line(path, linenum, line,
-		    sign_key, verify_time, principals);
+		r = check_allowed_keys_line(path, linenum, line,
+		    sign_key, NULL, NULL, verify_time, principals);
 		free(line);
 		line = NULL;
 		linesize = 0;
@@ -1079,6 +1053,76 @@ sshsig_find_principals(const char *path, const struct sshkey *sign_key,
 	return r == 0 ? SSH_ERR_KEY_NOT_FOUND : r;
 }
 
+int
+sshsig_match_principals(const char *path, const char *principal,
+    char ***principalsp, size_t *nprincipalsp)
+{
+	FILE *f = NULL;
+	char *found, *line = NULL, **principals = NULL, **tmp;
+	size_t i, nprincipals = 0, linesize = 0;
+	u_long linenum = 0;
+	int oerrno = 0, r, ret = 0;
+
+	if (principalsp != NULL)
+		*principalsp = NULL;
+	if (nprincipalsp != NULL)
+		*nprincipalsp = 0;
+
+	/* Check key and principal against file */
+	if ((f = fopen(path, "r")) == NULL) {
+		oerrno = errno;
+		error("Unable to open allowed keys file \"%s\": %s",
+		    path, strerror(errno));
+		errno = oerrno;
+		return SSH_ERR_SYSTEM_ERROR;
+	}
+
+	while (getline(&line, &linesize, f) != -1) {
+		linenum++;
+		/* Parse the line */
+		if ((r = parse_principals_key_and_options(path, linenum, line,
+		    principal, &found, NULL, NULL)) != 0) {
+			if (r == SSH_ERR_KEY_NOT_FOUND)
+				continue;
+			ret = r;
+			oerrno = errno;
+			break; /* unexpected error */
+		}
+		if ((tmp = recallocarray(principals, nprincipals,
+		    nprincipals + 1, sizeof(*principals))) == NULL) {
+			ret = SSH_ERR_ALLOC_FAIL;
+			free(found);
+			break;
+		}
+		principals = tmp;
+		principals[nprincipals++] = found; /* transferred */
+		free(line);
+		line = NULL;
+		linesize = 0;
+	}
+	fclose(f);
+
+	if (ret == 0) {
+		if (nprincipals == 0)
+			ret = SSH_ERR_KEY_NOT_FOUND;
+		if (principalsp != NULL) {
+			*principalsp = principals;
+			principals = NULL; /* transferred */
+		}
+		if (nprincipalsp != 0) {
+			*nprincipalsp = nprincipals;
+			nprincipals = 0;
+		}
+	}
+
+	for (i = 0; i < nprincipals; i++)
+		free(principals[i]);
+	free(principals);
+
+	errno = oerrno;
+	return ret;
+}
+
 int
 sshsig_get_pubkey(struct sshbuf *signature, struct sshkey **pubkey)
 {
diff --git a/sshsig.h b/sshsig.h
index b725c7d7acd1..ac5577962fba 100644
--- a/sshsig.h
+++ b/sshsig.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshsig.h,v 1.10 2021/07/23 03:37:52 djm Exp $ */
+/* $OpenBSD: sshsig.h,v 1.11 2021/11/27 07:14:46 djm Exp $ */
 /*
  * Copyright (c) 2019 Google LLC
  *
@@ -104,4 +104,8 @@ int sshsig_get_pubkey(struct sshbuf *signature, struct sshkey **pubkey);
 int sshsig_find_principals(const char *path, const struct sshkey *sign_key,
     uint64_t verify_time, char **principal);
 
+/* Find all principals in allowed_keys file matching *principal */
+int sshsig_match_principals(const char *path,
+	const char *principal, char ***principalsp, size_t *nprincipalsp);
+
 #endif /* SSHSIG_H */
diff --git a/umac.c b/umac.c
index e5ec19f082cb..a710424ce0fd 100644
--- a/umac.c
+++ b/umac.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: umac.c,v 1.21 2021/04/03 06:58:30 djm Exp $ */
+/* $OpenBSD: umac.c,v 1.22 2022/01/01 05:55:06 jsg Exp $ */
 /* -----------------------------------------------------------------------
  *
  * umac.c -- C Implementation UMAC Message Authentication
@@ -1177,7 +1177,7 @@ static int uhash(uhash_ctx_t ahc, u_char *msg, long len, u_char *res)
 /* The UMAC interface has two interfaces, an all-at-once interface where
  * the entire message to be authenticated is passed to UMAC in one buffer,
  * and a sequential interface where the message is presented a little at a
- * time. The all-at-once is more optimaized than the sequential version and
+ * time. The all-at-once is more optimized than the sequential version and
  * should be preferred when the sequential interface is not required.
  */
 struct umac_ctx {
diff --git a/umac.h b/umac.h
index 4651f0d5aaf0..f21398a8d733 100644
--- a/umac.h
+++ b/umac.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: umac.h,v 1.4 2019/06/07 14:18:48 dtucker Exp $ */
+/* $OpenBSD: umac.h,v 1.5 2022/01/01 01:55:30 jsg Exp $ */
 /* -----------------------------------------------------------------------
  * 
  * umac.h -- C Implementation UMAC Message Authentication
@@ -59,7 +59,7 @@ struct umac_ctx *umac_new(const u_char key[]);
 
 #if 0
 int umac_reset(struct umac_ctx *ctx);
-/* Reset a umac_ctx to begin authenicating a new message */
+/* Reset a umac_ctx to begin authenticating a new message */
 #endif
 
 int umac_update(struct umac_ctx *ctx, const u_char *input, long len);
diff --git a/version.h b/version.h
index eba7aca0643d..09da52d0df89 100644
--- a/version.h
+++ b/version.h
@@ -1,6 +1,6 @@
-/* $OpenBSD: version.h,v 1.92 2021/09/26 14:01:11 djm Exp $ */
+/* $OpenBSD: version.h,v 1.93 2022/02/23 11:07:09 djm Exp $ */
 
-#define SSH_VERSION	"OpenSSH_8.8"
+#define SSH_VERSION	"OpenSSH_8.9"
 
 #define SSH_PORTABLE	"p1"
 #define SSH_RELEASE	SSH_VERSION SSH_PORTABLE
-- 
cgit v1.2.3