From d5f7e595959229f7e4dee42adc518e14d05fed48 Mon Sep 17 00:00:00 2001 From: Magnus Ahltorp Date: Fri, 10 Jun 2016 15:12:46 +0200 Subject: Implement CATLFISH-74 --- tools/compileconfig.py | 21 +++++++++++++-------- 1 file changed, 13 insertions(+), 8 deletions(-) (limited to 'tools') diff --git a/tools/compileconfig.py b/tools/compileconfig.py index 25518ee..777a12f 100755 --- a/tools/compileconfig.py +++ b/tools/compileconfig.py @@ -88,7 +88,7 @@ def get_address(bind_address, nodeconfig): host = "0.0.0.0" return (host, port) -def gen_http_servers(nodetype, nodeconfig, bind_address, bind_publicaddress, bind_publichttpaddress): +def gen_http_servers(nodetype, nodeconfig, bind_addresses, bind_publicaddress, bind_publichttpaddress): http_servers = [] https_servers = [] @@ -97,7 +97,7 @@ def gen_http_servers(nodetype, nodeconfig, bind_address, bind_publicaddress, bin sys.exit(1) if "frontendnodes" in nodetype: - (host, port) = get_address(bind_address, nodeconfig["frontendnodes"]) + (host, port) = get_address(bind_addresses["frontend"], nodeconfig["frontendnodes"]) if bind_publicaddress: (publichost, publicport) = parse_address(bind_publicaddress) else: @@ -110,13 +110,13 @@ def gen_http_servers(nodetype, nodeconfig, bind_address, bind_publicaddress, bin https_servers.append((Symbol("external_https_api"), publichost, publicport, Symbol("v1"))) https_servers.append((Symbol("frontend_https_api"), host, port, Symbol("frontend"))) if "storagenodes" in nodetype: - (host, port) = get_address(bind_address, nodeconfig["storagenodes"]) + (host, port) = get_address(bind_addresses["storage"], nodeconfig["storagenodes"]) https_servers.append((Symbol("storage_https_api"), host, port, Symbol("storage"))) if "signingnodes" in nodetype: - (host, port) = get_address(bind_address, nodeconfig["signingnodes"]) + (host, port) = get_address(bind_addresses["signing"], nodeconfig["signingnodes"]) https_servers.append((Symbol("signing_https_api"), host, port, Symbol("signing"))) if "mergenodes" in nodetype: - (host, port) = get_address(bind_address, nodeconfig["mergenodes"]) + (host, port) = get_address(bind_addresses["merge"], nodeconfig["mergenodes"]) https_servers.append((Symbol("frontend_https_api"), host, port, Symbol("frontend"))) if nodetype - set(["frontendnodes", "storagenodes", "signingnodes", "mergenodes"]): print >>sys.stderr, "unknown nodetype", nodetype @@ -196,8 +196,13 @@ def parse_ratelimit((type, description)): def gen_config(nodename, config, localconfig): print "generating config for", nodename paths = localconfig["paths"] - bind_address = localconfig.get("addresses", {}).get(nodename) - bind_publicaddress = localconfig.get("publicaddresses", {}).get(nodename) + bind_addresses = { + "frontend": localconfig.get("frontendaddresses", {}).get(nodename), + "storage": localconfig.get("storageaddresses", {}).get(nodename), + "signing": localconfig.get("signingaddresses", {}).get(nodename), + "merge": localconfig.get("mergeaddresses", {}).get(nodename), + } + bind_publicaddress = localconfig.get("ctapiaddresses", {}).get(nodename) bind_publichttpaddress = localconfig.get("publichttpaddresses", {}).get(nodename) options = localconfig.get("options", []) @@ -205,7 +210,7 @@ def gen_config(nodename, config, localconfig): print >>configfile, "%% catlfish configuration file (-*- erlang -*-)" (nodetype, nodeconfig) = get_node_config(nodename, config) - (http_servers, https_servers) = gen_http_servers(nodetype, nodeconfig, bind_address, bind_publicaddress, bind_publichttpaddress=bind_publichttpaddress) + (http_servers, https_servers) = gen_http_servers(nodetype, nodeconfig, bind_addresses, bind_publicaddress, bind_publichttpaddress=bind_publichttpaddress) catlfishconfig = [] plopconfig = [] -- cgit v1.1 From ed94e0682912a8ee16cb5a1427166c3e77b51b50 Mon Sep 17 00:00:00 2001 From: Magnus Ahltorp Date: Fri, 8 Jul 2016 13:21:31 +0200 Subject: Fix bugs in old tests. Add tests for merge takeover. submitcert.py was not exiting with error code when cert submission failed. compileconfig.py was generating duplicate node names when Erlang nodes have several servers --- tools/compileconfig.py | 14 +++++++------- tools/submitcert.py | 10 ++++++++++ 2 files changed, 17 insertions(+), 7 deletions(-) (limited to 'tools') diff --git a/tools/compileconfig.py b/tools/compileconfig.py index 777a12f..d9ac740 100755 --- a/tools/compileconfig.py +++ b/tools/compileconfig.py @@ -350,19 +350,19 @@ def gen_config(nodename, config, localconfig): def gen_testmakefile(config, testmakefile, machines): configfile = open(testmakefile, "w") - frontendnodenames = [node["name"] for node in config["frontendnodes"]] - storagenodenames = [node["name"] for node in config["storagenodes"]] - signingnodenames = [node["name"] for node in config["signingnodes"]] - mergenodenames = [node["name"] for node in config["mergenodes"]] - erlangnodenames = frontendnodenames + storagenodenames + signingnodenames + \ - filter(lambda name: name != config["primarymergenode"], mergenodenames) + frontendnodenames = set([node["name"] for node in config["frontendnodes"]]) + storagenodenames = set([node["name"] for node in config["storagenodes"]]) + signingnodenames = set([node["name"] for node in config["signingnodes"]]) + mergenodenames = set([node["name"] for node in config["mergenodes"]]) + erlangnodenames = frontendnodenames | storagenodenames | signingnodenames | \ + set(filter(lambda name: name != config["primarymergenode"], mergenodenames)) frontendnodeaddresses = [node["publicaddress"] for node in config["frontendnodes"]] storagenodeaddresses = [node["address"] for node in config["storagenodes"]] signingnodeaddresses = [node["address"] for node in config["signingnodes"]] mergenodeaddresses = [node["address"] for node in config["mergenodes"] if node["name"] != config["primarymergenode"]] - print >>configfile, "NODES=" + " ".join(frontendnodenames+storagenodenames+signingnodenames+mergenodenames) + print >>configfile, "NODES=" + " ".join(frontendnodenames|storagenodenames|signingnodenames|mergenodenames) print >>configfile, "ERLANGNODES=" + " ".join(erlangnodenames) print >>configfile, "MACHINES=" + " ".join([str(e) for e in range(1, machines+1)]) print >>configfile, "TESTURLS=" + " ".join(frontendnodeaddresses+storagenodeaddresses+signingnodeaddresses+mergenodeaddresses) diff --git a/tools/submitcert.py b/tools/submitcert.py index 3b14912..66d5126 100755 --- a/tools/submitcert.py +++ b/tools/submitcert.py @@ -183,11 +183,15 @@ print ncerts, "certs" certs = get_all_certificates(certfiles) +errors = 0 + (result, timing) = submitcert(certs.next()) if result != None: nsubmitted += 1 (leafcert, issuer_key_hash, sct) = result save_sct(sct, sth, leafcert, issuer_key_hash) +else: + errors += 1 if args.pre_warm: select.select([], [], [], 3.0) @@ -206,6 +210,8 @@ try: nsubmitted += 1 (leafcert, issuer_key_hash, sct) = result save_sct(sct, sth, leafcert, issuer_key_hash) + else: + errors += 1 deltatime = datetime.datetime.now() - starttime deltatime_f = deltatime.seconds + deltatime.microseconds / 1000000.0 rate = nsubmitted / deltatime_f @@ -217,3 +223,7 @@ try: except KeyboardInterrupt: p.terminate() p.join() + +if errors: + print >> sys.stderr, errors, "errors encountered, exiting with error code" + sys.exit(1) -- cgit v1.1 From 9039104a2203e3467a2420348e5cee43eb5bd5af Mon Sep 17 00:00:00 2001 From: Magnus Ahltorp Date: Fri, 8 Jul 2016 16:51:55 +0200 Subject: Added permdb support to merge --- tools/merge_backup.py | 8 ++++---- tools/merge_dist.py | 6 +++--- tools/merge_fetch.py | 9 +++++---- tools/mergetools.py | 31 +++++++++++++++++++++++++++++++ 4 files changed, 43 insertions(+), 11 deletions(-) (limited to 'tools') diff --git a/tools/merge_backup.py b/tools/merge_backup.py index 48ac133..ab2625d 100755 --- a/tools/merge_backup.py +++ b/tools/merge_backup.py @@ -12,9 +12,9 @@ from time import sleep from certtools import timing_point, build_merkle_tree, write_file, \ create_ssl_context from mergetools import chunks, backup_sendlog, get_logorder, \ - get_verifiedsize, get_missingentriesforbackup, read_chain, \ + get_verifiedsize, get_missingentriesforbackup, \ hexencode, setverifiedsize, sendentries_merge, verifyroot, \ - get_nfetched, parse_args + get_nfetched, parse_args, perm def backup_loop(nodename, nodeaddress, own_key, paths, verifiedsize, chunk): for trynumber in range(5, 0, -1): @@ -37,7 +37,7 @@ def merge_backup(args, config, localconfig, secondaries): "%s/%s-private.pem" % (paths["privatekeys"], localconfig["nodename"])) mergedb = paths["mergedb"] - chainsdir = mergedb + "/chains" + chainsdb = perm(localconfig.get("dbbackend", "filedb"), mergedb + "/chains") logorderfile = mergedb + "/logorder" currentsizefile = mergedb + "/fetched" timing = timing_point() @@ -119,7 +119,7 @@ def merge_backup(args, config, localconfig, secondaries): with requests.sessions.Session() as session: for missingentry_chunk in chunks(missingentries, 100): missingentry_hashes = [base64.b64decode(missingentry) for missingentry in missingentry_chunk] - hashes_and_entries = [(hash, read_chain(chainsdir, hash)) for hash in missingentry_hashes] + hashes_and_entries = [(hash, chainsdb.get(hash)) for hash in missingentry_hashes] sendentryresult = sendentries_merge(nodename, nodeaddress, own_key, paths, hashes_and_entries, session) diff --git a/tools/merge_dist.py b/tools/merge_dist.py index 9831f97..2af1d6c 100755 --- a/tools/merge_dist.py +++ b/tools/merge_dist.py @@ -11,7 +11,7 @@ from base64 import b64encode, b64decode from certtools import timing_point, \ create_ssl_context from mergetools import get_curpos, get_logorder, chunks, get_missingentries, \ - sendsth, sendlog, sendentry, read_chain, parse_args + sendsth, sendlog, sendentry, parse_args, perm def merge_dist(args, localconfig, frontendnodes, timestamp): paths = localconfig["paths"] @@ -19,7 +19,7 @@ def merge_dist(args, localconfig, frontendnodes, timestamp): "%s/%s-private.pem" % (paths["privatekeys"], localconfig["nodename"])) mergedb = paths["mergedb"] - chainsdir = mergedb + "/chains" + chainsdb = perm(localconfig.get("dbbackend", "filedb"), mergedb + "/chains") logorderfile = mergedb + "/logorder" sthfile = mergedb + "/sth" create_ssl_context(cafile=paths["https_cacertfile"]) @@ -92,7 +92,7 @@ def merge_dist(args, localconfig, frontendnodes, timestamp): for missingentry in missingentries: ehash = b64decode(missingentry) sendentryresult = sendentry(nodename, nodeaddress, own_key, paths, - read_chain(chainsdir, ehash), ehash) + chainsdb.get(ehash), ehash) if sendentryresult["result"] != "ok": print >>sys.stderr, "sendentry:", sendentryresult sys.exit(1) diff --git a/tools/merge_fetch.py b/tools/merge_fetch.py index bb1e17e..b77dea6 100755 --- a/tools/merge_fetch.py +++ b/tools/merge_fetch.py @@ -9,8 +9,8 @@ import struct import subprocess from time import sleep from mergetools import get_logorder, verify_entry, get_new_entries, \ - chunks, fsync_logorder, get_entries, write_chain, add_to_logorder, \ - hexencode, parse_args + chunks, fsync_logorder, get_entries, add_to_logorder, \ + hexencode, parse_args, perm from certtools import timing_point, write_file, create_ssl_context def merge_fetch(args, config, localconfig): @@ -18,7 +18,7 @@ def merge_fetch(args, config, localconfig): storagenodes = config["storagenodes"] mergedb = paths["mergedb"] logorderfile = mergedb + "/logorder" - chainsdir = mergedb + "/chains" + chainsdb = perm(localconfig.get("dbbackend", "filedb"), mergedb + "/chains") own_key = (localconfig["nodename"], "%s/%s-private.pem" % (paths["privatekeys"], localconfig["nodename"])) @@ -70,7 +70,7 @@ def merge_fetch(args, config, localconfig): for ehash in chunk: entry = entries[ehash] verify_entry(verifycert, entry, ehash) - write_chain(ehash, entry, chainsdir) + chainsdb.add(ehash, entry) add_to_logorder(logorderfile, ehash) logorder.append(ehash) certsinlog.add(ehash) @@ -79,6 +79,7 @@ def merge_fetch(args, config, localconfig): sys.stderr.flush() print >>sys.stderr sys.stderr.flush() + chainsdb.commit() fsync_logorder(logorderfile) timing_point(timing, "add entries") print >>sys.stderr, "added", added_entries, "entries" diff --git a/tools/mergetools.py b/tools/mergetools.py index ec4fd2a..80fbf0b 100644 --- a/tools/mergetools.py +++ b/tools/mergetools.py @@ -10,6 +10,10 @@ import json import yaml import argparse import requests +try: + import permdb +except ImportError: + pass from certtools import get_leaf_hash, http_request, get_leaf_hash def parselogrow(row): @@ -409,3 +413,30 @@ def parse_args(): localconfig = yaml.load(open(args.localconfig)) return (args, config, localconfig) + +def perm(dbtype, path): + if dbtype == "filedb": + return FileDB(path) + elif dbtype == "permdb": + return PermDB(path) + assert False + +class FileDB: + def __init__(self, path): + self.path = path + def get(self, key): + return read_chain(self.path, key) + def add(self, key, value): + return write_chain(key, value, self.path) + def commit(self): + pass + +class PermDB: + def __init__(self, path): + self.permdbobj = permdb.alloc(path) + def get(self, key): + return permdb.getvalue(self.permdbobj, key) + def add(self, key, value): + return permdb.addvalue(self.permdbobj, key, value) + def commit(self): + permdb.committree(self.permdbobj) -- cgit v1.1 From 0c324cb99362e5915860a915291ba287138f3bcf Mon Sep 17 00:00:00 2001 From: Magnus Ahltorp Date: Tue, 12 Jul 2016 17:15:21 +0200 Subject: Cert7 --- tools/testcerts/cert7.txt | 88 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 88 insertions(+) create mode 100644 tools/testcerts/cert7.txt (limited to 'tools') diff --git a/tools/testcerts/cert7.txt b/tools/testcerts/cert7.txt new file mode 100644 index 0000000..0cd5fc7 --- /dev/null +++ b/tools/testcerts/cert7.txt @@ -0,0 +1,88 @@ +depth=2 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert High Assurance EV Root CA +verify return:1 +depth=1 C = NL, ST = Noord-Holland, L = Amsterdam, O = TERENA, CN = TERENA SSL High Assurance CA 3 +verify return:1 +depth=0 businessCategory = Government Entity, jurisdictionC = SE, serialNumber = Government Entity, street = Brinellv\C3\A4gen 8, postalCode = 114 28, C = SE, ST = Stockholm, L = Stockholm, O = Kungliga Tekniska h\C3\B6gskolan, OU = ITA, CN = ns-vip-01.sys.kth.se +verify return:1 +--- +Certificate chain + 0 s:/businessCategory=Government Entity/jurisdictionC=SE/serialNumber=Government Entity/street=Brinellv\xC3\xA4gen 8/postalCode=114 28/C=SE/ST=Stockholm/L=Stockholm/O=Kungliga Tekniska h\xC3\xB6gskolan/OU=ITA/CN=ns-vip-01.sys.kth.se + i:/C=NL/ST=Noord-Holland/L=Amsterdam/O=TERENA/CN=TERENA SSL High Assurance CA 3 + 1 s:/C=NL/ST=Noord-Holland/L=Amsterdam/O=TERENA/CN=TERENA SSL High Assurance CA 3 + i:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert High Assurance EV Root CA +--- +Server certificate +-----BEGIN CERTIFICATE----- +MIIHgzCCBmugAwIBAgIQCdqT9/QmgQ7tXQLSVpiJbjANBgkqhkiG9w0BAQsFADBz +MQswCQYDVQQGEwJOTDEWMBQGA1UECBMNTm9vcmQtSG9sbGFuZDESMBAGA1UEBxMJ +QW1zdGVyZGFtMQ8wDQYDVQQKEwZURVJFTkExJzAlBgNVBAMTHlRFUkVOQSBTU0wg +SGlnaCBBc3N1cmFuY2UgQ0EgMzAeFw0xNTAyMDIwMDAwMDBaFw0xNzAyMDYxMjAw +MDBaMIIBATEaMBgGA1UEDwwRR292ZXJubWVudCBFbnRpdHkxEzARBgsrBgEEAYI3 +PAIBAxMCU0UxGjAYBgNVBAUTEUdvdmVybm1lbnQgRW50aXR5MRgwFgYDVQQJDA9C +cmluZWxsdsOkZ2VuIDgxDzANBgNVBBETBjExNCAyODELMAkGA1UEBhMCU0UxEjAQ +BgNVBAgTCVN0b2NraG9sbTESMBAGA1UEBxMJU3RvY2tob2xtMSUwIwYDVQQKDBxL +dW5nbGlnYSBUZWtuaXNrYSBow7Znc2tvbGFuMQwwCgYDVQQLEwNJVEExHTAbBgNV +BAMTFG5zLXZpcC0wMS5zeXMua3RoLnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A +MIIBCgKCAQEApiFDIvE+jH/pLv4e3dG2LIvP6Cskik6ZEq83gG7lDYZp0/lUzL29 +sOd/CnDypzoRRhURdy832tY+9Lyri1m3y6kBzl2tGKtM25r1TRR/VLYbaZr+7o+a +PLiu5E0jRdhc2lp5t4IOkHJMWAAEtXhvcI0b30kksM28NHv8t7b4Tfr8Xq82V/KI +mOHRVprZj0X/cRNfC5ELrONQCTyx/uEgl26biZ+FaN5E5K2adjGaOG2ejwf8tuex +aMDTqJJEBv0IOsDl/vVlv8xwo/EaqH2hIZqYLVcjpJYCZA0yzfGfPOvWaPjbdk3g +8j1ka/iMRUlWQlwJxC9KgjGA6xwM2SiZAwIDAQABo4IDgTCCA30wHwYDVR0jBBgw +FoAUwriF1+G5E73RSLz9Xtx9kEJ6iqkwHQYDVR0OBBYEFNwVQHULuYn87IccKDOy +8WXztypxMDMGA1UdEQQsMCqCFG5zLXZpcC0wMS5zeXMua3RoLnNlggZrdGguc2WC +Cnd3dy5rdGguc2UwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMB +BggrBgEFBQcDAjCBhQYDVR0fBH4wfDA8oDqgOIY2aHR0cDovL2NybDMuZGlnaWNl +cnQuY29tL1RFUkVOQVNTTEhpZ2hBc3N1cmFuY2VDQTMuY3JsMDygOqA4hjZodHRw +Oi8vY3JsNC5kaWdpY2VydC5jb20vVEVSRU5BU1NMSGlnaEFzc3VyYW5jZUNBMy5j +cmwwQgYDVR0gBDswOTA3BglghkgBhv1sAgEwKjAoBggrBgEFBQcCARYcaHR0cHM6 +Ly93d3cuZGlnaWNlcnQuY29tL0NQUzB7BggrBgEFBQcBAQRvMG0wJAYIKwYBBQUH +MAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBFBggrBgEFBQcwAoY5aHR0cDov +L2NhY2VydHMuZGlnaWNlcnQuY29tL1RFUkVOQVNTTEhpZ2hBc3N1cmFuY2VDQTMu +Y3J0MAwGA1UdEwEB/wQCMAAwggF+BgorBgEEAdZ5AgQCBIIBbgSCAWoBaAB2AKS5 +CZC0GFgUh7sTosxncAo8NZgE+RvfuON3zQ7IDdwQAAABS0m3DSsAAAQDAEcwRQIh +AK5X6zyg4itvaiHvX52Dzt1KZXZtsSyPyvJ5TvIKYgnWAiAliRErIfDHWGJSc3QA +QFtFIO78h3CFE2VIaXG3a/OShQB1AGj2mPgfZIK+OozuuSgdTPxxUV1nk9RE0Qpn +rLtPT/vEAAABS0m3DNEAAAQDAEYwRAIgSxsxeRIEyG17W2Hm3gkoP+g0VRSBIYwm +cd3SkyUkM28CIE6kyWZw0ArCssseNtNi0nZO3UUCDNCmQwnnzXn2dw1zAHcAVhQG +mi/XwuzT9eG9RLI+x0Z2ubyZEVzA75SYVdaJ0N0AAAFLSbcOpwAABAMASDBGAiEA ++HptsTKBs/T9KWMn0MaFjdyTOvAAcp6s6iFd84naRRMCIQCD4bxdQEP1Fls7VXZl +kewlHIUo4aQqKhypPMCOGkRQDzANBgkqhkiG9w0BAQsFAAOCAQEAH3jW+5hZJ14a +EuCTAZXfrCsXmopbHLWuI/pjWYJLyqGcWLVBZD2c/WqHpptQEPcJQF8/oPjA/DT0 +TKKIh0DZcQ6XoZTz7o02dBvkKsnBu9Vhoz78EQNNRcgyEgmU7DPXjdfMuBKre0ia +qPYEllzZLF0EXeap4SLXxdYh0XpLVjFnQDEYFeUcqbYX2r7AAqG/1476Vx/PtX4x +SGu7Q9RUt+wq7WOxRxzT+IorJ9zPqETr6ywqjfPXvWGzpoxeDgPKNh3pDKm4v160 +aYuM6Ar4zueUYRTNbdNCvQXg1o8a9S6pZSh/YkY64pHGsZ95taBcIw3Gn4CBAboS +rw36n9nb1g== +-----END CERTIFICATE----- +subject=/businessCategory=Government Entity/jurisdictionC=SE/serialNumber=Government Entity/street=Brinellv\xC3\xA4gen 8/postalCode=114 28/C=SE/ST=Stockholm/L=Stockholm/O=Kungliga Tekniska h\xC3\xB6gskolan/OU=ITA/CN=ns-vip-01.sys.kth.se +issuer=/C=NL/ST=Noord-Holland/L=Amsterdam/O=TERENA/CN=TERENA SSL High Assurance CA 3 +-----BEGIN CERTIFICATE----- +MIIE4DCCA8igAwIBAgIQC1w0NWdbJGfA1zI3+Q1flDANBgkqhkiG9w0BAQsFADBs +MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 +d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j +ZSBFViBSb290IENBMB4XDTE0MTExODEyMDAwMFoXDTI0MTExODEyMDAwMFowczEL +MAkGA1UEBhMCTkwxFjAUBgNVBAgTDU5vb3JkLUhvbGxhbmQxEjAQBgNVBAcTCUFt +c3RlcmRhbTEPMA0GA1UEChMGVEVSRU5BMScwJQYDVQQDEx5URVJFTkEgU1NMIEhp +Z2ggQXNzdXJhbmNlIENBIDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB +AQChNsmK4gfxr6c9j2OMBRo3gOA7z5keoaPHiX4rUX+1fF1Brmvf7Uo83sRiXRYQ +RJrD79hzJrulDtdihxgS5HgvIQHqGrp3NRRDUlq/4bItLTp9QCHzLhRQSrSYaFkI +zztYezwb3ABzNiVciqQFk7WR9ebh9ZaCxaXfebcg7LodgQQ4XDvkW2Aknkb1J8NV +nlbKen6PLlNSL4+MLV+uF1e87aTgOxbM9sxZ1/1LRqrOu28z9WA8qUZn2Av+hcP2 +TQIBoMPMQ8dT+6Yx/0Y+2J702OU//dS0pi8gMe7FtYVcZrlcSy/C40I7EFYHEjTm +zH4EGvG6t9wZua2atFKvP/7HAgMBAAGjggF1MIIBcTASBgNVHRMBAf8ECDAGAQH/ +AgEAMA4GA1UdDwEB/wQEAwIBhjB/BggrBgEFBQcBAQRzMHEwJAYIKwYBBQUHMAGG +GGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBJBggrBgEFBQcwAoY9aHR0cDovL2Nh +Y2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0SGlnaEFzc3VyYW5jZUVWUm9vdENB +LmNydDBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8vY3JsNC5kaWdpY2VydC5jb20v +RGlnaUNlcnRIaWdoQXNzdXJhbmNlRVZSb290Q0EuY3JsMD0GA1UdIAQ2MDQwMgYE +VR0gADAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BT +MB0GA1UdDgQWBBTCuIXX4bkTvdFIvP1e3H2QQnqKqTAfBgNVHSMEGDAWgBSxPsNp +A/i/RwHUmCYaCALvY2QrwzANBgkqhkiG9w0BAQsFAAOCAQEAsCq7NTey6NjZHqT4 +kjZBNU3sItnD+RYAMWx4ZyaELcy7XhndQzX88TYSCYxl/YWB6lCjxx0dL3wTZUbX +r+WRDzz5xX+98kdYrwNCT7fmT4eenv6cCS1sC9hc4sIl5dkb1pguY3ViV5D8/yEB +hadOpw3TwI8xkqe2j/H5fp4Oaf9cFdpf9C85mQgZJwsvtvmmDTQTPcGPRFTgdGtY +2xbWxDah6HjKpX6iI4BTBQhhpX6TJl6/GEaYK07s2Kr8BFPhrgmep9vrepWv61x7 +dnnqz5SeAs6cbSm551qG7Dj8+6f/8e33oqLC5Ldnbt0Ou6PjtZ4O02dN9cnicemR +1B0/YQ== +-----END CERTIFICATE----- -- cgit v1.1