From 140f494826ea18a6dfeda25372b2f00046ada873dc5acdafbb47df678fa396f7 Mon Sep 17 00:00:00 2001 From: Dominique Leuenberger Date: Tue, 9 Dec 2014 08:13:50 +0000 Subject: [PATCH] Accepting request 263909 from Base:System Automatic submission by obs-autosubmit OBS-URL: https://build.opensuse.org/request/show/263909 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/gpg2?expand=0&rev=81 --- gnupg-2.0.18-files-are-digests.patch | 94 +-- gnupg-2.0.18-tmpdir.diff | 41 -- gnupg-2.0.20-automake113.diff | 13 - gnupg-2.0.26.tar.bz2 | 3 - gnupg-2.0.26.tar.bz2.sig | Bin 287 -> 0 bytes gnupg-2.0.4-install_tools.diff | 23 +- gnupg-2.0.9-langinfo.patch | 10 +- ...8-openpgp_oid_to_str-buffer-overflow.patch | 77 +++ gnupg-2.1.0.tar.bz2 | 3 + gnupg-2.1.0.tar.bz2.sig | Bin 0 -> 861 bytes gnupg-add_legacy_FIPS_mode_option.patch | 24 +- gnupg-detect_FIPS_mode.patch | 43 +- gnupg-dont-fail-with-seahorse-agent.patch | 8 +- ...g-remove_development_version_warning.patch | 15 + gnupg-set_umask_before_open_outfile.patch | 35 +- gpg2.changes | 56 ++ gpg2.keyring | 616 +++--------------- gpg2.spec | 101 ++- 18 files changed, 411 insertions(+), 751 deletions(-) delete mode 100644 gnupg-2.0.18-tmpdir.diff delete mode 100644 gnupg-2.0.20-automake113.diff delete mode 100644 gnupg-2.0.26.tar.bz2 delete mode 100644 gnupg-2.0.26.tar.bz2.sig create mode 100644 gnupg-2.1.0-boo-907198-openpgp_oid_to_str-buffer-overflow.patch create mode 100644 gnupg-2.1.0.tar.bz2 create mode 100644 gnupg-2.1.0.tar.bz2.sig create mode 100644 gnupg-remove_development_version_warning.patch diff --git a/gnupg-2.0.18-files-are-digests.patch b/gnupg-2.0.18-files-are-digests.patch index 1e9540c..15e5153 100644 --- a/gnupg-2.0.18-files-are-digests.patch +++ b/gnupg-2.0.18-files-are-digests.patch @@ -4,11 +4,11 @@ g10/sign.c | 66 +++++++++++++++++++++++++++++++++++++++++++++++++++++----- 3 files changed, 66 insertions(+), 5 deletions(-) -Index: gnupg-2.0.23/g10/gpg.c +Index: gnupg-2.1.0/g10/gpg.c =================================================================== ---- gnupg-2.0.23.orig/g10/gpg.c 2014-06-03 22:36:44.000000000 +0100 -+++ gnupg-2.0.23/g10/gpg.c 2014-06-03 22:36:55.000000000 +0100 -@@ -345,6 +345,7 @@ enum cmd_and_opt_values +--- gnupg-2.1.0.orig/g10/gpg.c 2014-11-07 11:35:21.599605797 +0100 ++++ gnupg-2.1.0/g10/gpg.c 2014-11-07 16:50:14.742067262 +0100 +@@ -349,6 +349,7 @@ enum cmd_and_opt_values oTTYtype, oLCctype, oLCmessages, @@ -16,35 +16,35 @@ Index: gnupg-2.0.23/g10/gpg.c oXauthority, oGroup, oUnGroup, -@@ -711,6 +712,7 @@ static ARGPARSE_OPTS opts[] = { - ARGPARSE_s_s (oPersonalDigestPreferences, "personal-digest-preferences","@"), +@@ -733,6 +734,7 @@ static ARGPARSE_OPTS opts[] = { ARGPARSE_s_s (oPersonalCompressPreferences, "personal-compress-preferences", "@"), + ARGPARSE_s_s (oFakedSystemTime, "faked-system-time", "@"), + ARGPARSE_s_n (oFilesAreDigests, "files-are-digests", "@"), /* Aliases. I constantly mistype these, and assume other people do as well. */ -@@ -2001,6 +2003,7 @@ main (int argc, char **argv) - opt.def_sig_expire="0"; - opt.def_cert_expire="0"; - set_homedir ( default_homedir () ); -+ opt.files_are_digests=0; - opt.passphrase_repeat=1; +@@ -2126,6 +2128,7 @@ main (int argc, char **argv) + opt.def_cert_expire = "0"; + set_homedir (default_homedir ()); + opt.passphrase_repeat = 1; ++ opt.files_are_digests=0; opt.emit_version = 1; /* Limit to the major number. */ -@@ -2491,6 +2494,7 @@ main (int argc, char **argv) + /* Check whether we have a config file on the command line. */ +@@ -2630,6 +2633,7 @@ main (int argc, char **argv) + opt.verify_options&=~VERIFY_SHOW_PHOTOS; + break; case oPhotoViewer: opt.photo_viewer = pargs.r.ret_str; break; - case oForceV3Sigs: opt.force_v3_sigs = 1; break; - case oNoForceV3Sigs: opt.force_v3_sigs = 0; break; + case oFilesAreDigests: opt.files_are_digests = 1; break; - case oForceV4Certs: opt.force_v4_certs = 1; break; - case oNoForceV4Certs: opt.force_v4_certs = 0; break; + case oForceMDC: opt.force_mdc = 1; break; -Index: gnupg-2.0.23/g10/options.h + case oNoForceMDC: opt.force_mdc = 0; break; +Index: gnupg-2.1.0/g10/options.h =================================================================== ---- gnupg-2.0.23.orig/g10/options.h 2014-06-03 22:36:44.000000000 +0100 -+++ gnupg-2.0.23/g10/options.h 2014-06-03 22:36:55.000000000 +0100 -@@ -198,6 +198,7 @@ struct +--- gnupg-2.1.0.orig/g10/options.h 2014-11-07 11:35:21.599605797 +0100 ++++ gnupg-2.1.0/g10/options.h 2014-11-07 16:49:59.770885017 +0100 +@@ -193,6 +193,7 @@ struct int no_auto_check_trustdb; int preserve_permissions; int no_homedir_creation; @@ -52,24 +52,24 @@ Index: gnupg-2.0.23/g10/options.h struct groupitem *grouplist; int mangle_dos_filenames; int enable_progress_filter; -Index: gnupg-2.0.23/g10/sign.c +Index: gnupg-2.1.0/g10/sign.c =================================================================== ---- gnupg-2.0.23.orig/g10/sign.c 2014-06-03 22:36:44.000000000 +0100 -+++ gnupg-2.0.23/g10/sign.c 2014-06-03 22:36:55.000000000 +0100 -@@ -665,8 +665,12 @@ write_signature_packets (SK_LIST sk_list - mk_notation_policy_etc (sig, NULL, sk); - } +--- gnupg-2.1.0.orig/g10/sign.c 2014-11-07 11:35:21.599605797 +0100 ++++ gnupg-2.1.0/g10/sign.c 2014-11-07 17:13:40.128218081 +0100 +@@ -703,8 +703,12 @@ write_signature_packets (SK_LIST sk_list + build_sig_subpkt_from_sig (sig); + mk_notation_policy_etc (sig, pk, NULL); -+ if (!opt.files_are_digests) { - hash_sigversion_to_magic (md, sig); - gcry_md_final (md); -+ } else if (sig->version >= 4) { -+ log_bug("files-are-digests doesn't work with v4 sigs\n"); -+ } ++ if (!opt.files_are_digests) { + hash_sigversion_to_magic (md, sig); + gcry_md_final (md); ++ } else if (sig->version >= 4) { ++ log_bug("files-are-digests doesn't work with v4 sigs\n"); ++ } - rc = do_sign( sk, sig, md, hash_for (sk) ); - gcry_md_close (md); -@@ -723,6 +727,8 @@ sign_file( strlist_t filenames, int deta + rc = do_sign (pk, sig, md, hash_for (pk), cache_nonce); + gcry_md_close (md); +@@ -762,6 +766,8 @@ sign_file (ctrl_t ctrl, strlist_t filena SK_LIST sk_rover = NULL; int multifile = 0; u32 duration=0; @@ -78,7 +78,7 @@ Index: gnupg-2.0.23/g10/sign.c pfx = new_progress_context (); afx = new_armor_context (); -@@ -739,7 +745,16 @@ sign_file( strlist_t filenames, int deta +@@ -778,7 +784,16 @@ sign_file (ctrl_t ctrl, strlist_t filena fname = NULL; if( fname && filenames->next && (!detached || encryptflag) ) @@ -96,7 +96,7 @@ Index: gnupg-2.0.23/g10/sign.c if(encryptflag==2 && (rc=setup_symkey(&efx.symkey_s2k,&efx.symkey_dek))) -@@ -767,7 +782,7 @@ sign_file( strlist_t filenames, int deta +@@ -799,7 +814,7 @@ sign_file (ctrl_t ctrl, strlist_t filena goto leave; /* prepare iobufs */ @@ -105,16 +105,16 @@ Index: gnupg-2.0.23/g10/sign.c inp = NULL; /* we do it later */ else { inp = iobuf_open(fname); -@@ -900,7 +915,7 @@ sign_file( strlist_t filenames, int deta - gcry_md_enable (mfx.md, hash_for(sk)); - } +@@ -938,7 +953,7 @@ sign_file (ctrl_t ctrl, strlist_t filena + for (sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next) + gcry_md_enable (mfx.md, hash_for (sk_rover->pk)); - if( !multifile ) + if( !multifile && !opt.files_are_digests ) iobuf_push_filter( inp, md_filter, &mfx ); - if( detached && !encryptflag && !RFC1991 ) -@@ -955,6 +970,8 @@ sign_file( strlist_t filenames, int deta + if( detached && !encryptflag) +@@ -993,6 +1008,8 @@ sign_file (ctrl_t ctrl, strlist_t filena write_status_begin_signing (mfx.md); @@ -123,7 +123,7 @@ Index: gnupg-2.0.23/g10/sign.c /* Setup the inner packet. */ if( detached ) { if( multifile ) { -@@ -995,6 +1012,45 @@ sign_file( strlist_t filenames, int deta +@@ -1033,6 +1050,45 @@ sign_file (ctrl_t ctrl, strlist_t filena if( opt.verbose ) putc( '\n', stderr ); } @@ -169,14 +169,14 @@ Index: gnupg-2.0.23/g10/sign.c else { /* read, so that the filter can calculate the digest */ while( iobuf_get(inp) != -1 ) -@@ -1012,8 +1068,8 @@ sign_file( strlist_t filenames, int deta +@@ -1050,8 +1106,8 @@ sign_file (ctrl_t ctrl, strlist_t filena /* write the signatures */ rc = write_signature_packets (sk_list, out, mfx.md, - opt.textmode && !outfile? 0x01 : 0x00, -- 0, duration, detached ? 'D':'S'); +- 0, duration, detached ? 'D':'S', NULL); + sigclass, -+ timestamp, duration, detached ? 'D':'S'); ++ timestamp, duration, detached ? 'D':'S', NULL); if( rc ) goto leave; diff --git a/gnupg-2.0.18-tmpdir.diff b/gnupg-2.0.18-tmpdir.diff deleted file mode 100644 index e2c8b06..0000000 --- a/gnupg-2.0.18-tmpdir.diff +++ /dev/null @@ -1,41 +0,0 @@ -diff -rup gnupg-2.0.18.orig/agent/gpg-agent.c gnupg-2.0.18/agent/gpg-agent.c ---- gnupg-2.0.18.orig/agent/gpg-agent.c 2011-08-04 10:57:02.000000000 +0100 -+++ gnupg-2.0.18/agent/gpg-agent.c 2011-08-06 21:01:32.000000000 +0100 -@@ -1002,6 +1002,10 @@ main (int argc, char **argv ) - gnupg_fd_t fd_ssh; - pid_t pid; - -+ char *tmp1, *tmp; -+ char *tmp2 = "gpg-XXXXXX/S.gpg-agent"; -+ size_t len; -+ - /* Remove the DISPLAY variable so that a pinentry does not - default to a specific display. There is still a default - display when gpg-agent was started using --display or a -@@ -1013,13 +1017,23 @@ main (int argc, char **argv ) - unsetenv ("DISPLAY"); - #endif - -+ if ((tmp1 = getenv("TMPDIR")) == NULL) -+ tmp1 = "/tmp"; -+ -+ len = strlen(tmp1) + strlen(tmp2) + 10; -+ tmp = malloc(len); -+ -+ snprintf(tmp, len, "%s%s%s", tmp1, tmp1 && strlen(tmp1) > 0 ? "/" : "", tmp2); - - /* Create the sockets. */ - socket_name = create_socket_name -- ("S.gpg-agent", "/tmp/gpg-XXXXXX/S.gpg-agent"); -- if (opt.ssh_support) -+ ("S.gpg-agent", tmp); -+ if (opt.ssh_support) { -+ snprintf(tmp, len, "%s%s%s.ssh", tmp1, tmp1 && strlen(tmp1) > 0 ? "/" : "", tmp2); - socket_name_ssh = create_socket_name -- ("S.gpg-agent.ssh", "/tmp/gpg-XXXXXX/S.gpg-agent.ssh"); -+ ("S.gpg-agent.ssh", tmp); -+ } -+ free(tmp); - - fd = create_server_socket (socket_name, 0, &socket_nonce); - if (opt.ssh_support) diff --git a/gnupg-2.0.20-automake113.diff b/gnupg-2.0.20-automake113.diff deleted file mode 100644 index 280a729..0000000 --- a/gnupg-2.0.20-automake113.diff +++ /dev/null @@ -1,13 +0,0 @@ -Index: gnupg-2.0.20/tests/openpgp/Makefile.am -=================================================================== ---- gnupg-2.0.20.orig/tests/openpgp/Makefile.am -+++ gnupg-2.0.20/tests/openpgp/Makefile.am -@@ -25,7 +25,7 @@ required_pgms = ../../g10/gpg2 ../../age - - - TESTS_ENVIRONMENT = GNUPGHOME=$(abs_builddir) GPG_AGENT_INFO= LC_ALL=C \ -- ../../agent/gpg-agent --quiet --daemon sh -+ ../../agent/gpg-agent --quiet --daemon - - - TESTS = version.test mds.test \ diff --git a/gnupg-2.0.26.tar.bz2 b/gnupg-2.0.26.tar.bz2 deleted file mode 100644 index 62bcaf2..0000000 --- a/gnupg-2.0.26.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:7758e30dc382ae7a7167ed41b7f936aa50af5ea2d6fccdef663b5b750b65b8e0 -size 4303384 diff --git a/gnupg-2.0.26.tar.bz2.sig b/gnupg-2.0.26.tar.bz2.sig deleted file mode 100644 index 21abd1d5cbfedd629f22cec1ac9a85fb4ff4a6bc2302f8c55072618189403b6d..0000000000000000000000000000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 287 zcmV+)0pR|L0UQJX0SEvF1p-s*UWot-2@oWkInqxh={dq$r4tnE3t7bK%U-u6iRKt*~|P{J=51l!(OF%?N!t? zU;SZk4pPT@g4aZocYA%J2b|qin$-pWGZ$d)x6aKg*(zm1;LuXsxT;LTfJh4JZkxW? z-ZweGPM?&`2x4aN|KXpbUOS3A{l>fz7q{F&!GqoEt}+u3xFGPD7r}JM7N|IE3aoE9 l1<4vdhrT+tdet%{<91&9ISB7XcprVz*yn;`ua8Xi;0XPWjBo$| diff --git a/gnupg-2.0.4-install_tools.diff b/gnupg-2.0.4-install_tools.diff index d533897..218de8e 100644 --- a/gnupg-2.0.4-install_tools.diff +++ b/gnupg-2.0.4-install_tools.diff @@ -1,8 +1,8 @@ Index: tools/Makefile.am =================================================================== ---- tools/Makefile.am.orig -+++ tools/Makefile.am -@@ -32,8 +32,8 @@ sbin_SCRIPTS = addgnupghome applygnupgde +--- tools/Makefile.am.orig 2014-11-06 18:12:17.743916141 +0100 ++++ tools/Makefile.am 2014-11-06 18:13:17.073677366 +0100 +@@ -36,8 +36,8 @@ sbin_SCRIPTS = addgnupghome applygnupgde bin_SCRIPTS = gpgsm-gencert.sh if HAVE_USTAR @@ -13,20 +13,21 @@ Index: tools/Makefile.am endif if BUILD_SYMCRYPTRUN -@@ -51,14 +51,14 @@ endif - - bin_PROGRAMS = gpgconf gpg-connect-agent gpgkey2ssh ${symcryptrun} ${gpgtar} +@@ -55,7 +55,7 @@ endif + # Fixme: We should remove the gpgkey2ssh tool. + bin_PROGRAMS = gpgconf gpg-connect-agent ${symcryptrun} if !HAVE_W32_SYSTEM -bin_PROGRAMS += watchgnupg gpgparsemail +bin_PROGRAMS += watchgnupg gpgparsemail gpgsplit endif - - if !DISABLE_REGEX - libexec_PROGRAMS = gpg-check-pattern + if !HAVE_W32CE_SYSTEM + bin_PROGRAMS += gpgkey2ssh ${gpgtar} +@@ -66,7 +66,7 @@ libexec_PROGRAMS = gpg-check-pattern endif + if !HAVE_W32CE_SYSTEM -noinst_PROGRAMS = clean-sat mk-tdata make-dns-cert gpgsplit +noinst_PROGRAMS = clean-sat mk-tdata make-dns-cert + endif - common_libs = $(libcommon) ../jnlib/libjnlib.a ../gl/libgnu.a - pwquery_libs = ../common/libsimple-pwquery.a + common_libs = $(libcommon) ../gl/libgnu.a diff --git a/gnupg-2.0.9-langinfo.patch b/gnupg-2.0.9-langinfo.patch index e6463cc..e7c22d8 100644 --- a/gnupg-2.0.9-langinfo.patch +++ b/gnupg-2.0.9-langinfo.patch @@ -3,12 +3,12 @@ # jnlib/utf8conv.c | 1 + # 1 file changed, 1 insertion(+) # -Index: gnupg-2.0.21/jnlib/utf8conv.c +Index: gnupg-2.1.0/common/utf8conv.c =================================================================== ---- gnupg-2.0.21.orig/jnlib/utf8conv.c 2013-08-19 09:55:30.000000000 +0100 -+++ gnupg-2.0.21/jnlib/utf8conv.c 2013-08-19 18:53:22.000000000 +0100 -@@ -148,6 +148,7 @@ set_native_charset (const char *newset) - #else /*!HAVE_W32_SYSTEM*/ +--- gnupg-2.1.0.orig/common/utf8conv.c 2014-10-11 19:45:14.000000000 +0200 ++++ gnupg-2.1.0/common/utf8conv.c 2014-11-07 11:35:05.491413258 +0100 +@@ -198,6 +198,7 @@ set_native_charset (const char *newset) + #else /*!HAVE_W32_SYSTEM && !HAVE_ANDROID_SYSTEM*/ #ifdef HAVE_LANGINFO_CODESET + setlocale(LC_ALL, ""); diff --git a/gnupg-2.1.0-boo-907198-openpgp_oid_to_str-buffer-overflow.patch b/gnupg-2.1.0-boo-907198-openpgp_oid_to_str-buffer-overflow.patch new file mode 100644 index 0000000..9a46d79 --- /dev/null +++ b/gnupg-2.1.0-boo-907198-openpgp_oid_to_str-buffer-overflow.patch @@ -0,0 +1,77 @@ +From: Werner Koch +Date: Tue, 25 Nov 2014 11:58:56 +0100 +Subject: [PATCH] Fix buffer overflow in openpgp_oid_to_str. +References: boo#907198 http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=8445ef24fc31e1fe0291e17f90f9f06b536e34da +Upstream: committed + +* common/openpgp-oid.c (openpgp_oid_to_str): Fix unsigned underflow. + +* common/t-openpgp-oid.c (BADOID): New. +(test_openpgp_oid_to_str): Add test cases. +-- + +The code has an obvious error by not considering invalid encoding for +arc-2. A first byte of 0x80 can be used to make a value of less then +80 and we then subtract 80 from that value as required by the OID +encoding rules. Due to the unsigned integer this results in a pretty +long value which won't fit anymore into the allocated buffer. + +The fix is obvious. Also added a few simple test cases. Note that we +keep on using sprintf instead of snprintf because managing the +remaining length of the buffer would probably be more error prone than +assuring that the buffer is large enough. Getting rid of sprintf +altogether by using direct conversion along with membuf_t like code +might be possible. + +Reported-by: Hanno Böck +Signed-off-by: Werner Koch + +Ported from libksba commit f715b9e156dfa99ae829fc694e5a0abd23ef97d7 +--- + common/openpgp-oid.c | 2 ++ + common/t-openpgp-oid.c | 9 +++++++++ + 2 files changed, 11 insertions(+) + +diff --git a/common/openpgp-oid.c b/common/openpgp-oid.c +index 010c23f..d3d1f2a 100644 +--- a/common/openpgp-oid.c ++++ b/common/openpgp-oid.c +@@ -236,6 +236,8 @@ openpgp_oid_to_str (gcry_mpi_t a) + val <<= 7; + val |= buf[n] & 0x7f; + } ++ if (val < 80) ++ goto badoid; + val -= 80; + sprintf (p, "2.%lu", val); + p += strlen (p); +diff --git a/common/t-openpgp-oid.c b/common/t-openpgp-oid.c +index 79e5a70..5cd778d 100644 +--- a/common/t-openpgp-oid.c ++++ b/common/t-openpgp-oid.c +@@ -32,6 +32,9 @@ + } while(0) + + ++#define BADOID "1.3.6.1.4.1.11591.2.12242973" ++ ++ + static void + test_openpgp_oid_from_str (void) + { +@@ -108,6 +111,12 @@ test_openpgp_oid_to_str (void) + { "1.3.132.0.35", + { 5, 0x2B, 0x81, 0x04, 0x00, 0x23 }}, + ++ { BADOID, ++ { 9, 0x80, 0x02, 0x70, 0x50, 0x25, 0x46, 0xfd, 0x0c, 0xc0 }}, ++ ++ { BADOID, ++ { 1, 0x80 }}, ++ + { NULL }}; + gcry_mpi_t a; + int idx; +-- +1.7.10.4 + diff --git a/gnupg-2.1.0.tar.bz2 b/gnupg-2.1.0.tar.bz2 new file mode 100644 index 0000000..510940c --- /dev/null +++ b/gnupg-2.1.0.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:16a8c3f50a15bf37d2dfb1c5e4bb3ec533e1d0b6a4043ff3680a376a3ad4058b +size 3111585 diff --git a/gnupg-2.1.0.tar.bz2.sig b/gnupg-2.1.0.tar.bz2.sig new file mode 100644 index 0000000000000000000000000000000000000000000000000000000000000000..48b9d857fe4238792ee08ed5820a51bf116213e86b22f21dc55eedf3feddb5b3 GIT binary patch literal 861 zcmV-j1ETzi0UQJX0SEvF1p-uBMcV)h2@oWkInqxhnr-=OX@$|FC!e#X&6>73>y_MBSYk7e|1MCH1T zi9wR;_OTQQnq5(!bBp637qnc@$9q>=YoKmCMz7fDE7J!31y>EtP4zr2QVWZi9%~?Pqw!)R4aCz=(!l)<3IPqHOV1-* za)C)gGjw+;3bIFQNVl|;sGg}pUbI6oV;F~MLcBA(IRapmJ=qN+|B2v01`U!P~CXt@ce_L zYohWT+=^Q^FQo){C}+&LQdu~zT~VI{3=`i6>6tH@?LF-hhQUe9=_=&wo89o|eIf7e zM4pXgj$mm%iHQLm1ONdD00spDR9iW00162ZAaSsYGrd0sN{Cw7xu zG$sGgSLuGc9(SL>)s&JgvnRMY(h2!Mdsrd_H{^IpKg!#TFo6$ml`PQ>+bTxlcp6*x zxNoHCC7Ctcom%7##)s-3%!?(b&jToe5_=Cu2-kx%Bzs9Q`k&UX>2d;)!}arcc)&?B z>KaA+Tnq%Vyno|bIl`Dl-)jK6AAT%yBWMW`B?MyYN0n{#Bk)A9uozAAteX7+uq&1| n2F#pgpLH>iWLOBUjQRRz$u>5qaeUC`^}Z literal 0 HcmV?d00001 diff --git a/gnupg-add_legacy_FIPS_mode_option.patch b/gnupg-add_legacy_FIPS_mode_option.patch index 6ac0990..2b53225 100644 --- a/gnupg-add_legacy_FIPS_mode_option.patch +++ b/gnupg-add_legacy_FIPS_mode_option.patch @@ -3,11 +3,11 @@ g10/gpg.c | 9 +++++++++ 2 files changed, 27 insertions(+) -Index: gnupg-2.0.23/doc/gpg.texi +Index: gnupg-2.1.0/doc/gpg.texi =================================================================== ---- gnupg-2.0.23.orig/doc/gpg.texi 2014-06-03 22:22:56.000000000 +0100 -+++ gnupg-2.0.23/doc/gpg.texi 2014-06-03 22:25:03.000000000 +0100 -@@ -1851,6 +1851,24 @@ implies, this option is for experts only +--- gnupg-2.1.0.orig/doc/gpg.texi 2014-11-06 18:31:32.218688065 +0100 ++++ gnupg-2.1.0/doc/gpg.texi 2014-11-06 18:31:33.871709178 +0100 +@@ -1828,6 +1828,24 @@ implies, this option is for experts only understand the implications of what it allows you to do, leave this off. @option{--no-expert} disables this option. @@ -32,19 +32,19 @@ Index: gnupg-2.0.23/doc/gpg.texi @end table -Index: gnupg-2.0.23/g10/gpg.c +Index: gnupg-2.1.0/g10/gpg.c =================================================================== ---- gnupg-2.0.23.orig/g10/gpg.c 2014-06-03 22:24:52.000000000 +0100 -+++ gnupg-2.0.23/g10/gpg.c 2014-06-03 22:25:56.000000000 +0100 -@@ -369,6 +369,7 @@ enum cmd_and_opt_values - oAllowMultipleMessages, +--- gnupg-2.1.0.orig/g10/gpg.c 2014-11-06 18:31:32.220688090 +0100 ++++ gnupg-2.1.0/g10/gpg.c 2014-11-06 18:32:03.833091859 +0100 +@@ -380,6 +380,7 @@ enum cmd_and_opt_values oNoAllowMultipleMessages, oAllowWeakDigestAlgos, + oFakedSystemTime, + oSetLegacyFips, oNoop }; -@@ -746,6 +747,7 @@ static ARGPARSE_OPTS opts[] = { +@@ -772,6 +773,7 @@ static ARGPARSE_OPTS opts[] = { ARGPARSE_s_n (oAllowMultipleMessages, "allow-multiple-messages", "@"), ARGPARSE_s_n (oNoAllowMultipleMessages, "no-allow-multiple-messages", "@"), ARGPARSE_s_n (oAllowWeakDigestAlgos, "allow-weak-digest-algos", "@"), @@ -52,8 +52,8 @@ Index: gnupg-2.0.23/g10/gpg.c /* These two are aliases to help users of the PGP command line product use gpg with minimal pain. Many commands are common -@@ -2959,6 +2961,13 @@ main (int argc, char **argv) - opt.flags.allow_weak_digest_algos = 1; +@@ -3138,6 +3140,13 @@ main (int argc, char **argv) + } break; + case oSetLegacyFips: diff --git a/gnupg-detect_FIPS_mode.patch b/gnupg-detect_FIPS_mode.patch index 3e96ea4..efacf41 100644 --- a/gnupg-detect_FIPS_mode.patch +++ b/gnupg-detect_FIPS_mode.patch @@ -1,37 +1,24 @@ -Index: gnupg-2.0.19/g10/encode.c +Index: gnupg-2.1.0/g10/encrypt.c =================================================================== ---- gnupg-2.0.19.orig/g10/encode.c 2013-03-14 14:23:58.009483967 +0100 -+++ gnupg-2.0.19/g10/encode.c 2013-03-14 15:49:50.524306304 +0100 -@@ -732,7 +732,10 @@ encrypt_filter( void *opaque, int contro - if( efx->cfx.dek->algo == -1 ) { - /* because 3DES is implicitly in the prefs, this can only - * happen if we do not have any public keys in the list */ -- efx->cfx.dek->algo = DEFAULT_CIPHER_ALGO; +--- gnupg-2.1.0.orig/g10/encrypt.c 2014-11-06 18:27:35.176659675 +0100 ++++ gnupg-2.1.0/g10/encrypt.c 2014-11-06 18:29:10.987883901 +0100 +@@ -783,7 +783,10 @@ encrypt_filter (void *opaque, int contro + /* Because 3DES is implicitly in the prefs, this can + only happen if we do not have any public keys in + the list. */ +- efx->cfx.dek->algo = DEFAULT_CIPHER_ALGO; + /* Libgcrypt manual says that gcry_version_check must be called + before calling gcry_fips_mode_active. */ + gcry_check_version (NULL); + efx->cfx.dek->algo = gcry_fips_mode_active() ? CIPHER_ALGO_AES : DEFAULT_CIPHER_ALGO; } - /* In case 3DES has been selected, print a warning if -Index: gnupg-2.0.19/g10/gpg.c + /* In case 3DES has been selected, print a warning if +Index: gnupg-2.1.0/g10/mainproc.c =================================================================== ---- gnupg-2.0.19.orig/g10/gpg.c 2013-03-14 14:24:00.031545611 +0100 -+++ gnupg-2.0.19/g10/gpg.c 2013-03-14 14:24:37.495687612 +0100 -@@ -1975,7 +1975,7 @@ main (int argc, char **argv) - opt.compress_algo = -1; /* defaults to DEFAULT_COMPRESS_ALGO */ - opt.s2k_mode = 3; /* iterated+salted */ - opt.s2k_count = 0; /* Auto-calibrate when needed. */ -- opt.s2k_cipher_algo = CIPHER_ALGO_CAST5; -+ opt.s2k_cipher_algo = gcry_fips_mode_active() ? CIPHER_ALGO_AES : CIPHER_ALGO_CAST5; - opt.completes_needed = 1; - opt.marginals_needed = 3; - opt.max_cert_depth = 5; -Index: gnupg-2.0.19/g10/mainproc.c -=================================================================== ---- gnupg-2.0.19.orig/g10/mainproc.c 2013-03-14 14:23:58.011484028 +0100 -+++ gnupg-2.0.19/g10/mainproc.c 2013-03-14 15:50:50.970127383 +0100 -@@ -685,9 +685,15 @@ proc_plaintext( CTX c, PACKET *pkt ) +--- gnupg-2.1.0.orig/g10/mainproc.c 2014-11-06 18:27:33.243634973 +0100 ++++ gnupg-2.1.0/g10/mainproc.c 2014-11-06 18:27:35.178659700 +0100 +@@ -690,9 +690,15 @@ proc_plaintext( CTX c, PACKET *pkt ) often. There is no good way to specify what algorithms to use in that case, so these three are the historical answer. */ @@ -47,5 +34,5 @@ Index: gnupg-2.0.19/g10/mainproc.c + if( !gcry_fips_mode_active() ) + gcry_md_enable( c->mfx.md, DIGEST_ALGO_MD5 ); } - if( opt.pgp2_workarounds && only_md5 && !opt.skip_verify ) { - /* This is a kludge to work around a bug in pgp2. It does only + if (opt.pgp2_workarounds && only_md5 && !opt.skip_verify + && opt.flags.allow_weak_digest_algos) { diff --git a/gnupg-dont-fail-with-seahorse-agent.patch b/gnupg-dont-fail-with-seahorse-agent.patch index c5d9788..6302c8b 100644 --- a/gnupg-dont-fail-with-seahorse-agent.patch +++ b/gnupg-dont-fail-with-seahorse-agent.patch @@ -2,11 +2,11 @@ g10/passphrase.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) -Index: gnupg-2.0.23/g10/passphrase.c +Index: gnupg-2.1.0/g10/passphrase.c =================================================================== ---- gnupg-2.0.23.orig/g10/passphrase.c 2014-06-03 07:59:18.000000000 +0100 -+++ gnupg-2.0.23/g10/passphrase.c 2014-06-03 22:37:30.000000000 +0100 -@@ -72,7 +72,7 @@ encode_s2k_iterations (int iterations) +--- gnupg-2.1.0.orig/g10/passphrase.c 2014-11-07 16:52:11.080483153 +0100 ++++ gnupg-2.1.0/g10/passphrase.c 2014-11-07 16:52:11.996494299 +0100 +@@ -71,7 +71,7 @@ encode_s2k_iterations (int iterations) { /* Don't print an error if an older agent is used. */ if (err && gpg_err_code (err) != GPG_ERR_ASS_PARAMETER) diff --git a/gnupg-remove_development_version_warning.patch b/gnupg-remove_development_version_warning.patch new file mode 100644 index 0000000..b265147 --- /dev/null +++ b/gnupg-remove_development_version_warning.patch @@ -0,0 +1,15 @@ +Index: gnupg-2.1.0/autogen.sh +=================================================================== +--- gnupg-2.1.0.orig/autogen.sh 2014-11-05 09:04:41.000000000 +0100 ++++ gnupg-2.1.0/autogen.sh 2014-11-11 17:46:57.154859332 +0100 +@@ -228,8 +228,8 @@ if [ "$myhost" = "find-version" ]; then + rvd=$((0x$(echo ${rev} | head -c 4))) + else + ingit=no +- beta=yes +- tmp="-unknown" ++ beta=no ++ tmp="" + rev="0000000" + rvd="0" + fi diff --git a/gnupg-set_umask_before_open_outfile.patch b/gnupg-set_umask_before_open_outfile.patch index f941a41..39eb8c2 100644 --- a/gnupg-set_umask_before_open_outfile.patch +++ b/gnupg-set_umask_before_open_outfile.patch @@ -1,14 +1,14 @@ -Index: gnupg-2.0.20/g10/plaintext.c +Index: gnupg-2.1.0/g10/plaintext.c =================================================================== ---- gnupg-2.0.20.orig/g10/plaintext.c 2013-05-13 14:26:49.290737159 +0200 -+++ gnupg-2.0.20/g10/plaintext.c 2013-05-13 14:43:21.740575875 +0200 +--- gnupg-2.1.0.orig/g10/plaintext.c 2014-11-07 11:35:18.100563974 +0100 ++++ gnupg-2.1.0/g10/plaintext.c 2014-11-07 16:51:59.919347340 +0100 @@ -25,6 +25,7 @@ #include #include #include +#include #ifdef HAVE_DOSISH_SYSTEM - #include /* for setmode() */ + # include /* for setmode() */ #endif @@ -39,6 +40,9 @@ #include "status.h" @@ -18,20 +18,21 @@ Index: gnupg-2.0.20/g10/plaintext.c +#define GPG_SAFE_PERMS (S_IRUSR | S_IWUSR) +#define GPG_SAFE_UMASK (0777 & ~GPG_SAFE_PERMS) - /**************** - * Handle a plaintext packet. If MFX is not NULL, update the MDs -@@ -140,10 +144,15 @@ handle_plaintext( PKT_plaintext *pt, md_ - log_error(_("error creating `%s': %s\n"), fname, strerror(errno) ); - goto leave; - } -- else if( !(fp = fopen(fname,"wb")) ) { -- rc = gpg_error_from_syserror (); -- log_error(_("error creating `%s': %s\n"), fname, strerror(errno) ); -- goto leave; + /* Handle a plaintext packet. If MFX is not NULL, update the MDs + * Note: We should have used the filter stuff here, but we have to add +@@ -169,11 +173,15 @@ handle_plaintext (PKT_plaintext * pt, md + log_error (_("error creating '%s': %s\n"), fname, gpg_strerror (err)); + goto leave; + } +- else if (!(fp = es_fopen (fname, "wb"))) +- { +- err = gpg_error_from_syserror (); +- log_error (_("error creating '%s': %s\n"), fname, gpg_strerror (err)); +- goto leave; + else { + mode_t saved_umask = umask(GPG_SAFE_UMASK); -+ if( !(fp = fopen(fname,"wb")) ) { -+ rc = gpg_error_from_syserror (); ++ if( !(fp = es_fopen(fname,"wb")) ) { ++ err = gpg_error_from_syserror (); + log_error(_("error creating `%s': %s\n"), fname, strerror(errno) ); + umask(saved_umask); + goto leave; @@ -39,4 +40,4 @@ Index: gnupg-2.0.20/g10/plaintext.c + umask(saved_umask); } #else /* __riscos__ */ - /* If no output filename was given, i.e. we constructed it, + /* If no output filename was given, i.e. we constructed it, convert diff --git a/gpg2.changes b/gpg2.changes index 6c0b64c..6c3d681 100644 --- a/gpg2.changes +++ b/gpg2.changes @@ -1,3 +1,59 @@ +------------------------------------------------------------------- +Wed Nov 26 19:21:15 UTC 2014 - andreas.stieger@gmx.de + +- fix buffer overflow in OID to string conversion function + [boo#907198], adding + gnupg-2.1.0-boo-907198-openpgp_oid_to_str-buffer-overflow.patch + +------------------------------------------------------------------- +Tue Nov 11 16:10:04 UTC 2014 - vcizek@suse.com + +- obsolete dirmngr (shipped with gpg since 2.1.0) +- spec cleanup after previous update +- get rid of "THIS IS A DEVELOPMENT VERSION" warning + http://lists.gnupg.org/pipermail/gnupg-devel/2014-November/029065.html + * added gnupg-remove_development_version_warning.patch + +------------------------------------------------------------------- +Thu Nov 6 17:32:39 UTC 2014 - vcizek@suse.com + +- upgrade to 2.1.0 (modern) + - The file "secring.gpg" is not anymore used to store the secret + keys. Merging of secret keys is now supported. + - All support for PGP-2 keys has been removed for security reasons. + - The standard key generation interface is now much leaner. This + will help a new user to quickly generate a suitable key. + - Support for Elliptic Curve Cryptography (ECC) is now available. + - Commands to create and sign keys from the command line without any + extra prompts are now available. + - The Pinentry may now show the new passphrase entry and the + passphrase confirmation entry in one dialog. + - There is no more need to manually start the gpg-agent. It is now + started by any part of GnuPG as needed. + - Problems with importing keys with the same long key id have been + addressed. + - The Dirmngr is now part of GnuPG proper and also takes care of + accessing keyserver. + - Keyserver pools are now handled in a smarter way. + - A new format for locally storing the public keys is now used. + This considerable speeds up operations on large keyrings. + - Revocation certificates are now created by default. + - Card support has been updated, new readers and token types are + supported. + - The format of the key listing has been changed to better identify + the properties of a key. + - The gpg-agent may now be used on Windows as a Pageant replacement + for Putty in the same way it is used for years on Unix as + ssh-agent replacement. + - Creation of X.509 certificates has been improved. It is now also + possible to export them directly in PKCS#8 and PEM format for use + on TLS servers. +- dropped patches: + * gnupg-2.0.20-automake113.diff + * gnupg-2.0.18-tmpdir.diff (socket is created in homedir now) +- refresh most of the remaining patches +- added new BuildRequires: gnutls-devel, pkg-config, npth-devel + ------------------------------------------------------------------- Tue Aug 12 20:19:45 UTC 2014 - andreas.stieger@gmx.de diff --git a/gpg2.keyring b/gpg2.keyring index 86dc5ba..4637a2d 100644 --- a/gpg2.keyring +++ b/gpg2.keyring @@ -1,521 +1,99 @@ - - - - -GnuPG - Signature Key - - - - - - - - - - - - -
- -
-

Signature Key

-
-

-To guarantee that GnuPG versions you download has not been hacked by -some malicious person, tarballs are signed. -

- -

-Signature key is reported below. It can also be retrieved from the key -servers or obtained from the GnuPG source tree (doc/samplekeys.asc). -

- -

-Instructions on how to verify the signature is available within README -file of GnuPG distributions. -

- -
-pub   2048R/4F25E3B6 2011-01-12 [expires: 2019-12-31]
-        Key fingerprint = D869 2123 C406 5DEA 5E0F  3AB5 249B 39D2 4F25 E3B6
-  uid                  Werner Koch (dist sig)
-  sub   2048R/AC87C71A 2011-01-12 [expires: 2019-12-31]
-
-Releases done in the years 1996 to 2010 are signed by this key:
-
-  pub   1024R/1CE0C630 2006-01-01 [expires: 2011-06-30]
-        Key fingerprint = 7B96 D396 E647 1601 754B  E4DB 53B6 20D0 1CE0 C630
-  uid                  Werner Koch (dist sig) <dd9jn@gnu.org>
-
-Releases done in the years 1998 to 2005 are signed by this key:
-
-  pub   1024D/57548DCD 1998-07-07 [expired: 2005-12-31]
-        Key fingerprint = 6BD9 050F D8FC 941B 4341  2DCC 68B7 AB89 5754 8DCD
-  uid                  Werner Koch (gnupg sig) <dd9jn@gnu.org>
-
-
 -----BEGIN PGP PUBLIC KEY BLOCK-----
-Version: GnuPG v2.0.17 (GNU/Linux)
+Version: GnuPG v2
 
-mQGiBDWiHh4RBAD+l0rg5p9rW4M3sKvmeyzhs2mDxhRKDTVVUnTwpMIR2kIA9pT4
-3No/coPajDvhZTaDM/vSz25IZDZWJ7gEu86RpoEdtr/eK8GuDcgsWvFs5+YpCDwW
-G2dx39ME7DN+SRvEE1xUm4E9G2Nnd2UNtLgg82wgi/ZK4Ih9CYDyo0a9awCgisn3
-RvZ/MREJmQq1+SjJgDx+c2sEAOEnxGYisqIKcOTdPOTTie7o7x+nem2uac7uOW68
-N+wRWxhGPIxsOdueMIa7U94Wg/Ydn4f2WngJpBvKNaHYmW8j1Q5zvZXXpIWRXSvy
-TR641BceGHNdYiR/PiDBJsGQ3ac7n7pwhV4qex3IViRDJWz5Dzr88x+Oju63KtxY
-urUIBACi7d1rUlHr4ok7iBRlWHYXU2hpUIQ8C+UOE1XXT+HB7mZLSRONQnWMyXnq
-bAAW+EUUX2xpb54CevAg4eOilt0es8GZMmU6c0wdUsnMWWqOKHBFFlDIvyI27aZ9
-quf0yvby63kFCanQKc0QnqGXQKzuXbFqBYW2UQrYgjXji8rd8bQnV2VybmVyIEtv
-Y2ggKGdudXBnIHNpZykgPGRkOWpuQGdudS5vcmc+iGIEExECACICGwMECwcDAgMV
-AgMDFgIBAh4BAheABQI/6YJpBQkMMyPLAAoJEGi3q4lXVI3Nou8AnAuw9XXJ9zYP
-7JP7ZbXUf9+00wO/AJsHB45GEJv878Q6SDZRNckFHh6SgIhGBBARAgAGBQI1oic8
-AAoJEGx+4bhiHMATftYAn1fOaKDUOt+dS38rB+CJ2Q+iElWJAKDRPpp8q5GylbM8
-DPlMpClWN3TYqYhGBBARAgAGBQI27U5sAAoJEF3iSZZbA1iiarYAn35qU3ZOlVEC
-ELE/3V6q98Q30eAaAKCtO+lacH0Qq1E6v4BP/9y6MoLIhohdBBMRAgAdAwsEAwUV
-AwIGAQMWAgECF4AFAj/pgnMFCQwzI8sACgkQaLeriVdUjc2CugCfZn7gqBWjafNb
-vZOAInCQA/Rw5zYAnRkyKWw5abGYQboHiwcwuQHiKvgYiF0EExECAB0DCwQDBRUD
-AgYBAxYCAQIXgAUCP+mCcwUJDDMjywAKCRBot6uJV1SNzYK6AJ9Gs4h+WWneZKYa
-keAjG+DlXy+0xwCfQG8pV6E6f7XZi+f0EId+DfiNRluIYQQTEQIAIQIXgAUJDhSH
-/QUCQbxoXgYLCQgHAwIDFQIDAxYCAQIeAQAKCRBot6uJV1SNzQSTAJ9Nd9d2oNLY
-I6xlGbQ5SmG5jSHjHgCdFKVbI8acpQXEo7DxPDAJIux29keIRgQQEQIABgUCNuj6
-3QAKCRAHAyqWiQTI4hKYAKDNyIrKze113YZz/ZZsdFCShO0rBQCcDFiAZxivd6I7
-ll4fWIA0ckmSmaiIRgQQEQIABgUCOcwPPAAKCRAyw1uAR7qTV/b8AJ9WUVGMiFle
-V6EVCKuxKc9YnfoQ1QCgzGUqNeYfb3xgI68racTrOXJVvhuIPwMFED1dFpBsryRo
-IByznhECwRQAn1Ho60oFxkas1xl+sCpZ80cukB8fAJ48MPZI3wHW7Vf9egVKS3EO
-76eEJYhGBBARAgAGBQI1pysWAAoJEAQ1xdJF3KZpeMoAmwZEvOS95jEKj/HnbFBD
-Dp5C4dw0AJ4nsZgDnGDAG7FCEJI6+LoIIUit44hGBBARAgAGBQI1pytxAAoJEITk
-+JQB5ZloGOgAnjVcqopXEyMYEZfF98STKmutKPiKAJ9xHmxZW3KtVSTRf/ITSNSs
-/0gClIhGBBARAgAGBQI21moBAAoJEJKyepXkBBOquBcAoNljEbSHXMLH54/J4Hit
-AsiI18amAKDrDLnxCzmC+8m/OTNu4mZamePP3ohGBBARAgAGBQI314yyAAoJENa2
-+kuMjp8j2KwAoK9+TObp3jf+TwnPVIfXGkmHSbcMAKDo8zs+isKynXOMF2g50STZ
-waWTHYhGBBARAgAGBQI32QNDAAoJEM024CF+PI6rjjkAoKo8mBja4lOGW+miluBh
-3LiTaDNJAKDQrqc4kkfaQcVlXjDVYVael74oJohGBBARAgAGBQI4JoPuAAoJENXo
-h0OUdhKzCAMAnRfk1mf0+yiUdMuSENhKMXyysZ2sAKCvMSdEEmGomWCgsQfLWMzC
-LR7+5YhGBBARAgAGBQI4WM8aAAoJEHEtCxfQPYpPbZwAnRr7nX029eq1E0Pv9FwQ
-rgs3Zu+nAJ4s25RKi089/avsVVqnm87egAzB2YhGBBARAgAGBQI4XUq+AAoJEEPM
-0G/dqdt2qekAoN1HvYZQ6AxvNVLx3M06s/ytk21NAKDNn0RgGyCBiyQeLuV3Gkuq
-xke7kIhGBBARAgAGBQI4YMPoAAoJEHFG8OMwcClIpb0An1H9sxwJF5/2bKL0HZsL
-XO43aq1sAJ9z7U0cOGYNIrRNpHlJ67ZPJX0tx4hGBBARAgAGBQI4mP1QAAoJEGXc
-QrfU5YAmi8wAnihZi/5OG9CnzMx1UKdtBAvvt4t2AJ9lX+jCeoO3TF8QykdMXSFI
-dDHL3ohGBBARAgAGBQI4q/0WAAoJEDW6YX9GCEVakzQAmgNaF00/D/eOgHmtLEjE
-0IH1H2yUAJ9EKs47I9s8U7IYJOGoQRy7LD1JRYhGBBARAgAGBQI4vt9pAAoJEC5A
-rMtkcKsmHDkAoL3TIizomIuEKO6vwHMFcFndsaAaAKCJAkq+I2mjYimFE7ajlaL0
-jyecGohGBBARAgAGBQI483onAAoJEIQ/V9estY1PhJYAn0hEgISY812GhhZRzuE/
-sc5RWEd+AJ9SxHhtH0oJNrKcGYq8AoD9yJMGHohGBBARAgAGBQI5DSiPAAoJEFL+
-72cgfnGZx5UAn1UiUx9sLoaeLeMtdmztURfk1ZAJAKCJ3juG6XKBMjLl4+SmCM47
-VkM/9ohGBBARAgAGBQI5Rs0pAAoJEH/i7V71FDsqLkoAnivh01I3uQurWc5bnb7f
-T1GIOmfyAJwOE/KCrJV89Rko61XC+20dlzKzGohGBBARAgAGBQI5TM2WAAoJEAJx
-6COq/B+4jTYAnjOMlKc5tuqspHgAUgAVmBda5XNGAKCIqZ3Fu33suLyRABGZ+tN3
-tJ1QZ4hGBBARAgAGBQI5Zs0MAAoJEEcWKRmClXtmuPEAoJe7siEXNYVflP+Glf71
-M2xvkSa3AKCerd0dwvhmi4Ao4ujBnuZI4YUIhIhGBBARAgAGBQI5bedgAAoJEDLG
-kzuo7SAfxjMAn2I7CSRyEz8mkaD3emaM1WYxvbb5AKCFOlNjoxNmu3SSWfgrW1EE
-SYPQY4hGBBARAgAGBQI5kqZcAAoJEMfg9pSiTYtOVeUAoMTgBNUjD+AYQEzIU1zY
-kiW1NgZhAKDW3GzsDPqzs3nF+mkMnggYPFnEnohGBBARAgAGBQI5tN9hAAoJENGO
-Dw57qpD6cEkAoLm4o/nqc2SDZ2eKr5hYDTUfWBlCAJ9g8KJvMM6+/1tEPaolM/hV
-WKBx6ohGBBARAgAGBQI5ypYLAAoJEJ853fBeKcbCFbgAn3PjBy25SYCXCOWeNg+H
-ebn7Pi7GAKDKtfxnXigrcdNvARmZtWHNMzvHMIhGBBARAgAGBQI5zQ+XAAoJEPd9
-ddcOjOSBz8YAn2a5jCk052U+frr+sFRQ1MqKmrxKAJ9J71OdRNZLefkD7ihJ2Ymc
-o8Gsp4hGBBARAgAGBQI5zzSCAAoJEKZZdW0/TbZp0ssAn1qZ7PJCIHf6ErUG111c
-5bWjCbW3AKC/3Cf/ZNZK2mKZOmfCCRn9sBBlRYhGBBARAgAGBQI55+EEAAoJEEQ0
-VrKnu+CclHMAoNOx0T2hZqYtHoxhruXjMvAOpfHtAKCvYm+l6Yah/UuM6OrsKbXr
-7ulq9YhGBBARAgAGBQI58yQiAAoJEOY1PDi4UosBhq8AoN9OP59IYJ+NQYJmpdoy
-PFgJitPfAJ4tlu7qDh0lpQUBJKIrCjG0od4yIYhGBBARAgAGBQI6A6zWAAoJEAa2
-rnqGiisg4Y0An2Y/8oNJ+Oj40zqQGYn0rCZNTbbqAKDmvIQiqEcdQn/SoIhELxW2
-YZs+WYhGBBARAgAGBQI6Gfa2AAoJEL4aU+syO97mR7kAnjSX4QP7gR6x1BYTCC89
-u2gSXAQtAJ9nReACgNU/D+TLqimlMS9TqnTyZIhGBBARAgAGBQI6QjVhAAoJEN9J
-A6fJssLArhgAoMONOWaoVjK4DXsFNID5Zc/kvVevAKC3q/YHRHK92h4cWcZmaY7E
-cuMP7YhGBBARAgAGBQI6c0fgAAoJEIj3xI8iNZX1HdIAnAug/Inx3NbV/a5vNgES
-SQc3jWn1AJ4pu8BlA1FywwpMkIC6GXAWeHsoaohGBBARAgAGBQI6kBGJAAoJEPOk
-M758VsXv+K8An0lw/DejITM3yqmem+l/5GoP3Uv0AJ9kDPVOHQq1JfJDk3WWz/jQ
-vh3MdIhGBBARAgAGBQI6k/ROAAoJEGnBgyv5Otrs1aQAoNARp9b/2AqdQ0Ug0moS
-RhRexiUuAJkBwZY54+uszs8Q7P+HTeSqWVi3zohGBBARAgAGBQI6ln0BAAoJEKu/
-XM0hJhuIIhgAoP6jS+IboXddicsmt6kyXhWBYDJtAKDljV7NQnqWDBmdRzYW3CYh
-/hvPyIhGBBARAgAGBQI6nlT1AAoJEPqlSVpCsy/Jc7wAn12uIYBL9WfhmS2Sh0O+
-mIO2j580AJ9nJvBuz4q07lkgDUFVJQlruD1IfIhGBBARAgAGBQI6xKZNAAoJECAs
-PjFYbhLlDsgAn0tfgJSaxWUd5s0ZGmKob7b84onEAKC15V+DRTrE1tArKxy/itSN
-iMtQG4hGBBARAgAGBQI6zP4MAAoJEP2mrjmFey4hMioAn0UGCzQKKSmQqGw0B3x8
-abYWUC+aAJ9cpULGVtTlggjdM2AEDI+LaYyaeIhGBBARAgAGBQI6ziMsAAoJEOB5
-DjbKcLrc2aEAnR1WTr4J4dpFuNtvRTsEXbVcm2RlAKDoZbCBC9I+VuGCQhkK4Xe7
-8bqNL4hGBBARAgAGBQI61vgkAAoJEJeJjZL0kb0h64gAoNU2VN5G1PryITJbB49E
-xmAjcmRGAJ0crDTB0H8MiiTRPt4PaDf+sh9CnohGBBARAgAGBQI7FTOnAAoJEOTO
-X3gKLDxeqsgAnjMWBiiEToG6ATHKHZhkbFh52sTdAKCi4/cu+BYrzhNL+KHZXc8F
-bP49t4hGBBARAgAGBQI7GQwoAAoJEF4Gyczs+hnFZhYAoOMcc6W4Rg3pd+9eEtqx
-ZHlDDIoEAJ9VG0vhxw9szHap9L0bNN3awkZanIhGBBARAgAGBQI7JUB0AAoJEB3T
-gN9DaBQASVsAn28snlWv8ljqxPsS2e7xqJxzND3GAKCsObLMGdGyED2YKlu0sSa4
-E7cE+4hGBBARAgAGBQI7PonmAAoJECTQzUdmDtvZdT0AoJwx1hvhf+2pMN+e0u05
-bb0ebVfnAKDpZKStArdW8xS/idhP9R7UaHyZvYhGBBARAgAGBQI7ScU3AAoJEDec
-kqFodBLoiG0AoItVFw4742i3VVL75rHpS/iRTyXXAJ46OJxgMvJ9knQ0l4so5JiB
-otS/8IhGBBARAgAGBQI7Vf1SAAoJEFbTlPwk1QvEjPoAn21RJvXsS2r7ULpXtiKI
-cK3/+9jYAKC3qGXWrrPZmFKAksFXo3rCyzQZYYhGBBARAgAGBQI7awLUAAoJEBd4
-3VVgXTjQKI4AoKzDCRFCypusHv+HobIOrB7IIT8TAKDJ0Env5dzMRub+k88oAKje
-3AyYxYhGBBARAgAGBQI7b+zBAAoJEK6vjC0HwEYDSbYAnjD/E6PAovkpDzSAoTzW
-gmhIqOjfAJ41Nryc49NSfzwmHjHKA02eGmjvZYhGBBARAgAGBQI7eNsgAAoJEI/A
-t40JszEG65oAn3gQAikxZTrE3G4YZbyI2SfWVE9dAJ9DR1B56JLQOBjHcVub0frd
-boRnFohGBBARAgAGBQI7hEQBAAoJEFwx4sMqF2LdKY4An01JbxbW3DrWPwxoLaNc
-K8u8rgnGAKCEF+4ICy2QiFUTOjXVeevFwKaKHohGBBARAgAGBQI7kOZuAAoJEFwI
-fke31CB7qREAoJ8lDAoLcN7vtSgtx8BfwRMW2Q0qAJ9Ru/GtQglsVha+XrgC1Vzd
-B4zqT4hGBBARAgAGBQI7sbiiAAoJELBm2s/e4NveRe0An15yU2qDEyVxOCkaof5A
-J74yKDTQAJ9ZyEiwLE1gQKuabrs/bUL3yvDWP4hGBBARAgAGBQI7v1c6AAoJED/O
-KBDjNrEGu8wAn323cSQPxAIku2BOJ6Ai/T6EWuaqAJ4xOQHIAR2RQNZY9N2cHXIS
-Ehu+oIhGBBARAgAGBQI7zECMAAoJEL6VZu5GV3J0pmsAoJjHoGQYZnqA2nkkD82K
-lFm8ypDtAJ4jDyaF0RmkcfcmpjOA9LOg8rp8D4hGBBARAgAGBQI73t7LAAoJEIeo
-vXamM4UazXQAnjd2m9MQaZ8q7mVBxEpup10sFMZwAJwIJvIeB+kUppNTea6ijo0w
-pCuF8YhGBBARAgAGBQI7430SAAoJEB/tJKqSZfr7xIIAmQHbJSna96OkNqDCdSQl
-gm0TAoPUAKCByEtRAOO+3GtDu2byKOXqqQQf9IhGBBARAgAGBQI78y1IAAoJEPFm
-QMK+QtymtcIAn2rhARKRI+Ilaf+8NmfX64/NsFw+AJ9LFE0WZD7BSPmErPYKtH3q
-4nB304hGBBARAgAGBQI7/a2UAAoJEDdpZyTeGKgb45EAn3Ttnv2G66peIp6Qd0LK
-9HyHMG52AKDCEdDCDgpOp9xE9y3Qfy3XaeK2johGBBARAgAGBQI8OvrmAAoJEH0J
-HgBCHFE0amsAnjzZ1rzTcQr1X5FVcQjlkqja3y0LAKDRr652u3GCVSTU4TFj6//+
-yKrSSYhGBBARAgAGBQI8WSziAAoJEJgXkxOJvYru6ZcAn2aTbYiVEFX814lG6qaS
-K8LanQOjAKDiEB6Q6EF5ZwG9NqIKt9CxWCYzY4hGBBARAgAGBQI8XB4lAAoJEC27
-dr+t1Mkzbv0AoLd0yc8rHrSTfzvXAMtQyAKh4HuMAJwPgqYNdOXUM3hkTHipMN72
-v2MXcohGBBARAgAGBQI8fAA1AAoJEPJk0qCezPAhoGMAoNE5kpHw0fI7yu7py5vD
-+O1nYLdSAJ49Nt+hkrRCdJeiwTRhw3S434jADIhGBBARAgAGBQI8iA8eAAoJEKO8
-fk+VSKRRLTIAn0wHfcDCzH7lVwvdck1DE99ZKp3UAJ93Rnr7Ut8FiWOsgaSjEYOM
-/Wn2bohGBBARAgAGBQI8pwmAAAoJEGFhpSo9Vtc9TFMAninforCqZtGuJ1zaipXc
-9sIicMIjAJ9bsGgNfFpkIaOkhwoYcZ+m0kZkLohGBBARAgAGBQI8xSCzAAoJEOnW
-IbyLxfYrs9IAoOYpFNtlaOU4mzgA9q64FU+aRCejAJ9LpWSYdz9FQStASLILJYYH
-0cj8vohGBBARAgAGBQI8yc+PAAoJEKmGnWIe6RjWJ0QAoJ2nEZs/HYmJ9FF1jn+l
-phCnWZOaAKC2cRtAnlpSmgj2fWWtzBPAjMRulIhGBBARAgAGBQI80OgmAAoJEDFc
-jj1lbLW1N0sAmgIlqOJ3G3EE9CPIJ60xVH5+//Z9AJ9Ou9+9E+Fze6zMB7Vn7j/L
-AzsfwIhGBBARAgAGBQI84DImAAoJEEPaqJTf81JOjJkAnjo8IJSyn1RDc0C/SByu
-ZlqSRjjRAJwKxnmGh3EMe1ZVtO3ZGe50S7Tda4hGBBARAgAGBQI84PTyAAoJELoW
-FZDMNQMyLZ0AoOAdy099LVvSlHyVqjtRc3RctixdAKDyxlwDweoBvGYQpsT6iqb7
-xPpkcIhGBBARAgAGBQI86d10AAoJEGsY5C12UxliJoEAoKgP1pbGf7WFJR8q3Nyk
-HoMYoirnAJ4k4kusg6EL9nt/WBcKmzWDO2sEs4hGBBARAgAGBQI88QRCAAoJEPsP
-OnXTORgQ0a8AnRcSVlV84X56jTnSftapXggAxG/yAKCbIogHWD0SrzV0DXgjo+AE
-IuYXCohGBBARAgAGBQI88l+3AAoJEE6prRadbVuu/aUAnivV8DalPGw3QcuFmpBK
-wSwEMCY7AJ96Mb0eJVCmj/+nbtDIhXj9ihCCAohGBBARAgAGBQI89JjcAAoJENOh
-xR3NTfIFU0QAnj0YNNd5gZNHfNmIb1jai+5dgSX2AJ9bovKcoZIZxeOoFPpmlF66
-WIozL4hGBBARAgAGBQI89QC/AAoJEE6prRadbVuuw40An1sLHPZXu05p4/wqDnqN
-bECMZ9QgAJsFRiiz9IbLbtJ6JolVDGHpvLrrN4hGBBARAgAGBQI89QDzAAoJEBnb
-ZojaeNCo04YAoILQe2cG58KsPTSyIkKTg+mwkQouAJ0eCgjvNWrhPHiSRnegEsbF
-o4zsK4hGBBARAgAGBQI9H2xgAAoJEGHsr3XM5FOYekcAoMY+mIbdRh9YTGKrskfW
-QQCQ87bxAJ0ZZTr2iwukIOXW8ryk4zlD72ZWi4hGBBARAgAGBQI9bjqiAAoJEHLT
-tWP+y1FLj0kAnjGZGzl4VHxvUa+c4gD/GMrw6wgEAJ45Gy0INAp+Rh6NJbNECzjH
-OFjstIhGBBARAgAGBQI9cUfYAAoJEFwRFAeEa7Skd/AAniL6ZGAUqQGs8siu2ia0
-SnVoLBQyAJ9DrvhmP3aaZf+/GwR8Gx+Lt7uwTYhGBBARAgAGBQI9eF2CAAoJEG9K
-95D+u1J7GAkAoIVs4Kxb0R7luN6Pi+WhXNfii4QbAJ0UZLJ/ySM8ZbHnGTUNIooe
-ecnLjIhGBBARAgAGBQI9h9ZMAAoJEMR6qYKMZW0ODu4AoMMA74PG6QjDICxdsLWe
-hhuJf3VzAJ9aHtt/ld1W/DTWSjdvH6AP9g6ZeIhGBBARAgAGBQI9k3U6AAoJENBl
-k7NU+gyIiCcAnj46+kM9W4dDxs0dqNGCOXfzfXUjAJ9DWG0bLQ/tixVsWApUHTd+
-ffQM2IhGBBARAgAGBQI9p/iCAAoJECxm82ySywptILkAnikhz+yOxNJMNnj/aB9C
-h4i0fQmUAKCHRje8FE5DZSPWf+OwYcixOm+TxIhGBBARAgAGBQI9rwp0AAoJEDxV
-WkwvmGAIsxsAoJgH82l8l5GRGwXBl26AHj8ZA6zaAJ9bKL45L0jyrSRF1V5FPLxY
-twXDe4hGBBARAgAGBQI9tsipAAoJEIIYfzQ7kw7P9UAAoJ4URNsGaPSQkTSKLO9E
-rSPkRdHXAKCynlouXdSQ70FBn4j6mG5I40cnGIhGBBARAgAGBQI93wWnAAoJEE1r
-ZOIZBCWd+yoAn0IBXJN0bR73EG7dtOPB4Vf+MIqjAKDky8A5HD2DHDrED/bCDDBG
-JeS134hGBBARAgAGBQI98WVmAAoJEP4Xknlj8hRJ51kAnijQacczGC7jafSF5un6
-nRG65a7kAJ41Z8eK4JMaTNVLkkM3n1e7hh7RAohGBBARAgAGBQI+n5+UAAoJEO5p
-t4fBbO/YeOIAoJA3UYEf9kntgTFeNY8pOAnCY4ouAKDjI2BHDR3zlcNPNcaczJO1
-Uvxd64hGBBARAgAGBQI+n5/CAAoJEDBJWXZ7Y/q9XWYAniEPJv06FUNu2iZr2eON
-fn137TmAAKDQoEEKk4kZ8bYxI6HmRRbBU7hQTYhGBBARAgAGBQI+thg2AAoJEB4q
-exxFM9Jns00AoIJMwTx+2aRpo3WNCdulrRUzx/ZwAJ4waxt3zbR0M15kEF8mlB0h
-198mOYhGBDARAgAGBQI4no7wAAoJECShvswraT6/w8oAn0XLPn0F4s9wQ4pGXNPC
-m7MJ6E5zAJ9CbanRlaKAXoD1LP5bmADGkRBqfYhGBDARAgAGBQI+1KueAAoJEK4I
-uPUH3Hp+6ngAnRTP6a9ztIe15H5seESNWjlpGzBcAJ96No/FG7JY9qHg2WoJs/F4
-/KKlH4hKBBARAgAKBQI7heRSAwUBeAAKCRCNvZIahzuneBt2AKDtP0g+JAHXbWpf
-HSl8MD1TnCKKYACeL5DRtpWgKqbDYn5FvT4hWvNfIh+ITAQQEQIADAUCOiGBggUD
-A+3ogAAKCRAySnMapnzv/Wl4AKDrpmoVRbgU7mbL+ZmtsRt3VT2XMwCgtb4hCIQG
-pLYRG/j4tEkcniu3KqmITAQQEQIADAUCO96rcgUDAFMOgAAKCRDjPKcIjmJ+pPM4
-AKD2l/j2XkSV7If4J7Vr2qK2GNPw9ACgxY7FrKEHy8t8/dBJK+NBhV7n2SCITAQQ
-EQIADAUCPY6TfwWDAICXJwAKCRAAUOX6oWT9DUZMAJ0ZTxGE8x1MAEZBxwWqJqrs
-SFsyRwCeOiIx4wCHuLhprrpCHfcKUz5AEn6ITAQQEQIADAUCPbnlVQWDAFVFUQAK
-CRAZUZWL/wBnRwQSAKCAzuiSsLqv5wz/DzCpE75zZOUAdQCdHKtHbuDS1KUv2LGh
-mUxoAHlfzNOITAQQEQIADAUCPlvZdQWDAZW4NAAKCRDaU4KRKI89jrDlAJ4/d8HB
-RrGOeKp0WZe2SV3QtlB4QQCgnHAcC5ZZBgP7kUKPmMFWj6Et1waITAQQEQIADAUC
-PpHkAgWDAV+tpwAKCRDKVrvTQrehyqKmAJ9ZVoLBRYdx0k6qmvdNLPcfjCoflwCc
-DnAP7Iv3E1ZvDYjTMv8TzbprCQSITAQQEQIADAUCPtSrKgUDAeKFAAAKCRCuCLj1
-B9x6fncZAJ0YvhJJEXXd7InRv7zmbQJDNYXt9wCgwVs69iDWOZd7w+HCx1ATOxe7
-5BCITAQREQIADAUCPhC4NwWDAeDZcgAKCRByG62+aRFQJHOfAKCdS0+8OHL25Q3F
-fVubvmgWNWFjIwCg317DNzRpf4Q9+47MI5G2dqXpTeaITAQSEQIADAUCPXN9XgWD
-AJutSAAKCRBNj+1jRDFgA2QCAJ47vI/6RoVP8Ft1FBEg9BoufYjTHACgq2xCtE+t
-517ScNWOaLEuLTFrG1OITAQSEQIADAUCPcHdAAWDAE1NpgAKCRD7uVmij+pODRne
-AJsFZABV8zGyfY2tqiF7hFvNqJSDawCfXd0TaLK3f6w1ZLSUXubjqv+4FfyITAQS
-EQIADAUCPiXheAWDAcuwMQAKCRDk5U0RmgzamXdiAJ9FrLzU1iosekYj4lhyD4aG
-yujd3wCeNzhz44vmT5Bf8ZH9C5NSuJfOcc2ITAQSEQIADAUCPiXi6QWDAcuuwAAK
-CRCTzKj2+Q404rd7AJ9Ga2K/WEXdoQVGCRi8UvaTJPLQfwCdFvcVVpXBmkByTUuU
-F2mKSOTzdbmITAQSEQIADAUCP2mklAWDAIftFQAKCRD9EXAI2MiHX1NTAJ9FwxVt
-4ni2lZy4X1tslTEdP/JMWgCff7VETWUoJ21ehXIyecEJ+hIQTLWITAQTEQIADAUC
-PaGNQQWDAG2dZQAKCRCL2C5vMLlLXPckAJ4vTZrQma+f2OEkDj1l2RrkfHc6IACg
-hd0OG8Kz31yfPwtRDg//FC/3XXSITAQTEQIADAUCPb6/NAWDAFBrcgAKCRAJHm/E
-FCxT9N4hAJ9w972dsHdayzDxXM2PgSiuLibQ2QCeKp/SJztgiHxIb5fLWBfkJW5Y
-GqGITAQTEQIADAUCPdEXBAWDAD4TogAKCRBFaHG18acrUoTiAJ9O2kYrMui5yUwd
-AS942rjUN3UScgCfeE3ZFp8sMlAPm56JKeXYy8+1tfCITAQTEQIADAUCPdpsbwWD
-ADS+NwAKCRD7jyVk9dpr49bLAKDo1adhDf4/NoSC8vdnniAV9ZvpZwCgh9pv0BD7
-gObIIocl1WS2dEiHKIOJAHUDBTA4ny05OyKrYzxvKPEBAYDhAwCRGhZyddRiZTKU
-iJMU+JFNQ6VyRnPsOb4V/MY6o05ZGwktQHq8jNhRs/8Dyg4x7Rve2G6bZnooK8eW
-WfTv8KferE2KSoipPd2EcszzrSeBoWoTEePCwbumJx6aSZ8QsoOI3gQQFAMABgUC
-PnNvCAAKCRD/YM2ca4P1c1V3Av9ahxx12+OfQS3/1LcSvkbw7m8VF1z4/L1SxJNd
-xIUeKSdJabPMokhfrIbdTpGKS2HxL8P0OxY4EcyfI1P2nYEM5mCOTIUTkIRXOJFL
-r7uqH2fwt1H+XzDnqb8zK/vjDFkDAKveP0k1IUTXXsCZb98qKJWWQiTSwOuVPaTK
-go0YD0Of40nHTudnGYtckRFHvHw9ZWxxjazy7MOJwKwUum3NK5j+QIm071E1+yeU
-De3Pl4m6VrYyG4EB/Cn+rZYFcqLFR4kBFQMFEDbWahiOXwMHK6ndaQEBnS0H/2/m
-Q4p2HuvANo8cUvG8bt+WwPxc68wz8sfS4DGyZR5tdjAhFYPOJmoOYUemfNO3kszu
-fJo8mOCB9IKaUsq3HlmAiBcz0PtavA9GBxeDdIdu4ptdN6JJBE/yCgx4AOVAV36x
-fyXjSbAoX2SVBdHv/TYJP4szkD8qdcziapDVyMUuILCHHYb5GzHg8QNMOgEvdbow
-T+nEjOfQ0m6Gn2gNW8q5aYq3Ao9ZIdGPwJHno4HF5kb6w8rdTJIz9kR0QvSIRm+B
-hHCl/+3y+dLz8uL8zql6boWfAtqVDC/+8wUVC8GIcmpEnVXGx0dUMxtqnUs7sDZA
-aCE+R4OcA3iPIKypdW2JARUDBRA32QNkTcMRMTj+5sMBAcoRB/9s20z4l7mn39Nl
-4+0KkiMI6NDuO7IMTR27lDCQe6bw9KvIP0/o19LsegotepuNmjlI6dueBt90Teu/
-QXY4hxuOwzq4nE73S6vblraoPoq0KLCXp/ntKSLBU35o9cwNRvK62wA6lQhM+EqY
-mwywecFw4VXamkd7ALXiAGbYtcaE4hXNdiq2q5C5/gWllLbwW4vd27A/skkxP5CH
-nghi1vSBB6JPHYndUDFlzTNlbs0nSkqMWoriTpLmdgLotBwHRMnGOX4TqiKOAf67
-cRqXQVwQQsTYvlUWqtAlp9dwYiCNgbzTpgp/O/UfPajMbo9dF90Z0UCB4I+JoP1+
-854uvOBTiQFfAwUQNaIeQwNvEbj/PqoLEANjMgUdHoj1KL2DM9A1FwWzbOetOnml
-XkyTp/VqpGBnEvcTipRnfF49CHACjd9LLeQLAuYUaq/Nq61IwefwrlXW75PkJIeo
-sVgqqPkUa24H/HCgoNcfpQ4/T6Xkg/wfVFOOZ7cWGpqF5z7M8bc1Pnu9zZG7a3o+
-a4DCvLYEy5IUwGzvDNeTILcNsjngxX4go+Mcw5GK8ry4jyOadr2F01XIGJ8KTUZz
-GQcFIIW9TzEl4+wD9D//MJ6W+uesiIx9jgJBOYrOR70xLNsBlAhF12CsYCyJfW0T
-xndgx3yUOm66MctUR1Zmjqzng4m7Kceu0UU5t1qm7S4itP50RdIBIxRsS40Isvdo
-KesS0YkLDEHZM9C8IK9HYErOiXowZbED6eZ115CJvav4Zegpct2cdymwCMDuWReT
-cgXInswsUrq4OuMZsYmzYUpJ25SNL8hviQGcBBABAwAGBQI+pMTzAAoJECvQVSqb
-AePAAS8L+gNgrZp/r7mrZd6bUAsSpCL5FyfYhrQ9ZW7YjN+b8JKRsD7TRbxx6u19
-Ho3A0uSzXUfYeq2nj6rCG9UiI0r6fHRGrIonngq6TtjN+fhn3meGufDgbcweOsZW
-pyKcDB2oPiZdYBeMJMW/I8/yRoqOfQ/YiKDmFl1hUmSVAMuzzsXxmOaI0zbmph7+
-sSNhTm/bI+98YdRdppkWvT/m5sTtvBHOsG6n7HYT8d88bsZsPjWPqMTSKym4OW63
-pK+jV6tooQKGZ2CsPrTMG5jlNoH2YD7G+V/caMeoZiYimKvwTng9YtmbyCSOGxAq
-HhEjXGjxrRJW4TWcVjjgfHq6AuL7/019hNkrnHVoGmb4C9MZFuimszCC1k27yKzV
-NczOUDm/aAiZU5u19ZXShEgYfo+QgLdChUitzBfYS3GWmoG0YWjB8wFrJW0sBZHM
-efJ+j7aAcIxHd2/GqE/PaHDRysTdvtKzqEJQSs93o+/NbVFMEAEupcPjoIZJJlHe
-appx8Yehi4kCIgQQAQIADAUCPfGs5gUDAgIpAAAKCRDnOTJpHFO3NcpTD/96V7Vd
-NkUzrYz6N2ScclZ5euCb891NGgqBwE2R0/lj2MQIoWIjZ6DxgFu+kRfxOfPQkanG
-FR905abzQTbsK3KFJ3LIjrtl+MYpJ0tlHFcQXU2TBPPbN4aksfmldTvSmF8e3WMe
-OREDpYGcBetIJ0l/wB+sgD/j5KbLR0IRL9ZYV0g8p4/iCzEAY/EJEs6L4dv5xMIw
-w3bIOIgkuawm0dTNebOVSIqkzEd1H19NFUIgB4tzoZm8DIFSHpMQ6SkJaWMOLSw6
-v/zJzPhEaRWIn6vbfPBl68FNy2WVosYZ0Cw8Gg0T1W4n2zpY6vkujTm7AlbQknm6
-qGcVdqfJ2Xf3p2Mvf/pQVO/sHDFusydvnGthvA9Qu1BNIDAl3GtMptTSOh+dOzJV
-pCTGMQuk3Ugn51RICishdrj0uMFovHKc8zEbbfOqbWBw4M3iNDDZsWgzPUdy3YUT
-7O1v7onHMzeXIj76esPvnuz68Jm/86dNwy7j0n1n2FuUbuS7ySPJcXuCXhrmnLZU
-KyS3gOtZNS/lRNg+NUkrPOfT3Kk6Z8Y4IqVmMSs7navvCyvRH5SKV5qLiZjxD0Hx
-m4RWZArBx/8q+UDzeblMnZp8US1NzoaZ4T0TrB9eZqj8Z6qY5Dve0ZqXZ3YZcydk
-3d54LbLiIuYcU8E7lf0ZEPbGdCcP9R+AdHUfxYhiBBMRAgAiBQI+ByOpAhsDBQkK
-T3OLBAsHAwIDFQIDAxYCAQIeAQIXgAAKCRBot6uJV1SNzYxsAJ4rb1r863a43/mP
-DDcPiR+8yg4lSACgiCcqI1R3pYnImfAzFNg8XdC2mWCYjgRDt/rHAQQA0JkZeitc
-yQMqk2xGd/5mGoc4+YNwQo8OSmVwIvY8UAI3tBorhF6ha9niaqZU4vdldTnXMU0j
-1oPckAhOgRPaOvaEZhYUTF0F/15piAF5dkZQ6dsmXVUkPNYMZTpkc2nA+IACBiOm
-ygGBkLFuXvHRW1i6SNz28iRH/UZcYLi/2iEAIIFWUJm0Jldlcm5lciBLb2NoIChk
-aXN0IHNpZykgPGRkOWpuQGdudS5vcmc+iLwEEwECACYFAkO3+sgCGwMFCQWjmoAG
-CwkIBwMCBBUCCAMEFgIDAQIeAQIXgAAKCRBTtiDQHODGMHmjBACHQw7SS5DuEzoA
-qPxgrhtEZqkcGZ4ieJp6v1jq/BeASt8NRyLsFRBPFegUVOAocfMHPf1vN5K3JCBO
-bmmUZo4QlwlrIivTsNp4G1wL90yhVQmzDJsowW0/t9TPTk9EqMKG/GtbOF79ifoE
-CY8X7pjFCjZb3yvOrRMdLnAomNeYfIhGBBARAgAGBQJDuBFDAAoJEF3iSZZbA1ii
-keYAn3YojYxnY/f5jGq4lOHJ7kpmj0CJAJ4/s1vX/WdjNCtq/oJXRAthMNsk5Yi8
-BBMBAgAmAhsDBgsJCAcDAgQVAggDBBYCAwECHgECF4AFAk0tjLcFCQpUTmEACgkQ
-U7Yg0BzgxjDweAP9FNQyUfS25FrgbPCqOiiaCizFSOomDSQYQLZt3cVnlMQNenmA
-1lv2/S5OSp47UlrhjnqmuzArF55Mh5DvPChPSHDN5hZ4XxTdqmoHf50XIZfTD7HT
-oH/7oO4+9gJb9lfLNvEddB0438Mknv6Jl1sCt6p/KLujeyA/hMAle4tntruIRQQS
-EQIABgUCSbck/AAKCRB6g68zSpHCI7xEAJd68iLV4rDbwr0chJq+lySiY6nDAJ4v
-4mEy03yfuszGh7qUpD+7WRVh6YhGBBARAgAGBQJEEKI8AAoJEOrUtZD2iZvAcC0A
-nR48vuK105OUB/gljGVRWOwKKDDxAJ4lFTTZucNu9zDFI9QLLFAF5XRsr4hGBBAR
-AgAGBQJEGaT+AAoJENy+GP+gNVO89E0An14m/XCFrqbUabJ/gtDJu8KsZpgaAJ0d
-b8RXlb1kB4ElbOwDCdStZ5J6kIhGBBARAgAGBQJEMRhDAAoJEPp0OhEyNeweuR0A
-nAkrWld9wA/ornprKNsvEDU98F6AAJ98eu1rKJicBf8D/VXfXwVM4ejINohGBBAR
-AgAGBQJEXAlfAAoJEIvYLm8wuUtcDxIAn3U5i6FhiXf+pZYJD8lJUpf70fVvAJ9A
-EjuX11LMdK2RM4CxCGwDFCMsmYhGBBARAgAGBQJEtdrdAAoJEN02qG8eES5CrGsA
-n2NhSBWOKu83V/5LlgGPgY6WNFzoAJ9neioWg6833jJJQRT9x8SodZGDSYhGBBAR
-AgAGBQJE2X9FAAoJEPND4G7iyk1N5GwAn2b994OPe/zIQ8cLQbrO+pPPQwxOAJ9G
-n8oj2AYA3WNcQXBrtXChD+vZqohGBBARAgAGBQJE5IT9AAoJEHoukft4hdr8VucA
-n0lJESihyGWpXXXEQt13Yt7yYtPkAJ9pbWxehQOfiKiz7ZjUAPsdNW2rnohGBBAR
-AgAGBQJFYsVaAAoJEGoH/3a3ETQqbOsAn04S64jLlb6c/OorO8TOBIhhJhwyAJsE
-b9J9pppvckGGqqjN9oX/kwlx4YhGBBARAgAGBQJGC/OtAAoJEEHjLoH+PeyjXs8A
-n1+Tpm7p7875jYBg+euVl8jXGoWPAKCFfZFv5XvROY+3AU5QRJz1Mri6O4hGBBAR
-AgAGBQJGLCLHAAoJEDh20JkvJmXHHrYAn0WdONAvJ33Vgah2tun0EYInndl4AJ97
-Smy5BOYw6fa4Iaiio1uMf/y7pohGBBARAgAGBQJGR4/QAAoJEHPedZ04FvgejGsA
-njxdist7NM0yvl34ODmFOZnb1JNIAJ0SLeAVvSjC/1Hg3YjfhhAO6YFTBYhGBBAR
-AgAGBQJGY7zgAAoJENvFfNTA3tE+Qz0AnRk2uQXo/haP+lqqj1UwX/Nq+QmnAJ4l
-MbMXNAmAeOb7DonUKG3iJdvX74hGBBARAgAGBQJGxxVzAAoJEMGwkYNMNfLxOgkA
-n028vHcViImyBNrQV6Lr3saZVpjWAKC+DKL+Odj9L7vYdRCQY451xr3XBohGBBAR
-AgAGBQJG2etnAAoJEER/ubp4xB4W/UAAoMjNt1n+YeyFhU7SaPKoImoaww9zAKCS
-yg8Q/cB3NaCTtBjq4wBblCfyIYhGBBARAgAGBQJHOPrjAAoJENN5RIu0G9UYdQIA
-oMLmfR0YLdnMMBsytZDOe8VLPq0OAJ0baIPok8oocBF21YQQ8rQW2q4Lx4hGBBAR
-AgAGBQJHa/uEAAoJEPMtmeh4XZf/DJcAnRfuW7vdokyFZB+nhwzrogmTs128AKCV
-ZEqkkTzAvNyBWs3UJDJqUK9J4IhGBBARAgAGBQJHyuhpAAoJEC+V5jcsCHwE6zAA
-oLpvjpJ+rSbFL9WBBj1BxpE8PTG8AJwKeejDAhB2mF09t7xl9l9XWmi0SIhGBBAR
-AgAGBQJIiJr+AAoJEK4ssXKaMdD8wesAoITzObAud95RT1iNZWLYs770NoPaAJ4q
-KZ7c7xYgYZWgW37tRcuAQCbbPohGBBARAgAGBQJJfD8aAAoJELRKND+o8jtmELoA
-n0DlIk3p0MmvaIpc1td4kF1sR2iBAJ4yNeitHdiZqza2D4ofU2iKdpkpD4hGBBAR
-AgAGBQJJ29KFAAoJEHpypWRbAALMC3MAoIVYRfr4iEbUUlrFlk0vfj/68XqEAJ45
-XKKQScBkUVlMJFXmFqQDwBw+MohGBBARAgAGBQJLFlXeAAoJEKvqaIabeVg7g5oA
-oK5NVBbYglaAvS5tGD+8Z1pVTyiIAJ9j4M8IhJO1BXpv/LJAjRVOnBphNYhGBBAR
-AgAGBQJLFpRrAAoJEJ5qTepyp8YIh7wAoJFnxenv1Uh1bkbgFgtIFA03qFagAJ4g
-hqPcEKRixnUVKEymhc997ie89IhGBBIRAgAGBQJEbLVvAAoJEHLf4d6IeHGY9b8A
-n3znJne6eSRQNb7SqMiSo1IAhTKAAKC3K/XvWIbliV9VkLxoKRMUPYBd4IhGBBIR
-AgAGBQJEnt1gAAoJEN2HT5zCsdXjEA8AoIAY+tW7eYMsv+ZbK849mS5BlSuaAKCp
-qtbbGoUi3YsqG6FoQqTjSA0hrYhGBBIRAgAGBQJKHn/QAAoJEEVlvxDJOREPbCUA
-oJUCHfSsOdcV9BB1Zx/lL8FRw/4qAJ47OdWpJh76UAW5ZDlZOfCxYiFzDohGBBMR
-AgAGBQJHfTl8AAoJEPbbjicERYS1jXQAmgOdd34SpnEyr3OPZ+FFqKvkYAePAJsF
-QlldKLe6BewWPGAUHftHxFNgGohGBBMRAgAGBQJLEcUmAAoJEKvqaIabeVg7O0oA
-nA9TnICzrJrYis3NLKpG6X1BSsWTAJ0boP7V4z1wsQq3/F7rI3evdG3swohKBBAR
-AgAKBQJIIvEmAwUBPAAKCRCEaROH9mEvTsbgAKCQQ8RE/XyO04KTqatHLQWY7q1a
-uQCfZ8bel9qoAUytMddC0gkL6RMphaKITAQQEQIADAUCRBdRSQWDBURD/gAKCRBp
-CnQ6XgPXFtw1AKCuaU6wFrCRBSaRNPhxECSbzB7laACggaDhWabhi/lY1nwiuerM
-K0oeTTSITAQQEQIADAUCRpIwLAWDAsllGwAKCRCsiUn+i1aPamfWAKCuICjDGwQP
-Eg01nUmcBJEId9KFDACgjlP9jCriwgkDyimOSSsUJO2GfIiITAQQEQIADAUCRpQV
-aAWDAsd/3wAKCRDNoCSovv1covz0AJkBXVQ4MO0miIt3THZrVo0Em/nWJwCdGbHq
-eo99qbMKAbFogLrnYE31EDaIcgQwEQIAMgUCROsRFCsdAFNpZ25lZCBrZXkgd2l0
-aG91dCBpbi1wZXJzb24gdmVyaWZpY2F0aW9uAAoJEHoukft4hdr87ksAn1gSW+at
-u5/MyQO9t4sPLsqFAshPAJ97JjH8nyxc5xy0b4hD+c2d2dNwy4i8BBMBAgAmAhsD
-BgsJCAcDAgQVAggDBBYCAwECHgECF4AFAklnOV8FCQeFMi0ACgkQU7Yg0BzgxjDr
-pAQApSWcftx5Qbf/yPzf/0FE43Qvsl84XA/H1SRyDF+JQSk3l0Om77QGQvNf8XYU
-G3u+p5FvDFQEkjOcYcRn4xJUygfnqACd6lyYNU5pvnngsCmCLogwvPSeLPUBKtap
-k6jDtAXpaCfllW5D8HOUfrE+bLAS1Dvfy6A6Hkhofe2z8zmJARwEEAECAAYFAkSF
-/hUACgkQJklzsP0Eoya7PQgAiaW0PO4syCYLMOv6z+ou6Zmt9XYw+okm4zr4Lc7x
-zcNY+qpwjwZ2lcoIXEGVOI6buFcQOU+qYmQ5JFbH8jtBaBY76aUCPQQmKJzGIyJV
-iy9K310Q9b39rjCm+YLWbNG1qbqX4aJSCJLCF5C6G9IzQRGhtEWMJ3nr3nsRXkyp
-NNg40tt9f87wjQo0yd4hQ5VRFPMEH7THCTW+iFH9b9//ZkK7Cdx6poCfWmZE8AYY
-hbVOv1czF8JsRfnt1mS1YSEx95PhmV40nBqK6lzfH5hUVSVs8uaGiXkvvRMAPJJQ
-eZ/LAmoa0VjV3dGLIXSnmpGmivm3al+UFsak7kmBr+vSD4kBHAQQAQIABgUCSFT7
-LQAKCRAi/Cu2xWn//mt6CACpEPXUi6ylZNt70Xe8nN0/aHFtAP6Y8Hcd9hWiFThr
-2xW2jI1Slrc0TMgt93RdVtyVMM3kj9C0zjMo7UaJhRTAz0myFDnApTuQS/XFTJUP
-M4rdiUx6zwq20Xlm+06093JBdcPp6N7mjstspJVwchdTqf1Ny7m4loC+rro152n7
-ACycLUDnC6cD/od2qBGYaiB25Sylz/8k80SZ/9Y9sBqMqi//BGId+HnhPrYc9ny8
-S4b2K/UguASOGxrrK148TpwqVpKDvzPaKobHnE7BGhU3LDtYt1U1U1qyfVWktuq6
-6pnzuSq4bSc0oqPhWEOd/NMNDMXiwLmHeonJARoEfgKKiQEcBBIBAgAGBQJIYSe6
-AAoJEIISGkVDGUEO7u4H/25Gp9ysKV3Ub2/JocPgydmD+AVD0YGHwGoLqz6tc1Mb
-6QNB7ovyihL+D3drhz0XOhWeosZUIY8qftEfeo16nzxqIgSpTJYI+kRosRm+9xc+
-V+M9JAcALWHl/aymyF/KoiNQvJwlwnLJixs+f0p5ZaCBEbSGEI1G2lq6omJYNYrr
-V9KhLx0LUdUCsemcV+vMR+lGoXeBdZRRCAIZuu0EAB+7vdxcEcDSMOYzdnUtHWl0
-mkgfG4uVdQqqTOLxn8Isz3MhDGYkFV1auAlxlV75eMhNi0YJ6DUnzFzyJ4YlugM+
-hX3HMWQh2OvUSxkweFBQ7J7hAOsgwyjPtZ1HwOdGJu2JAhwEEAEKAAYFAksgE8QA
-CgkQIa6nCWeyIM5UzBAAyQNUkUjjxrSu4EYacRGI+1vPb+Q6HJDaQct6xrujMAzJ
-4Jt7CvtkFKGmgx/DlqiEE5c8rJjsZ0QUPWCWlOvamr3p9UpBHgUuuN0OXx9y8mge
-kj3D/Ch6dv2VUezqKDDEMsdSoEfj886pjHhWpEoV2W5P+ihF1FmRcEbKbZb3gs3y
-s66PxjqafNXjTVc4U1hGB9jc1SnomvmsE3ps6T3yJQVpLha9SPxs6Bxa5RWIR4Os
-LKfAI39uh5ikv/tSokz2GQj0hE6JrYY+46oyJWP2SfTzxlGjUtGSyP8DtZghUPuh
-AidSl0p0SHATjWnXjTEMMO1DuytF7mnxQxlocm4/gGdC+yLeg2QqQLwKq7i/L/pu
-GRWlYyV3yNG5odxHEURr4FpFulUmjsEoo4FPZA8OeSfmXJBKna7c4OIm0WxljDme
-84VpLS6LdPhu+xnqU77LuOO4x+5Y2lToZfqZHabOdFNY1TDQmlN+CLyZg/AE3g+t
-zOFE65tRPgUzQO6lFXws3/vv3OyyK/BxBZs9L3xw46A4tMlkbNpdlqQ0xLzD+a0f
-M2zxzU81YSRw1lsQnT5sdQUWaqenvVgmh3DKmaBxFu2K84SiETa5OoLI7CdW3kcW
-QVJhahKwN6zrjU+cTGARB24T2/jT66EtLegWka3+wF6gmixHLc2L783KPj2u45iJ
-AhwEEgECAAYFAkSUEEkACgkQ2MIKCVokV8864A//Y8RQB8EOcV6bYBnz8c0rARfb
-5M+kdXdmYe5LLE7uI0M+UBCNemmFvhuxQROx1hudouNnQeKAAiAjd/I7QSH+1Hgk
-IBbQjXKlK+3pxtD4+gDTdkTRxfOg+gDlFRTX9IKAPRw6c1LRoHZlAvCq1vc8A26/
-5F/FGxza3UGWdtrdLfP/KeD35jZbCKh2zPreWp7DBcYNDEUmap4w56PGqwsP/ajG
-sDKJXa3yh1bznEA7rlJYOpbFWXAhwCdP560TubXi0lLYFTWCOXa+nh5HQuS9Vkrk
-NipKTpG8RUReiu2aJgy5tRQf7D2FcDRoScn5FSQ7iZbM8RhlN/Ex/gWwMjAyapdm
-Mj1DTfxHLpJnI0+TKPT0VTsbn8uz7Zjg3jQIE2DCJqUwLuxz7HfPc3O9uM0q4LyH
-2PV8NsBd8iGXenZUPTvKdnxhBEBeDSaYN/9CaqmCcJKb2TnhYRdScvdGV+izh1X8
-mLz54LWq/aOzZXIqUWV9rIvv7Wd6KZS+L43uxhgWVBwVOeje9dLoULkuIpTgJzDg
-1wkJDDidTJpYTAZcejtI2N8+pCDlKnPDhOLFdZ07JbxlZ5OB4br/hzaGjJ2ZgbSQ
-z7q0Dl7xXRBPnLVAggN2ytfHrEA3+PdGcx2e2j9Tkm+Ykb9yPGPWtXSyNQ7SId01
-nnWq3tt3+Z3bLiLYYl6JAhwEEgECAAYFAksRhi8ACgkQmZMeJdkeASx1sQ/+OUE6
-xCuZURsx9kRcJI1v04nlGq52/fwWlgi2JrXKe5dLH9HAI/CIkudJ39Dteg2cXmvo
-++DXvecit7sqoLAbeTRnDlp5yGibcEMagBDEqxEFLfgTd17K7LFC58TD0QKIATXH
-sAL4bb+DBY4IlUDIjcuXDFiU6ZLkoCnBelV+tICdoUHtg4jh1yJVYxm+AXdueHdH
-PV8aEj/5ImDk+hzg++YwHMhejDjXLGUUqplTBP1gXuewjyHv5ua6x96PMCm+zux9
-WW9Qqv6yo6rvgkCLFYaAU/vYvvmQtUBUDFEk3SEq60gBJ1iqYuXKvg4RXfx8PesU
-SMwOSMukQn9cuKwAy/hgbajyZGPignrBzub9Xl7WK6UUIt0XcLkbyDk+mPBb7Gb/
-u+NsVPSdunSv7wRfkizMZtV/SqU/eMmUK+jPrpj9rW2zJ7pze+PGGl+g149r2z7Z
-4ZKkJ2i6hb36ytF8fD4518oTYePyn1FDTzRPb0JQIZs8hkIfv4gRtm4wgGkIqaaY
-NG2ZPAm4A5tTfwRO3qiqA99PPYRb3wiUeGqALzUR/wEkVvovpsFEjr+AGQskA2u3
-3FhahyogNREyySaLKLj9WcVJ1p+zFSNdQMzylSWRSq6/Yjf283KWUJudA24BKJEn
-LG4Glyt+5XNdgvu68/Tq1fyO+L0m1EyQ5ypvT+yZAQ0ETS2LgQEIAKoa0qVf2Mj9
-6eGUF3LZzJA/pDsmjLG1obr9yQApYdiuoVNCTchR7xO4OsZPvjZcWdwb0+gwF8kN
-Q2W0g+AoWfwT21hCoA6WlIDbls5vfRwDYAOSuOCO8MAfxxn5+QhrJa05tPHCot8+
-K+MXEQz/8h1KEUVVCP5AeZdgEmCBbIQiKXwGN7spHDoHm5yzipLOnlUfgKoOv08O
-csPyUEYeTTHyOnCHhX/IQ4MkoBNjRWPTTv3cvy6oDflmLJzNS+8lIti9/tJM73jc
-azCTF0B+rFdtiJ+IraCMT/tICYH7aMXGyidQM4HUEBjmzcUqquRrFmvcEGN64Yag
-K6JJf9xdEiEAEQEAAbQWV2VybmVyIEtvY2ggKGRpc3Qgc2lnKYkBPgQTAQIAKAUC
-TS2LgQIbAwUJEN2fAgYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AACgkQJJs50k8l
-47Y+UwgAnE+0Vd/nKjM+kWNFtKRJ2OyT16u7TmyEpk4ArDdFR49NTzRJEs92DgAf
-6+SbUkxYUWnC8eWB/GqcT2unXejsv/hTA1TCofznMLC7tIfP1xfd3hRTDNw/qpA/
-gFAQf3/GWlBL15Mr1vZEzKCCrB38nybGO+hbMvwqV//CXqNcef/I/3bEb39gDzqU
-04vU3f8+GVnMu4npt0P1bOwSn/6SHdQN+OQis5xaSrC6kH53TVHhsc+7229fLxe6
-3xKiTbOS7bFWQQ6xXZNcdvC4c7YAYLmlYNfrCAITgXld4IH/Si9qjb9uTbbDVPHM
-/o8zGjqwuSZoXoPR+uEzZuXgL+5KyoicBBABAgAGBQJNLY0EAAoJEFO2INAc4MYw
-Rk8EAIuasyOnCbJW8jpfk3g2VZy1dBZj7g4PHaI70K1Qz8X3piI8WWaDCwlTPJcv
-AAtiT6yGHzdONAt+N7GiHNLU7TsMJlTLsuxv1HsdtgnVh/9BwTKRuIBbjrkJlvUE
-A4xHYdQ4MFNoAFqJ1+eGZTMm1rLPtjQopEcDH5VVLqR+ewWriFYEEBEIAAYFAk0t
-xTcACgkQ8q2FrB5Cs2crBADfd33fB14XGfyl3Dtm4cfEUfLCcYXWNaMy+ZmmggDf
-c8hyceGA2XcPThQ7N613oi+cHzO4XC8o1tooDrkBDQRNLYuBAQgAofC5yBtpGPRX
-se3QWczpGZurBnsgVXaVH5g3WCRlpZFEJomg8RkUqGE8QFfVsNXCv+JM9o88S2mL
-uhCgeTrnJ4uuG06Zdek1WRX/lZCMAkitaf4lDfP9l6PEdQuHMqwaDkULqlFhwTLN
-Fce2/gE72QEgo1WKtmMSRAbgGcitCCXp7ZgVrjsY0ypxAfucl3AbVwZA5k4gNBAz
-jWAHPChKtK0wDoOMeS6QV6Ap9xJtIsCsG1g0DBPCZbtGo4wQnCWjT41jHZifvnHr
-ptjB2Ww/QUs6B7P878jGg9HFevSXh766Pp0Ueq8GLTh3Homw+ZcTJ4DIuIJZKHtH
-Cry4iEFQFQARAQABiQElBBgBAgAPBQJNLYuBAhsgBQkQ3Z8CAAoJECSbOdJPJeO2
-uxIIAJE2B8aQPQ6o6LBijX/4rJaetAu6xW9Jg7DyE3rqB5TcE7yJDQqjL6bRApjW
-RaNofB7CmDxl5tjgTawds0gL1KnKLLPb2wAnaKe9/j/gx6lOCnE2LDj5ebKQKQ3U
-B9WG8xNBczNFs7lnBG0+mOwyvWPm9fWzpTf9HFIAi2kCQK7UYZNM4fSvXY5yFz+6
-b5AYDI7pZSP8iJnUxfu2hdbRIKjwNKXzPlDsqYlYXpNAsrUuS7hshUbUe7CjX/RY
-dza8Jp3kHEeOCjLxOwotOa9hBla2eNa9AZXZQ4AFhZxpy61ldBDY88IhjsuWm5L/
-jkJdZtPlj6bFjfLt1vPhoX7y7IKInAQQAQIABgUCTS2NBAAKCRBTtiDQHODGMEZP
-BACLmrMjpwmyVvI6X5N4NlWctXQWY+4ODx2iO9CtUM/F96YiPFlmgwsJUzyXLwAL
-Yk+shh83TjQLfjexohzS1O07DCZUy7Lsb9R7HbYJ1Yf/QcEykbiAW465CZb1BAOM
-R2HUODBTaABaidfnhmUzJtayz7Y0KKRHAx+VVS6kfnsFqw==
-=CxwV
------END PGP PUBLIC KEY BLOCK-----
-
-
-
-
- CC-BY-SA 3.0
- These web pages are - Copyright 1998--2014 The GnuPG Project¹ - and licensed under a - Creative Commons Attribution-ShareAlike 3.0 Unported License. See - copying for details. -
-
- - +mQENBE0ti4EBCACqGtKlX9jI/enhlBdy2cyQP6Q7JoyxtaG6/ckAKWHYrqFTQk3I +Ue8TuDrGT742XFncG9PoMBfJDUNltIPgKFn8E9tYQqAOlpSA25bOb30cA2ADkrjg +jvDAH8cZ+fkIayWtObTxwqLfPivjFxEM//IdShFFVQj+QHmXYBJggWyEIil8Bje7 +KRw6B5ucs4qSzp5VH4CqDr9PDnLD8lBGHk0x8jpwh4V/yEODJKATY0Vj00793L8u +qA35ZiyczUvvJSLYvf7STO943GswkxdAfqxXbYifiK2gjE/7SAmB+2jFxsonUDOB +1BAY5s3FKqrkaxZr3BBjeuGGoCuiSX/cXRIhABEBAAG0Fldlcm5lciBLb2NoIChk +aXN0IHNpZymJAT4EEwECACgFAk0ti4ECGwMFCRDdnwIGCwkIBwMCBhUIAgkKCwQW +AgMBAh4BAheAAAoJECSbOdJPJeO2PlMIAJxPtFXf5yozPpFjRbSkSdjsk9eru05s +hKZOAKw3RUePTU80SRLPdg4AH+vkm1JMWFFpwvHlgfxqnE9rp13o7L/4UwNUwqH8 +5zCwu7SHz9cX3d4UUwzcP6qQP4BQEH9/xlpQS9eTK9b2RMyggqwd/J8mxjvoWzL8 +Klf/wl6jXHn/yP92xG9/YA86lNOL1N3/PhlZzLuJ6bdD9WzsEp/+kh3UDfjkIrOc +WkqwupB+d01R4bHPu9tvXy8Xut8Sok2zku2xVkEOsV2TXHbwuHO2AGC5pWDX6wgC +E4F5XeCB/0ovao2/bk22w1TxzP6PMxo6sLkmaF6D0frhM2bl4C/uSsqInAQQAQIA +BgUCTS2NBAAKCRBTtiDQHODGMEZPBACLmrMjpwmyVvI6X5N4NlWctXQWY+4ODx2i +O9CtUM/F96YiPFlmgwsJUzyXLwALYk+shh83TjQLfjexohzS1O07DCZUy7Lsb9R7 +HbYJ1Yf/QcEykbiAW465CZb1BAOMR2HUODBTaABaidfnhmUzJtayz7Y0KKRHAx+V +VS6kfnsFq5kBDQRUUF8HAQgAh1mo8r+kVWVTNsNlyurm2tdZKiQbdeVgpBgcDnqI +3fAV58C3nC8DVuK5qVGZPB/jbu42jc8BXGP1l6UP+515LQL5GpTtV0pRWUO02WOu +TLZBVQcq53vzbg1xVo31rWV96mqGAPs8lGUCm09fpuiVKQojO6/Ihkg7/bnzeSbc +X5Xk9eKLhyB7tnakuYJeRYm4bjs+YDApK8IFQyevYF8pjTcbLTSNJPW9WLCsozsy +11r4xdfRcTWjARVz5VzTnQ+Px8YtsnjQ3qwNJBpsqMLCdDN7YGhh/mlwPjgdq/UF +f5+bY6f3ew0vshBqInBQycBSmYyoX0Ye3sAS/OR4nu5ZaQARAQABtD5EYXZpZCBT +aGF3IChHbnVQRyBSZWxlYXNlIFNpZ25pbmcgS2V5KSA8ZHNoYXdAamFiYmVyd29j +a3kuY29tPokBPgQTAQIAKAUCVFBfBwIbAwUJCbp27gYLCQgHAwIGFQgCCQoLBBYC +AwECHgECF4AACgkQBDdvPuCFaVmIoQf+POxCWkCTicRVlq0kust/iwYO1egK9FWG +130e2Irnv2lAZZN/0S5ibjHCYFp9gfMgmtVTF5oWXjSDAy/kIykQBBcUVx4SCJbd +MtKSdsSIQMz6P4DxXumxQm79msOsbi5TsdtUwjqdrbu2sHloE7ck/hTXUCkX3zuq +txY7W23BCQxVVT5qUaFuAHkkQaaBgAb8gdgixmkIBfu9u8k3k9zUKm/PNfMjxClv +ORkP8gev+XyzNgcXM49h5YYlmDT+Ahv99nUM1wg8yJTjefBAY0fL982Scx30nDQO +3w7ihALUoj5+TXQjhs3sWPJ8u3pstr9XcfzEZC77/CZmRYNr8g5hBokBHAQQAQgA +BgUCVFOBbwAKCRAkmznSTyXjtmHeB/0X00v959Oyc0EsSLOlfC52qsEn5cU7vxFb ++KY9aKtG4+hApJxemkqpCgA5+xZwXp3SQOf0sYFwz5OsukIjRF0HgSEdjoMTH6b7 +lT0nCwKo8AMU0nJbopVIJikHOzk2gUqh1gxu5iml1RbSkmFhiGjYeqM+ONQynCeX +Gg3LLZCQ1eeoaX69bvbWQFDtTIn2HYvjZLjuGC6PGH/naZ7GchiiiK0bs4UOdJFX +HtITC/7DcgEiHMHOMT3XlwINTexZG0grl2LuWuyyhurJh5IO6geArPKUmR8SjJjV +azpwbutZhYjTzfUpPvKK8kCSan9Df5eeekDrKCU8x8aqLDVyoQcRmQENBFRQOyMB +CADmEHA30Xc6op/72ZcJdQMriVvnAyN22L3rEbTiACfvBajs6fpzme2uJlC5F1Hk +Ydx3DvdcLoIV6Ed6j95JViJaoE0EB8T1TNuQRL5xj7jAPOpVpyqErF3vReYdCDIr +umlEb8zCQvVTICsIYYAo3oxX/Z/M7ogZDDeOe1G57f/Y8YacZqKw0AqW+20dZn3W +7Lgpjl8EzX25AKBl3Hi/z+s/T7JCqxZPAlQq/KbHkYh81oIm+AX6/5o+vCynEEx/ +2OkdeoNeeHgujwL8axAwPoYKVV9COy+/NQcofZ6gvig1+S75RrkG4AdiL64C7OpX +1N2kX08KlAzI9+65lyUw8t0zABEBAAG0Mk5JSUJFIFl1dGFrYSAoR251UEcgUmVs +ZWFzZSBLZXkpIDxnbmlpYmVAZnNpai5vcmc+iQE8BBMBCAAmBQJUUDsjAhsDBQkD +wmcABQsHCAkDBBUICQoFFgIDAQACHgECF4AACgkQIHGwijO9PwZ1/wgA0LKal1wF +Za8FPUonc2GzwE9YhkZiJB8KA/a7T6//cW4N46/GswiqZJxN1RdKs1B+rp7EMMU3 +bhoXstLBcIYveljqh4lPBWCsTT2+/OpwAmgnzjgdTHcpnCMTEOdZktD5SKrTj2tV +aWXAlWK/UsEEanA3cvzofy44n7rm+Eoa7P1YGCHL++Ihsi66ElbehilTT/xxckHX +Uji1XDvoagEENEHk5j4Z2mhWtjnGclvuiBkS4XezezNMW/fPAypZX4bkURNbGd8j +tkb3Eqt+bv+ZQoSA+Ukv8APaAzj8lRSw+CYjDxpoM0jtmiPrk+u/Do46COVA/IX2 +2aYNT2Y2KoWJV4kBHAQQAQgABgUCVFOCHQAKCRAkmznSTyXjtoIhB/0ZE/ppI2Gc +qDxSwPKkRkkoMD8oXdKkPxjUF2jgP+bceHKiz1F78cx/eZltB4av8OujO1IwqH2C +0aVr46W3eSyIcpmmw6F9sjLcTfyZJfWJrvobb7WQSKvWw0eHFgNGR6Z+BA3ohjws +aCZtzzkH2gXI+EM7qaZozMw+eSkZ4qTE9B4/hkMZZpBO0oGy9PQzSlADGftyyuTt +oSUvepfs+EvYSddQ7skXWq0zePuOhng2Mppl690A+aTywyetbPvVeqjiAbI7NB5f +8Tw7dk0Febe9NHvbwzgiStMPmIKrTcthvgIClBkZvmkBFWAPxYPdHfLzAlpDGxJt +R31c0zNFBH68mQENBFRDqVIBCAC0k8eZKDmNqdmawOlJ/m62L2g8uXT/+/vAEGb1 +yaib09xI6tfGXzbqlDwrLIZcJsSIT/nt/ajJnIVbc3137va4XbwMzsDpAMH4mmiT +oqk+izEChGm2knzrLwhoflR8aGsKL35QoZT/erdjfgPeCRLvf25fHsN2Jb0WIMzC +56VkMeFoza+9HZ5hrkemmm+gPvIvhEUopxCyOS8mK5WjB4zzIdyDJfkqVpHvafNP +0N4LIsedKdyHcj/K3kY4Kejl99GW1z1snBgPamoN2/e52Pf6KTw2FjsSGZ72oalc +rkBR4wacUizGxKcRD2Y6Xa0g9mwToWdNBQCIII+uTzOzq1EDABEBAAG0IVdlcm5l +ciBLb2NoIChSZWxlYXNlIFNpZ25pbmcgS2V5KYkBPQQTAQgAJwUCVEOpUgIbAwUJ +C6oF9QULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgAAKCRCKhhscfv1g2aH7B/wIW6mV +mTmzW2xc1q1MUdssExQBhEeONrbWJ/HiGZP/MaabgQ/+wZuThTAwfGM5zFQBOvrB +OGURhINU6lYQlcOrVo+V8Z1mNQKFWaKxJaY5Ku1bB1OuX9FHLEiMibogHu5fjJIX +BE8XrnvueejyFQ5g/uX2xcGgCWlMe49sR3K+lEl3n93xTmSNhP52r0gTjMjbqKWK +UaIGJ5OcWSrvawdfqLXkxR8phq2AlHHEfxpcZsOp9mZirWYQ5jcgGgFP0LYXUw/R +nxFpOcrj45qufmyEL9QJKjBV5RaHJbqukefwUInPQtVUmINqQxztSh5QxQP2tsUP +IeEi5RAoCwLJam8ziQEcBBABCAAGBQJUU4JUAAoJECSbOdJPJeO2c+cH+wevKc8w +bkWSoGOJiYDglVMJa4x5utgHyXP4PyqelIQ7yibfQq3YyOU9RWRGxfvuofPXpx1E +u/XtCGgw03r4HZhauauYe27IDpA5P/Go7+WqufT6gMBoZf/1cD2ykQZpFyszEKHf +Y+BlzqPJcRaXy4+uQG3O+bh/R2eIGAJDao/AclJI+kfckeY5DzRTibPex+rGAkxZ +8qHtlCb0WeUbL3mgl9f3LlbPH77w1on6XqqIaQ+ODSS/3CUOIhNI3lrGO7mIqhSC +0n+rpqLHeVLpLkz0IFvsJOp9UOHDCA8oL0cQtJGP1pN7muKR9nCVtoNuN41JapoO +4ZaHe5Y0r5MIofSYjgRDt/rHAQQA0JkZeitcyQMqk2xGd/5mGoc4+YNwQo8OSmVw +IvY8UAI3tBorhF6ha9niaqZU4vdldTnXMU0j1oPckAhOgRPaOvaEZhYUTF0F/15p +iAF5dkZQ6dsmXVUkPNYMZTpkc2nA+IACBiOmygGBkLFuXvHRW1i6SNz28iRH/UZc +YLi/2iEAIIFWUJm0Jldlcm5lciBLb2NoIChkaXN0IHNpZykgPGRkOWpuQGdudS5v +cmc+iLwEEwECACYCGwMGCwkIBwMCBBUCCAMEFgIDAQIeAQIXgAUCTS2MtwUJClRO +YQAKCRBTtiDQHODGMPB4A/0U1DJR9LbkWuBs8Ko6KJoKLMVI6iYNJBhAtm3dxWeU +xA16eYDWW/b9Lk5KnjtSWuGOeqa7MCsXnkyHkO88KE9IcM3mFnhfFN2qagd/nRch +l9MPsdOgf/ug7j72Alv2V8s28R10HTjfwySe/omXWwK3qn8ou6N7ID+EwCV7i2e2 +u5kBogQ1oh4eEQQA/pdK4Oafa1uDN7Cr5nss4bNpg8YUSg01VVJ08KTCEdpCAPaU ++NzaP3KD2ow74WU2gzP70s9uSGQ2Vie4BLvOkaaBHba/3ivBrg3ILFrxbOfmKQg8 +Fhtncd/TBOwzfkkbxBNcVJuBPRtjZ3dlDbS4IPNsIIv2SuCIfQmA8qNGvWsAoIrJ +90b2fzERCZkKtfkoyYA8fnNrBADhJ8RmIrKiCnDk3Tzk04nu6O8fp3ptrmnO7jlu +vDfsEVsYRjyMbDnbnjCGu1PeFoP2HZ+H9lp4CaQbyjWh2JlvI9UOc72V16SFkV0r +8k0euNQXHhhzXWIkfz4gwSbBkN2nO5+6cIVeKnsdyFYkQyVs+Q86/PMfjo7utyrc +WLq1CAQAou3da1JR6+KJO4gUZVh2F1NoaVCEPAvlDhNV10/hwe5mS0kTjUJ1jMl5 +6mwAFvhFFF9saW+eAnrwIOHjopbdHrPBmTJlOnNMHVLJzFlqjihwRRZQyL8iNu2m +farn9Mr28ut5BQmp0CnNEJ6hl0Cs7l2xagWFtlEK2II144vK3fG0J1dlcm5lciBL +b2NoIChnbnVwZyBzaWcpIDxkZDlqbkBnbnUub3JnPohhBBMRAgAhAheABQkOFIf9 +BQJBvGheBgsJCAcDAgMVAgMDFgIBAh4BAAoJEGi3q4lXVI3NBJMAn01313ag0tgj +rGUZtDlKYbmNIeMeAJ0UpVsjxpylBcSjsPE8MAki7Hb2Rw== +=W3eM +-----END PGP PUBLIC KEY BLOCK----- \ No newline at end of file diff --git a/gpg2.spec b/gpg2.spec index ec3a2f7..04b4bf4 100644 --- a/gpg2.spec +++ b/gpg2.spec @@ -17,11 +17,29 @@ Name: gpg2 -Version: 2.0.26 +Version: 2.1.0 Release: 0 +Summary: GnuPG 2 +License: GPL-3.0+ +Group: Productivity/Networking/Security +Url: http://www.gnupg.org/aegypten2/ +Source: ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-%{version}.tar.bz2 +Source2: ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-%{version}.tar.bz2.sig +# https://www.gnupg.org/signature_key.html +Source3: %{name}.keyring +Patch2: gnupg-2.0.4-install_tools.diff +Patch4: gnupg-2.0.9-langinfo.patch +Patch5: gnupg-2.0.18-files-are-digests.patch +Patch6: gnupg-dont-fail-with-seahorse-agent.patch +Patch8: gnupg-set_umask_before_open_outfile.patch +Patch9: gnupg-detect_FIPS_mode.patch +Patch11: gnupg-add_legacy_FIPS_mode_option.patch +Patch12: gnupg-remove_development_version_warning.patch +Patch13: gnupg-2.1.0-boo-907198-openpgp_oid_to_str-buffer-overflow.patch BuildRequires: automake >= 1.10 BuildRequires: expect BuildRequires: fdupes +BuildRequires: gnutls-devel BuildRequires: libadns-devel BuildRequires: libassuan-devel >= 2.0.0 BuildRequires: libbz2-devel @@ -33,43 +51,23 @@ BuildRequires: libgpg-error-devel >= 1.11 BuildRequires: libksba-devel >= 1.0.7 BuildRequires: libusb-devel BuildRequires: makeinfo +BuildRequires: npth-devel BuildRequires: openldap2-devel +BuildRequires: pkg-config BuildRequires: readline-devel BuildRequires: zlib-devel -%if 0%{?suse_version} >= 1120 -BuildRequires: libpth-devel >= 1.3.7 -%else -BuildRequires: pth >= 1.3.7 -%endif -Url: http://www.gnupg.org/aegypten2/ -PreReq: %install_info_prereq -Requires: dirmngr Requires: pinentry -Recommends: %name-lang = %{version} +# FIXME: use proper Requires(pre/post/preun/...) +PreReq: %{install_info_prereq} +Recommends: %{name}-lang = %{version} +Obsoletes: dirmngr < 2.1.0 +Provides: dirmngr = %{version} Provides: gnupg = %{version} Provides: gpg = 1.4.9 Provides: newpg # special feature needed for OBS signd Provides: gpg2_signd_support Obsoletes: gpg < 1.4.9 -Summary: GnuPG 2 -License: GPL-3.0+ -Group: Productivity/Networking/Security -Source: ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-%{version}.tar.bz2 -Source2: ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-%{version}.tar.bz2.sig -# https://www.gnupg.org/signature_key.html -Source3: %{name}.keyring -Patch1: gnupg-2.0.18-tmpdir.diff -Patch2: gnupg-2.0.4-install_tools.diff -Patch4: gnupg-2.0.9-langinfo.patch -Patch5: gnupg-2.0.18-files-are-digests.patch -Patch6: gnupg-dont-fail-with-seahorse-agent.patch -Patch8: gnupg-set_umask_before_open_outfile.patch -Patch9: gnupg-detect_FIPS_mode.patch -# PATCH-FIX-OPENSUSE coolo@suse.de -- automake 1.13 already includes $SHELL -Patch10: gnupg-2.0.20-automake113.diff -Patch11: gnupg-add_legacy_FIPS_mode_option.patch - BuildRoot: %{_tmppath}/%{name}-%{version}-build %description @@ -77,24 +75,25 @@ GnuPG 2 is the successor of "GnuPG" or GPG. It provides: GPGSM, gpg-agent, and a keybox library. %lang_package + %prep -%setup -q -n gnupg-%version -%patch1 -p1 +%setup -q -n gnupg-%{version} %patch2 %patch4 -p1 %patch5 -p1 %patch6 -p1 %patch8 -p1 %patch9 -p1 -%patch10 -p1 %patch11 -p1 +%patch12 -p1 +%patch13 -p1 %build autoreconf -fi # build PIEs (position independent executables) for address space randomisation: -%ifarch s390x %sparc +%ifarch s390x %{sparc} # s390x needs to use the large PIE model (at least for gpg.c): -PIE="-fPIE" +PIE="-fPIE" %else PIE="-fpie" %endif @@ -103,10 +102,10 @@ export LDFLAGS=-pie %configure \ --libexecdir=%{_libdir} \ --docdir=%{_docdir}/%{name} \ - --with-agent-pgm=%{_prefix}/bin/gpg-agent \ - --with-pinentry-pgm=%{_prefix}/bin/pinentry \ - --with-dirmngr-pgm=%{_prefix}/bin/dirmngr \ - --with-scdaemon-pgm=%{_prefix}/bin/scdaemon \ + --with-agent-pgm=%{_bindir}/gpg-agent \ + --with-pinentry-pgm=%{_bindir}/pinentry \ + --with-dirmngr-pgm=%{_bindir}/dirmngr \ + --with-scdaemon-pgm=%{_bindir}/scdaemon \ --enable-ldap \ --enable-gpgsm=yes \ --enable-gpg \ @@ -116,34 +115,33 @@ export LDFLAGS=-pie make %{?_smp_mflags} %install -%makeinstall -mkdir -p $RPM_BUILD_ROOT/etc/gnupg/ +make DESTDIR=%{buildroot} install %{?_smp_mflags} +mkdir -p %{buildroot}%{_sysconfdir}/gnupg/ # bnc#391347 -install -m 644 doc/examples/gpgconf.conf $RPM_BUILD_ROOT/etc/gnupg +install -m 644 doc/examples/gpgconf.conf %{buildroot}%{_sysconfdir}/gnupg # delete to prevent fdupes from creating cross-partition hardlink -rm -rf $RPM_BUILD_ROOT/usr/share/doc/packages/gpg2/examples/gpgconf.conf -rm $RPM_BUILD_ROOT/usr/share/info/dir +rm -rf %{buildroot}%{_docdir}/gpg2/examples/gpgconf.conf +rm %{buildroot}%{_infodir}/dir # compat symlinks -ln -sf gpg2 $RPM_BUILD_ROOT/usr/bin/gpg -ln -sf gpgv2 $RPM_BUILD_ROOT/usr/bin/gpgv -ln -sf gpg2.1 $RPM_BUILD_ROOT/usr/share/man/man1/gpg.1 -ln -sf gpgv2.1 $RPM_BUILD_ROOT/usr/share/man/man1/gpgv.1 +ln -sf gpg2 %{buildroot}%{_bindir}/gpg +ln -sf gpgv2 %{buildroot}%{_bindir}/gpgv +ln -sf gpg2.1 %{buildroot}%{_mandir}/man1/gpg.1 +ln -sf gpgv2.1 %{buildroot}%{_mandir}/man1/gpgv.1 # fix rpmlint invalid-lc-messages-dir: -rm -rf $RPM_BUILD_ROOT/%_datadir/locale/en@{bold,}quot +rm -rf %{buildroot}/%{_datadir}/locale/en@{bold,}quot # additional files to documentation directory -install -m 644 AUTHORS COPYING ChangeLog NEWS THANKS TODO doc/FAQ $RPM_BUILD_ROOT/%{_docdir}/%{name} +install -m 644 AUTHORS COPYING ChangeLog NEWS THANKS TODO doc/FAQ %{buildroot}/%{_docdir}/%{name} # install scdaemon to %{_bindir} (bnc#863645) mv %{buildroot}%{_libdir}/scdaemon %{buildroot}%{_bindir} +mv %{buildroot}%{_libdir}/dirmngr_ldap %{buildroot}%{_bindir} %find_lang gnupg2 %if 0%{?suse_version} > 1020 -%fdupes %buildroot +%fdupes %{buildroot} %endif %check %if ! 0%{?qemu_user_space_build} make check -$RPM_BUILD_ROOT/usr/bin/gpgsplit -v -p pubsplit- --uncompress